Traditionally, IT organizations include development and operations teams that haven’t always held shared priorities. Developers are the creative minds behind application development, while operations is focused on standardization and control. Unfortunately, both teams are often mired in the government-required process to achieve a system's Authority to Operate (ATO). This can take weeks, months, and sometimes years, even as time to mission becomes more critical than ever.
Increasingly, agencies are turning to automation to address this challenge and speed up ATO.
Automation takes advantage of configuration as code, cloud technologies, and containerized microservices with continuous security built into every step of the system development life cycle and deployment process.
In this session, you'll learn about the tools and techniques available with Red Hat® Openshift Container Platform that can rapidly accredit your applications, including how:
- Well-known security standards like NIST 800-53 and STIG are incorporated into an Openshift system.
- To rapidly create secure applications using preconfigured platform components, base application images, and S2I images.
- Model custom DevOps processes and Jenkins pipelines can prepare systems for ATO.
- To automatically verify security and system compliance with regulatory standards using several tools from OpenSCAP, BlackDuck, SonarQube, and others.
- To automate the creation of a body of evidence using OpenControl that validates the system to auditors.
- To ensure the application remains compliant during its life cycle by checking for issues and automatically applying fixes and patches with Red Hat CloudForms and the OpenShift Container Platform's automation.
Time: 2:00 pm ET
Duration: 60 minutes
Michael Epley, solutions architect, Red Hat
Michael Epley, middleware and PaaS solutions architect with Red Hat, helps customers realize the benefits of open source innovation and security using Red Hat® JBoss® Middleware and Red Hat Openshift, a Platform-as-a-Service family of products. Prior to Red Hat, Michael was a software engineer and technical lead at Lockheed Martin and then Industrial Medium Software. He developed advanced, automated intelligence analysis and dissemination systems for various Army, Navy, DARPA, and JCS customers using open source, SOA, and JBoss technologies.