For decades, Gartner surveys have confirmed that U.S. competitiveness in a global market rests on quick, efficient, effective, and secure development, delivery, and operation of software. The Air Force recognizes the same need: according to Maj Slaughter, AFLCMC/HNCP - Platform One, âWe need to accelerate software development for our combat development divisions.â In short, companies â and the Air Force â need to be more agile. The software industry has coined the term âDevSecOpsâ for the set of tools, services, and standards that enable software agility within an organization. Some of the U.S.âs largest and most technologically advanced companies â Google, Netflix, Facebook, Apple, IBM, and Amazon, among others â have been grappling with the secondary problems brought on by DecSecOps for the past decade. Out of this collective experience, several open source projects were created: containers (Docker) for deploying applications; Kubernetes for running those containers, and Istio for enabling communication and security across containers. These projects have seen wide-spread adoption as the basis of secure software platforms implementing DevSecOps across many sectors of the US economy, including in highly regulated sectors like health and finance. These projects also form the basis of Platform One, the secure platform that Air Force Lifecycle Management Center, Cyber Systems Division LevelUP - Platform One (AFLCMC/HNCP - Platform One) is developing for the USAF under the DSOP program. Tetrate enables enterprise adoption of Istio, conformance to service mesh best practices, and enhanced security through our product, Tetrate Service Bridge (TSB). Tetrate Service Bridge acts as a management layer over top of Istio and: enables organizations to map existing business processes onto the (new) security and runtime capabilities of Istio; enables lifecycle management of Istio itself; encodes and enforces best-practices when end-users interact with Istio, and extends Istioâs runtime security capabilities with Next Generation Access Control (NGAC). As part of the Tetrate Service Bridge offering, we audit existing usages of Istio by the customer and ensure they conform to best practices on a continuous basis by onboarding the existing deployment into TSB. Finally, we recognize that the introduction of DevSecOps overall, and Istio specifically, is a large organizational challenge. We offer training specialized to the specific needs of individual customers with the goal of cultivating their self learning capabilities. Tetrate would train AF developers and would explore with AFLCMC/HNCP - Platform One airmen understanding their needs and requirements for Tetr
