{"id":2037633,"date":"2024-11-26T16:15:53","date_gmt":"2024-11-26T21:15:53","guid":{"rendered":"https:\/\/www.sonatype.com\/blog\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update"},"modified":"2024-11-26T16:15:53","modified_gmt":"2024-11-26T21:15:53","slug":"key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update","status":"publish","type":"post","link":"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/","title":{"rendered":"Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update"},"content":{"rendered":"<div class=\"hs-featured-image-wrapper\">\n <a href=\"https:\/\/www.sonatype.com\/blog\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\" title=\"\" class=\"hs-featured-image-link\"> <img decoding=\"async\" src=\"https:\/\/www.sonatype.com\/hubfs\/AI-Generated%20Media\/Images\/A%20clean%20and%20modern%20header%20image%20showing%20a%20secure%20software%20pipeline%20concept%20a%20digital%20representation%20of%20a%20factory%20producing%20software%20components%2C%20with%20i.jpeg\" alt=\"Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update\" class=\"hs-featured-image\" style=\"width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;\"> <\/a>\n<\/div>\n<p>As the cybersecurity landscape changes and threats evolve, the Department of Defense (DoD) has updated its <a href=\"https:\/\/dodcio.defense.gov\/Portals\/0\/Documents\/Library\/DoD%20Enterprise%20DevSecOps%20Fundamentals%20v2.5.pdf\"><span>Enterprise DevSecOps Fundamentals<\/span><\/a> to align development practices with security imperatives further. This is part of a long-term effort by the DoD to improve how software is developed, deployed, and managed across its network, including its business systems, weapons systems, embedded software, and essential command, control, and combat support systems.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/track.hubspot.com\/__ptq.gif?a=1958393&amp;k=14&amp;r=https%3A%2F%2Fwww.sonatype.com%2Fblog%2Fkey-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update&amp;bu=https%253A%252F%252Fwww.sonatype.com%252Fblog&amp;bvt=rss\" alt=\"\" width=\"1\" height=\"1\" style=\"min-height:1px!important;width:1px!important;border-width:0!important;margin-top:0!important;margin-bottom:0!important;margin-right:0!important;margin-left:0!important;padding-top:0!important;padding-bottom:0!important;padding-right:0!important;padding-left:0!important; \"><\/p>\n\n<p class=\"syndicated-attribution\">*** This is a Security Bloggers Network syndicated blog from <a href=\"https:\/\/www.sonatype.com\/blog\">2024 Sonatype Blog<\/a> authored by <a href=\"https:\/\/securityboulevard.com\/author\/0\/\" title=\"Read other posts by Daniel Glick\">Daniel Glick<\/a>. Read the original post at: <a href=\"https:\/\/www.sonatype.com\/blog\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\">https:\/\/www.sonatype.com\/blog\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update<\/a> <\/p>","protected":false},"excerpt":{"rendered":"<div class=\"hs-featured-image-wrapper\">\n <a href=\"https:\/\/www.sonatype.com\/blog\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\" title=\"\" class=\"hs-featured-image-link\"> <img decoding=\"async\" src=\"https:\/\/www.sonatype.com\/hubfs\/AI-Generated%20Media\/Images\/A%20clean%20and%20modern%20header%20image%20showing%20a%20secure%20software%20pipeline%20concept%20a%20digital%20representation%20of%20a%20factory%20producing%20software%20components%2C%20with%20i.jpeg\" alt=\"Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update\" class=\"hs-featured-image\"> <\/a>\n<\/div>\n<p>As the cybersecurity landscape changes and threats evolve, the Department of Defense (DoD) has updated its <a href=\"https:\/\/dodcio.defense.gov\/Portals\/0\/Documents\/Library\/DoD%20Enterprise%20DevSecOps%20Fundamentals%20v2.5.pdf\"><span>Enterprise DevSecOps Fundamentals<\/span><\/a> to align development practices with security imperatives further. This is part of a long-term effort by the DoD to improve how software is developed, deployed, and managed across its network, including its business systems, weapons systems, embedded software, and essential command, control, and combat support systems.<\/p>\n","protected":false},"author":22128,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[21132,5],"tags":[12628,18980,69441,69440,27367],"class_list":["post-2037633","post","type-post","status-publish","format-standard","hentry","category-devops","category-sbn","tag-department-of-defense","tag-devsecops","tag-sbom","tag-software-bill-of-materials","tag-software-supply-chain"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v23.9 (Yoast SEO v23.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update - Security Boulevard<\/title>\n<meta name=\"description\" content=\"As the cybersecurity landscape changes and threats evolve, the Department of Defense (DoD) has updated its Enterprise DevSecOps Fundamentals to align development practices with security imperatives further. This is part of a long-term effort by the DoD to improve how software is developed, deployed, and managed across its network, including its business systems, weapons systems, embedded software, and essential command, control, and combat support systems.