DEVSECOPS MIGRATION TO cARMY
By Jonathan Kolhagen
JANUS Research Group is consistently establishing ways to rapidly deliver secure software capabilities to warfighters by enabling modern Software Development through products and services to grow the Army's cloud native enterprise DevSecOps ecosystem. Below outlines how JANUS delivers software development management/storage/build tools, validate paths to production, and enable DevSecOps security.
THE JANUS APPROACH
DevSecOps methodology begins with our positive and well-integrated systems development, security, and operational team culture. The JANUS approach to cloud planning, migration, and implementation is highly collaborative, harnessing established relationships with cloud providers and trusted cloud experts to achieve our client's vision. The successful migrations for Architecture Integration Management Division (AIMD) systems are due to the DevSecOps approach taken by Team JANUS and supported by AIMD, Army Futures Command (AFC), and Futures and Concepts Center (FCC) leadership to take on-prem solutions and make them modular, flexible, and agile to become focused on deliveries while improving the applications security posture and mitigating perceived performance issues. Team JANUS leverages Capability Maturity Model Integration (CMMI) Level 3 best practices for documentation and process improvements ensuring repeatable success, demonstrated by multiple iterations of migrations for both the ArCADIE and Forge applications within the Cloud.
A continuous Authorization to Operate (ATO) approach enabled by our DevSecOps methodology, security-focused culture, and Risk Management Framework (RMF) automations and templates guarantee steady standards compliant with Risk Management (RM) implementations empowered by Team JANUS' certified and experienced Information Assurance (IA)/Cybersecurity professionals.
Team JANUS provides complete IA/cybersecurity services for required systems and maintaining the ArCADIE and Forge system accreditation and ATO. Our Systems Administrators coordinate with the Cyber Security Service Provider (CSSP) (C5ISR), AFC-Modernization Application and Data Environment (MADE) Support Staff, and the cARMY Infrastructure Team to ensure continued security and cyber resilience of ArCADIE and other contractor-managed systems. We support Federal Information System Management Act (FISMA) self-reporting efforts annually by updating the IA test plan, documenting cybersecurity postures across the RMF control set, planning for and simulating disaster recovery events, and overall taking a proactive approach to accreditation management.
With this methodology and approach, Team JANUS was able to successfully migrate ArCADIE to the Army Futures Command (AFC) MADE cloud for IL5 and IL6. This was the first time ArCADIE has had a Secret Internet Protocol Router Network (SIPR) instantiation in over ten years, providing a significant achievement ensuring the government can continue to develop classified architectures. Additionally, Team JANUS was able to migrate Forge from an on-prem environment to becoming the first of its kind application within cARMY for IL5 and finalizing the migration for IL6.
Once successfully migrated within the cloud hosted environment, several process improvements to the DevSecOps posture became immediately apparent, to include the use of Continuous Integration/Continuous Deployment (CI/CD) utilizing Azure Artifacts to ensure release artifacts are stored. Additional cloud related capabilities will be realized: such as BurpSuite and SonarQube for code scans, PowerBI and RShiny for dashboard and data analytics, as well as leveraging Application Programming Interface (API)s to enable data integration and data sharing across the Army.
Our team's expertise in utilizing current and emerging technologies as well as fully embracing our relationship with AFC and FCC leadership led to the development of a future vision document and within a pursuit for a stronger, faster, and more stable applications to support the growing AIMD mission and overall support to the success of Multi Domain Operations (MDO) and enabling the planning for Army 2030, Army 2040 and beyond. With this understanding, we were able to develop and implement a plan that led to the government now requiring migration of ArCADIE to the cARMY cloud.
Latest News View All
- JANUS RESEARCH GROUP AWARDED FUTURES AND CONCEPTS CENTER FUTURE STUDY PLAN TASK ORDER JANUS Research Group (JANUS) has been awarded a four-year, $12 million task order to provide the Future Warfare Division (FWD) with Future Study Program (FSP) Events support services that include administrative, production, event execution, analysis, and analytical integration support in executing the FSP. (8/5/2022)
- JANUS RESEARCH GROUP ANNOUNCED AS ONE OF THE RECIPIENTS FOR THE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY PUBLIC SAFETY INNOVATION ACCELERATOR PROGRAM JANUS Research Group (JANUS) has recently been announced as one of the six recipients for the National Institute of Standards and Technology (NIST) Public Safety Innovation Accelerator Program 2022 (PSIAP-2022) covering a two-year period of performance. (7/26/2022)
- DAVID WUNIBALD AWARDED JANUS RESEARCH GROUP ENERGY AWARD JANUS Research Group LLC (JANUS) has awarded David Wunibald an Energy Award for his work as a critical member of the JANUS Top Down Modernization Team, redesigning the Task training packet for the Task Analysis Phase of the All Domain Protection (ADP) Capability Based Assessment (CBA). (7/10/2022)
- MARK COLVIN AWARDED JANUS RESEARCH GROUP ENERGY AWARD JANUS Research Group LLC (JANUS) has awarded Mark Colvin an Energy Award for his work supporting the Enterprise Aviation Systems program. (7/10/2022)