Paul Burnette, vice president and director of the Software Accelerator at Leidos (NYSE: LDOS), said the federal government should work with industry and adopt the SecDevOps approach to develop and deploy “hardened, optimal code” and ensure the security of critical systems.
He wrote that SecDevOps could provide organizations the ability to rapidly field, operate and understand software in order to update and improve the tool in a secure way.
“In other words, we’re not just pushing out new software. We are refactoring and maintaining software, proactively adjusting our security posture because adversaries never stop trying to get in,” Burnett noted.
“They’re constantly evolving, and our software has to evolve and outpace those threats,” he added.
Burnette discussed Leidos’ partnership with HashiCorp and how the latter’s open-source infrastructure-as-code software tools like Terraform could help the Reston, Virginia-based technology services contractor advance the adoption of the SecDevOps approach.
“HashiCorp’s Terraform enables infrastructure creation from the ground up, and the company’s Vault gives us the ability to dynamically secure different pieces of software using secrets and keys that can only be paired together by the right people,” he noted.
Burnette added how partnerships like this enable Leidos to leverage emerging technologies and its experience in government missions to accelerate and tailor capabilities to specific missions.