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update\" \/>\n<meta property=\"og:description\" content=\"As the cybersecurity landscape changes and threats evolve, the Department of Defense (DoD) has updated its Enterprise DevSecOps Fundamentals to align development practices with security imperatives further. This is part of a long-term effort by the DoD to improve how software is developed, deployed, and managed across its network, including its business systems, weapons systems, embedded software, and essential command, control, and combat support systems.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/\" \/>\n<meta property=\"og:site_name\" content=\"Security Boulevard\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/groups\/24445075146\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-11-26T21:15:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.sonatype.com\/hubfs\/AI-Generated%20Media\/Images\/A%20clean%20and%20modern%20header%20image%20showing%20a%20secure%20software%20pipeline%20concept%20a%20digital%20representation%20of%20a%20factory%20producing%20software%20components%2C%20with%20i.jpeg\" \/>\n<meta name=\"author\" content=\"Daniel Glick\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@securityblvd\" \/>\n<meta name=\"twitter:site\" content=\"@securityblvd\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/\",\"url\":\"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/\",\"name\":\"Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update - Security Boulevard\",\"isPartOf\":{\"@id\":\"https:\/\/securityboulevard.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.sonatype.com\/hubfs\/AI-Generated%20Media\/Images\/A%20clean%20and%20modern%20header%20image%20showing%20a%20secure%20software%20pipeline%20concept%20a%20digital%20representation%20of%20a%20factory%20producing%20software%20components%2C%20with%20i.jpeg\",\"datePublished\":\"2024-11-26T21:15:53+00:00\",\"dateModified\":\"2024-11-26T21:15:53+00:00\",\"author\":{\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/ad432384391677bf2556ce53c23a5cf6\"},\"description\":\"As the cybersecurity landscape changes and threats evolve, the Department of Defense (DoD) has updated its Enterprise DevSecOps Fundamentals to align development practices with security imperatives further. This is part of a long-term effort by the DoD to improve how software is developed, deployed, and managed across its network, including its business systems, weapons systems, embedded software, and essential command, control, and combat support systems.\",\"breadcrumb\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/#primaryimage\",\"url\":\"https:\/\/www.sonatype.com\/hubfs\/AI-Generated%20Media\/Images\/A%20clean%20and%20modern%20header%20image%20showing%20a%20secure%20software%20pipeline%20concept%20a%20digital%20representation%20of%20a%20factory%20producing%20software%20components%2C%20with%20i.jpeg\",\"contentUrl\":\"https:\/\/www.sonatype.com\/hubfs\/AI-Generated%20Media\/Images\/A%20clean%20and%20modern%20header%20image%20showing%20a%20secure%20software%20pipeline%20concept%20a%20digital%20representation%20of%20a%20factory%20producing%20software%20components%2C%20with%20i.jpeg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/securityboulevard.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Editorial Calendar\",\"item\":\"https:\/\/securityboulevard.com\/category\/editorial-calendar\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"DevSecOps\",\"item\":\"https:\/\/securityboulevard.com\/category\/editorial-calendar\/devsecops\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/securityboulevard.com\/#website\",\"url\":\"https:\/\/securityboulevard.com\/\",\"name\":\"Security Boulevard\",\"description\":\"The Home of the Security Bloggers Network\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/securityboulevard.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/ad432384391677bf2556ce53c23a5cf6\",\"name\":\"Daniel Glick\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/dc80ea7fd2c999c289e87d91a7b74e6b?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/dc80ea7fd2c999c289e87d91a7b74e6b?s=96&d=mm&r=g\",\"caption\":\"Daniel Glick\"},\"sameAs\":[\"https:\/\/www.sonatype.com\/blog\"],\"url\":\"https:\/\/securityboulevard.com\/author\/daniel-glick\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update - Security Boulevard","description":"As the cybersecurity landscape changes and threats evolve, the Department of Defense (DoD) has updated its Enterprise DevSecOps Fundamentals to align development practices with security imperatives further. This is part of a long-term effort by the DoD to improve how software is developed, deployed, and managed across its network, including its business systems, weapons systems, embedded software, and essential command, control, and combat support systems.