SEI Blog | Continuous Deployment of Capability

SEI Blog | Continuous Deployment of Capabilityhttp://www.sei.cmu.edu/feeds/topic/Updates on changes and additions to the SEI Blog for posts matching Continuous Deployment of Capabilityen-usMon, 14 Jul 2025 00:00:00 -0400A Practitioner-Focused DevSecOps Assessment Approachhttps://www.sei.cmu.edu/blog/a-practitioner-focused-devsecops-assessment-approach/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesRegular DevSecOps assessments are necessary to track progress, adapt to evolving needs, and ensure you are consistently delivering value to your end users with speed, security, and efficiency.Aaron Reffett, Timothy A. ChickMon, 14 Jul 2025 00:00:00 -0400https://www.sei.cmu.edu/blog/a-practitioner-focused-devsecops-assessment-approach/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesA 5-Stage Process for Automated Testing and Delivery of Complex Software Systemshttps://www.sei.cmu.edu/blog/a-5-stage-process-for-automated-testing-and-delivery-of-complex-software-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesManaging and maintaining deployments of complex software present engineers with a multitude of challenges including security vulnerabilities.Caden Milne, Lyndsi HughesWed, 21 May 2025 00:00:00 -0400https://www.sei.cmu.edu/blog/a-5-stage-process-for-automated-testing-and-delivery-of-complex-software-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe DevSecOps Capability Maturity Modelhttps://www.sei.cmu.edu/blog/the-devsecops-capability-maturity-model/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesImplementing DevSecOps can improve multiple aspects of the effectiveness of a software organization and the quality of the software for which it is responsible.Timothy A. Chick, Brent Frye, Aaron ReffettMon, 10 Mar 2025 00:00:00 -0400https://www.sei.cmu.edu/blog/the-devsecops-capability-maturity-model/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesAcquisition Archetypes Seen in the Wild, DevSecOps Edition: Cross-Program Dependencieshttps://www.sei.cmu.edu/blog/acquisition-archetypes-seen-in-the-wild-devsecops-edition-cross-program-dependencies/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesShared capabilities can help manage costs and complexities but can also result in cross-program dependencies. This post examines this phenomenon in a DevSecOps context.William NovakTue, 03 Sep 2024 00:00:00 -0400https://www.sei.cmu.edu/blog/acquisition-archetypes-seen-in-the-wild-devsecops-edition-cross-program-dependencies/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesAcquisition TransformationCultivating Kubernetes on the Edgehttps://www.sei.cmu.edu/blog/cultivating-kubernetes-on-the-edge/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMembers of the SEI DevSecOps Innovation team were asked to explore an alternative to VMware’s vSphere Hypervisor in an edge compute environment. This post explores their prototype.Patrick Earl, Jeffrey Hamed, Doug Reynolds, José MoralesMon, 08 Jul 2024 00:00:00 -0400https://www.sei.cmu.edu/blog/cultivating-kubernetes-on-the-edge/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesPolar: Improving DevSecOps Observabilityhttps://www.sei.cmu.edu/blog/polar-improving-devsecops-observability/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis post introduces Polar, a DevSecOps framework developed as a solution to the limitations of traditional batch data processing.Morgan Farrah, Vaughn Coates, Patrick EarlMon, 06 May 2024 00:00:00 -0400https://www.sei.cmu.edu/blog/polar-improving-devsecops-observability/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesExample Case: Using DevSecOps to Redefine Minimum Viable Producthttps://www.sei.cmu.edu/blog/example-case-using-devsecops-to-redefine-minimum-viable-product/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI blog post, authored by SEI interns, describes their work on a microservices-based software application, an accompanying DevSecOps pipeline, and an expansion of the concept of minimum viable product to minimum viable process.Joseph YankelMon, 11 Mar 2024 00:00:00 -0400https://www.sei.cmu.edu/blog/example-case-using-devsecops-to-redefine-minimum-viable-product/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesAcquisition Archetypes Seen in the Wild, DevSecOps Edition: Clinging to the Old Wayshttps://www.sei.cmu.edu/blog/acquisition-archetypes-seen-in-the-wild-devsecops-edition-clinging-to-the-old-ways/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI blog post draws on SEI experiences conducting independent technical assessments to examine problems common to disparate acquisition programs. It also provides recommendations for recovering from these problems and preventing them from recurring.William NovakMon, 18 Dec 2023 00:00:00 -0500https://www.sei.cmu.edu/blog/acquisition-archetypes-seen-in-the-wild-devsecops-edition-clinging-to-the-old-ways/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesAcquisition TransformationExtending Agile and DevSecOps to Improve Efforts Tangential to Software Product Developmenthttps://www.sei.cmu.edu/blog/extending-agile-and-devsecops-to-improve-efforts-tangential-to-software-product-development/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe modern software engineering practices of Agile and DevSecOps have revolutionized the practice of software engineering. This blog post explores use of these practices in capability delivery and business mission.David Sweeney, Lyndsi HughesMon, 07 Aug 2023 00:00:00 -0400https://www.sei.cmu.edu/blog/extending-agile-and-devsecops-to-improve-efforts-tangential-to-software-product-development/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates5 Challenges to Implementing DevSecOps and How to Overcome Themhttps://www.sei.cmu.edu/blog/5-challenges-to-implementing-devsecops-and-how-to-overcome-them/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe shift from project- to program-level thinking raises numerous challenges to DevSecOps implementation. This SEI