Session: DevSecOps Journey in DoD Enterprise
Today's DoD software acquisition and development is not responsive to our warfighter needs. As a result, DoD's ability to keep pace with our potential adversaries is falling behind. The only solution is that use DevSecOps as modern software development practices, processes and tools to revolutionize the Department's ability to provide responsive, timely and secure software capabilities for our warfighters. However this is not easy task to implement DevSecOps across various systems. Although lots of barriers from cultural to architecture and tooling complexity, DoD is adapting DevSecOps quickly.
About Hasan Yasar
Hasan Yasar is the Technical Director of Continuous Deployment of Capability group in the SSD Division of the Software Engineering Institute, CMU. Hasan leads an engineering group on software development processes and methodologies, specifically on DevOps and development; and cloud technologies, and big data problems while providing expertise and guidance to SEI’s clients. Hasan has more than 25 years’ experience as senior security engineer, software engineer, software architect and manager in all phases of secure software development and information modeling processes. He is specialized on secure software solutions design and development experience in the cybersecurity domain including data-driven investigation and collaborative incident management, network security assessment, automated, large-scale malware triage/analysis, medical records management, accounting, simulation systems and document management. He is also Adjunct Faculty member in CMU Heinz Collage and Institute of Software Research where he currently teaches “Software and Security” and “DevOps: Engineering for Deployment and Operations."