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/","og_locale":"en_US","og_type":"article","og_title":"Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update","og_description":"As the cybersecurity landscape changes and threats evolve, the Department of Defense (DoD) has updated its Enterprise DevSecOps Fundamentals to align development practices with security imperatives further. This is part of a long-term effort by the DoD to improve how software is developed, deployed, and managed across its network, including its business systems, weapons systems, embedded software, and essential command, control, and combat support systems.","og_url":"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/","og_site_name":"Security Boulevard","article_publisher":"https:\/\/www.facebook.com\/groups\/24445075146\/","article_published_time":"2024-11-26T21:15:53+00:00","og_image":[{"url":"https:\/\/www.sonatype.com\/hubfs\/AI-Generated%20Media\/Images\/A%20clean%20and%20modern%20header%20image%20showing%20a%20secure%20software%20pipeline%20concept%20a%20digital%20representation%20of%20a%20factory%20producing%20software%20components%2C%20with%20i.jpeg"}],"author":"Daniel Glick","twitter_card":"summary_large_image","twitter_creator":"@securityblvd","twitter_site":"@securityblvd","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/","url":"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/","name":"Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update - Security Boulevard","isPartOf":{"@id":"https:\/\/securityboulevard.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/#primaryimage"},"image":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/#primaryimage"},"thumbnailUrl":"https:\/\/www.sonatype.com\/hubfs\/AI-Generated%20Media\/Images\/A%20clean%20and%20modern%20header%20image%20showing%20a%20secure%20software%20pipeline%20concept%20a%20digital%20representation%20of%20a%20factory%20producing%20software%20components%2C%20with%20i.jpeg","datePublished":"2024-11-26T21:15:53+00:00","dateModified":"2024-11-26T21:15:53+00:00","author":{"@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/ad432384391677bf2556ce53c23a5cf6"},"description":"As the cybersecurity landscape changes and threats evolve, the Department of Defense (DoD) has updated its Enterprise DevSecOps Fundamentals to align development practices with security imperatives further. This is part of a long-term effort by the DoD to improve how software is developed, deployed, and managed across its network, including its business systems, weapons systems, embedded software, and essential command, control, and combat support systems.","breadcrumb":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/#primaryimage","url":"https:\/\/www.sonatype.com\/hubfs\/AI-Generated%20Media\/Images\/A%20clean%20and%20modern%20header%20image%20showing%20a%20secure%20software%20pipeline%20concept%20a%20digital%20representation%20of%20a%20factory%20producing%20software%20components%2C%20with%20i.jpeg","contentUrl":"https:\/\/www.sonatype.com\/hubfs\/AI-Generated%20Media\/Images\/A%20clean%20and%20modern%20header%20image%20showing%20a%20secure%20software%20pipeline%20concept%20a%20digital%20representation%20of%20a%20factory%20producing%20software%20components%2C%20with%20i.jpeg"},{"@type":"BreadcrumbList","@id":"https:\/\/securityboulevard.com\/2024\/11\/key-takeaways-from-the-latest-dod-enterprise-devsecops-fundamentals-update\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/securityboulevard.com\/"},{"@type":"ListItem","position":2,"name":"Editorial Calendar","item":"https:\/\/securityboulevard.com\/category\/editorial-calendar\/"},{"@type":"ListItem","position":3,"name":"DevSecOps","item":"https:\/\/securityboulevard.com\/category\/editorial-calendar\/devsecops\/"},{"@type":"ListItem","position":4,"name":"Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update"}]},{"@type":"WebSite","@id":"https:\/\/securityboulevard.com\/#website","url":"https:\/\/securityboulevard.com\/","name":"Security Boulevard","description":"The Home of the Security Bloggers Network","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/securityboulevard.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/ad432384391677bf2556ce53c23a5cf6","name":"Daniel Glick","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/dc80ea7fd2c999c289e87d91a7b74e6b?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/dc80ea7fd2c999c289e87d91a7b74e6b?s=96&d=mm&r=g","caption":"Daniel Glick"},"sameAs":["https:\/\/www.sonatype.com\/blog"],"url":"https:\/\/securityboulevard.com\/author\/daniel-glick\/"}]}},"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p91vu9-8y53","_links":{"self":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037633","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/users\/22128"}],"replies":[{"embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/comments?post=2037633"}],"version-history":[{"count":1,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037633\/revisions"}],"predecessor-version":[{"id":2037634,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037633\/revisions\/2037634"}],"wp:attachment":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/media?parent=2037633"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/categories?post=2037633"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/tags?post=2037633"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}