Blog post articulates these challenges and ways to overcome them.Joseph Yankel, Hasan YasarMon, 12 Jun 2023 00:00:00 -0400https://www.sei.cmu.edu/blog/5-challenges-to-implementing-devsecops-and-how-to-overcome-them/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesActionable Data from the DevSecOps Pipelinehttps://www.sei.cmu.edu/blog/actionable-data-from-the-devsecops-pipeline/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn this blog post, we explore decisions that program managers make and information they need to confidently make decisions with data from DevSecOps pipelines.Bill Nichols, Julie CohenMon, 01 May 2023 00:00:00 -0400https://www.sei.cmu.edu/blog/actionable-data-from-the-devsecops-pipeline/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesAgile Adoption in GovernmentContinuous Deployment of CapabilityMeasurement and AnalysisAgileWriting Ansible Roles with Confidencehttps://www.sei.cmu.edu/blog/writing-ansible-roles-with-confidence/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesHow do you write Ansible roles in a way where you can be confident your role works as intended? This post provides guidance on how to best begin developing Ansible roles.Matthew HeckathornMon, 07 Nov 2022 00:00:00 -0500https://www.sei.cmu.edu/blog/writing-ansible-roles-with-confidence/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesA Technical DevSecOps Adoption Frameworkhttps://www.sei.cmu.edu/blog/a-technical-devsecops-adoption-framework/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis blog post describes our new DevSecOps adoption framework that guides the planning and implementation of a roadmap to functional CI/CD pipeline capabilities.Vanessa Jackson, Lyndsi HughesMon, 24 Oct 2022 00:00:00 -0400https://www.sei.cmu.edu/blog/a-technical-devsecops-adoption-framework/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesAgileDevopsContinuous Deployment of CapabilityCombining Security and Velocity in a Continuous-Integration Pipeline for Large Teamshttps://www.sei.cmu.edu/blog/combining-security-and-velocity-in-a-continuous-integration-pipeline-for-large-teams/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis post explores how one team managed—and eventually resolved—the two competing forces of developer velocity and cybersecurity enforcement by implementing DevSecOps practices.Alejandro GomezMon, 11 Jul 2022 00:00:00 -0400https://www.sei.cmu.edu/blog/combining-security-and-velocity-in-a-continuous-integration-pipeline-for-large-teams/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesModeling DevSecOps to Protect the Pipelinehttps://www.sei.cmu.edu/blog/modeling-devsecops-to-protect-the-pipeline/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis blog post presents a DevSecOps Platform-Independent Model that uses model based system engineering constructs to formalize the practices of DevSecOps pipelines and organize guidance.Timothy A. Chick, Joseph YankelMon, 13 Jun 2022 00:00:00 -0400https://www.sei.cmu.edu/blog/modeling-devsecops-to-protect-the-pipeline/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesFrom Model-Based Systems and Software Engineering to ModDevOpshttps://www.sei.cmu.edu/blog/from-model-based-systems-and-software-engineering-to-moddevops/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIntroduction to ModDevOps, an extension of DevSecOps that embraces model-based systems engineering (MBSE) technologyJerome Hugues, Joseph YankelMon, 22 Nov 2021 00:00:00 -0500https://www.sei.cmu.edu/blog/from-model-based-systems-and-software-engineering-to-moddevops/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesDevopsArchitecture Analysis and Design Language (AADL)Model-Based Systems EngineeringSystems EngineeringDigital EngineeringThe Role of DevSecOps in Continuous Authority to Operatehttps://www.sei.cmu.edu/blog/the-role-of-devsecops-in-continuous-authority-to-operate/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesDevSecOps favors rapid development and deployment. Such rapid development and deployment must be balanced against the need to ensure software systems are secure with minimal risk, thus enabling them to receive timely ATOs and continuous ATOs.Tom ScanlonMon, 04 Oct 2021 00:00:00 -0400https://www.sei.cmu.edu/blog/the-role-of-devsecops-in-continuous-authority-to-operate/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesTaking DevSecOps to the Next Level with Value Stream Mappinghttps://www.sei.cmu.edu/blog/taking-devsecops-to-the-next-level-with-value-stream-mapping/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis post explores the relationship between DevSecOps and value stream mapping, both of which are rooted in the Lean approach to systems and workflow. It also provides guidance on preparing to conduct value stream mapping within a software-intensive product development environment.Nanette BrownMon, 24 May 2021 00:00:00 -0400https://www.sei.cmu.edu/blog/taking-devsecops-to-the-next-level-with-value-stream-mapping/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesAligning DevSecOps and Machine Learninghttps://www.sei.cmu.edu/blog/aligning-devsecops-and-machine-learning/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesLuiz Antunes explores the machine learning (ML) and DevSecOps domains and proposes ways to use them in collaboration for increased performance.Luiz AntunesMon, 03 May 2021 00:00:00 -0400https://www.sei.cmu.edu/blog/aligning-devsecops-and-machine-learning/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMachine LearningThe Current State of DevSecOps Metricshttps://www.sei.cmu.edu/blog/the-current-state-of-devsecops-metrics/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesDevSecOps practices yield useful, valuable information about software performance that is likely to lead to innovations in software engineering metrics.Bill NicholsMon, 29 Mar 2021 00:00:00 -0400https://www.sei.cmu.edu/blog/the-current-state-of-devsecops-metrics/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMeasurement and Analysis