Atypical Applications of Agile and DevSecOps Principles

Modern software engineering practices of Agile and DevSecOps have provided a foundation for producing working software products faster and more reliably than ever before. Far too often, however, these practices do not address the non-software concerns of business mission and capability delivery even though these concerns are critical to the successful delivery of a software product. Through our work with government organizations, we have found that expanding DevSecOps beyond product development enables other teams to increase their capabilities and improve their processes. Agile methodologies are also being used for complex system and hardware developments. In this podcast from the Carnegie Mellon University Software Engineering Institute, Lyndsi Hughes, a senior systems engineer and David Sweeney, an associate software developer, both with the SEI CERT Division, share their experiences leveraging DevSecOps pipelines in atypical situations in support of teams focused on the capability delivery and business mission for their organizations.