Paul Burnette, vice president and director of the Software Accelerator at Leidos (NYSE: LDOS), said the federal government should collaborate with industry to develop and field “hardened, optimal code” and advance the adoption of the SecDevOps approach to protect software from potential cyberattacks.
Burnette wrote that SecDevOps provides the company the ability to rapidly deploy, operate and understand software in order to update and improve the tool in a secure way.
“In other words, we’re not just pushing out new software. We are refactoring and maintaining software, proactively adjusting our security posture because adversaries never stop trying to get in,” he added.
Burnette discussed Leidos’ partnership with HashiCorp and how the latter’s infrastructure as code software tools like Terraform help the Reston, Virginia-based technology services contractor to advance the SecDevOps approach.
“HashiCorp’s Terraform enables infrastructure creation from the ground up, and the company’s Vault gives us the ability to dynamically secure different pieces of software using secrets and keys that can only be paired together by the right people,” he noted.