The Army is working with the Pentagon to build a more secure development environment for its defensive cyber tools.
The Office of the Secretary of Defense follows a methodology called DevSecOps, which ingrains security into the development process. One of the primary programs associated with the effort is U.S. Cyber Command’s Unified Platform. The Army’s Big Data Platform, essentially a hybrid cloud environment that allows for storage, computation and analytics across a variety of networked sensors, is expected to be folded into the program.
As a result, the Army began participating in the Unified Platform software factory, which puts various software containers together. Software containers are a way to replicate databases and services in various environments allowing them to be scaled on demand.
“What that will do is give us a common developmental infrastructure or an environment that we can lay metrics, we can bring multiple industry partners come in, we’ll have the exact same environment across the board that will be available inside the FORGE,” Joe Kobsar, director of applied cyber technologies within the defensive cyber operations program at PEO Enterprise Information Systems told Fifth Domain, Aug. 23.
“The ‘Sec’ part, we’re not there yet. We’re working on that. That’s why we’re jumping on board with [Unified Platform] and OSD’s program.”
Kobsar said the first step is moving their DevSecOps environment into operational network infrastructure. They are moving it into a system called the Defense Research Engineering Network. Kobsar added they are selecting all the applications and tools for containerization. The service has already containerized approximately seven of 31 tools.
This containerization reduces the need to gain continuous access to Department of Defense networks and allows for greater speed and security.
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.