Implementing modern cybersecurity within the DoD is hard. Too hard. The majority of program offices and weapon systems fail, long before they see many benefits. The number one reason these programs fail, is the inability to develop and sustain a secure and accreditable system. They spend the majority of their budget making the platform, and never actually get to the point of using the platform to deliver mission value. At Defense Unicorns we have developed a product called Pepr, which helps to automate the extension of DevSecOps cyber platforms to mission applications. Pepr provides a simple, standardized interface for needed security configurations that applications must incorporate to achieve continuous delivery within secure DoD systems. It does this by interacting with applications leveraging Kubernetes and VM based architectures, and integrating the applications configuration as code with configuration as code from a common cybersecurity stack leveraging a combination of open source and commercial capabilities. Funding of this proposal will reduce the barrier to entry of weapon systems across the DoD, and finally actualize the benefits of DevSecOps and continuous delivery.
