SAN JOSE, Calif. – Oct. 28, 2021 – CloudBees, the enterprise software delivery company, announced today the award of a Phase II Small Business Innovative Research (SBIR) contract to work with the U.S. Air Force on application development and DevSecOps initiatives designed to accelerate the continuous delivery of secure, compliant software in support of warfighters and business systems users throughout the agency.
As the Department of Defense and civilian agencies put more applications and data in the cloud, releasing new software features and functionality with speed, security and agility is becoming increasingly critical to support the warfighter and other U.S. government priorities. President Biden’s executive order on improving the nation’s cybersecurity underscores the need “to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life. The federal government must bring to bear the full scope of its authorities and resources to protect and secure its computer systems, whether they are cloud-based, on-premises or hybrid.”
Through this contract, CloudBees will enable the deployment of a DevSecOps platform (CNCF-compliant Kubernetes stack) and continuous integration/continuous delivery (CI/CD) pipeline with continuous authority to operate (cATO), including audit ready pipelines, manual approval gates and guard rail service catalogs.
“The award of this contract is an acknowledgement by the U.S. Air Force that both weapon systems and business systems need security built in at the forefront of development and to flow continuously through to production,” said CloudBees Defense Lead, Bryan Guinn. “CloudBees will help the Air Force programs answer that need by providing a secure, repeatable DevSecOps platform that allows them to deliver new capabilities to the field faster and ensuring software supply chain integrity is constantly maintained.”
CloudBees will work with the Air Force Research Laboratory (AFRL/RWWG), WeaponONE RogueONE Cyber Assured Munitions and Business and Enterprise Systems (BES) Directorate to further build out the RogueONE DevSecOps software factory for business and weapons systems. The Phase II award will demonstrate CloudBees’ ability to enable the RogueONE DevSecOps software factory to automate software capability development, the Risk Management Framework (RMF) Assessment and Authorization (A&A) processes when developing software for the warfighter and business system users. The goal is an optimized software delivery lifecycle that leverages secure automation and enables cATO through insights and observability of the DevSecOps environments.
“The WeaponONE RogueONE team is excited to work with CloudBees to further expand our software delivery and its capabilities to our end users throughout the Air Force,” said Scott Doss, lead engineer for WeaponsONE RogueONE DevSecOps software factory.
CloudBees has been used by defense and intelligence organizations for the past decade as a component of their agile, DevOps and DevSecOps toolchains to automate capability development. CloudBees provides a hardened Docker container image which is placed in the Platform One Iron Bank, an authorized, hardened and approved container repository that supports the end to end lifecycle needed for modern software development. Teams from any DoD or civilian agency can access and simply pull the hardened Docker container image out of the Iron Bank. The solution has been engineered to minimize the use of any libraries or components that have known security vulnerabilities.
AFRL and AFWERX have partnered to streamline the Small Business Innovation Research process in an attempt to speed up the experience, broaden the pool of potential applicants and decrease bureaucratic overhead. Beginning in SBIR 18.2, and now in 20.3, the Air Force has begun offering 'Special' SBIR topics that are faster, leaner and open to a broader range of innovations.
CloudBees, the enterprise software delivery company, provides the industry’s leading DevOps technology platform. CloudBees enables developers to focus on what they do best: build great software, while providing peace of mind to management with powerful risk mitigation, compliance and governance tools. Used by many of the Fortune 100, CloudBees is helping thousands of companies harness the power of continuous everything and gets them on the fastest path from a great idea, to great software, to amazing customer experiences, to being a business that changes lives.
Backed by Matrix Partners, Lightspeed Venture Partners, Verizon Ventures, Delta-v Capital, Golub Capital and Unusual Ventures, CloudBees was founded in 2010 by former JBoss CTO Sacha Labourey and an elite team of continuous integration, continuous delivery and DevOps professionals. Follow CloudBees on Twitter, LinkedIn and Facebook.