Nicolas Chaillan, chief software officer of the U.S. Air Force, shared his insights on the Department of Defense’s (DoD) Platform One and how the team supports DoD’s Enterprise DevSecOps initiative, Nextgov reported Friday. He told the publication how Platform One can help establish a DevSecOps environment on a cloud.
“These bigger teams often need specific tools, they need access to a classified cloud environment, so Platform One can instantiate a DevSecOps environment on demand and customize it to their needs, get the licenses they need, get the talent support they need,” Chaillan said.
“Instead of a program spending something like twelve and a half million and a year to build that by themselves, we can do it in a few weeks for much cheaper and benefit from the continuous [authority to operate] at the same time.”
Chaillan cited Platform One’s use of open-source technologies like Kubernetes and containers to avoid vendor lock-in and how it works to address cyber vulnerabilities.
“We have real-time access to all the bounty and hackathons and have essential teams that can update these lego blocks which are then spread across DOD, across teams, so that if there's a zero day or a new exploit in one of the containers, we can patch across DOD within a few hours,” Chaillan said.
“We can push the containers across all classification levels so in effect that gives us the ability to fix and address issues in a matter of four hours maximum. We can really react to these kinds of events with a central team instead of having 20, 50 or 100 teams do the same thing.”