Solutions & Services / DevSecOps
Federal GovCloud DevSecOps
Our SaaS platform enables agencies to build and maintain government compliant applications efficiently, securely, and cost effectively.
FedRAMP Authorized Moderate SaaS
The Federal Risk and Authorization Management Program (FedRAMP) promotes secure cloud services adoption for the federal government.
Modern secure software delivery
Build applications and support your agency’s mission with our turnkey FGC DSO platform. Integrate, test, monitor, and deploy secure software to any customer-defined testing or production environment.
Benefits
Per-Seat License Model
Cloud
Agnostic
FedRAMP
Authorized
Optimal
Zero Trust
Turnkey
Solutions
Secure SDLC from build to deployment
Accelerate development with the right tools
Our DevSecOps SaaS provides an integrated toolchain that can be provisioned quickly for customers to start leveraging source code management and continuous integration/continuous delivery (CI/CD) pipeline implementation.
Integrated
Toolchain
Issue Management
GH Project Planner
JIRA Software*
ZenHub Enterprise*
Azure Boards*
GH Project Planner
JIRA Software*
ZenHub Enterprise*
Azure Boards*
Source Code & DevSecOps Management
GitHub
Federal GovCloud
GitHub
Federal GovCloud
Security Scanning & Unit Testing
SonarQube
Dependency-Check
Trivy
Sonarlint
Karma
JUnit5
GH Advanced Security*
JFrog Artifactory Edge
GH Project Planner
Nessus*
SonarQube
Dependency-Check
Trivy
Sonarlint
Karma
JUnit5
GH Advanced Security*
JFrog Artifactory Edge
GH Project Planner
Nessus*
Continuous Integration & Build
Jenkins
Maven
MS Build
Sequelize
Redgate
Docker
GH Actions
JFrog Xray*
Azure DevOps**
Jenkins
Maven
MS Build
Sequelize
Redgate
Docker
GH Actions
JFrog Xray*
Azure DevOps**
Infrastructure as Code & Configuration Management
HashiCorp
Ansible
HashiCorp
Ansible
508 Compliance & Other Testing
LightHouse
Pa11y
Angular
Karma
Protractor
LightHouse
Pa11y
Angular
Karma
Protractor
Containerization & Continuous Deployment
Jenkins
Kubernetes
Docker
GH Actions
Azure DevOps**
Jenkins
Kubernetes
Docker
GH Actions
Azure DevOps**
Continuous Monitoring & Alerts
Nessus Vulnerability Scanner*
WhiteSource*
Microsoft Cloud Security Center**
Twilio SendGrid**
Splunk**
Nessus Vulnerability Scanner*
WhiteSource*
Microsoft Cloud Security Center**
Twilio SendGrid**
Splunk**
* additional cost and add-on that can be purchased directly through TechTrend, Inc.
** additional cost and integration that needs to be purchased via a third party.
KEY SPECIFICATIONS
Source Code
Source Code Management
Code Version Control
Code Branching
Automated CI/CD
CI/CD
Auto-Scaling
High Availability
CI/CD Pipeline Builds
(1 Per 2 Seats)
Security
FedRAMP Moderate Controls
Role Based Access Controls
NIST and FIPS Validated
Static Code Vulnerability Analysis
Geographically Redundant Disaster Recovery
Security Brand Analysis++
Injection Vulnerability Detection++
Pull Request Decoration++
Agile Practices
Kanban Board (Issues and Bug Tracking)
Team Management
Documentation
Wiki
Milestone Tracking
Release Process Compliance
508 Testing
Release Packaging
Support
Service Desk Support
1-Hour Training Credit (Per 10 Seats)
+Additional builds available
++Support for 21 development languages – Up to 2 million lines of code across all enabled projects
Build Government Compliant Applications
Empower your agency to meet the White House’s Executive Order on Improving Cybersecurity.
Included Capabilities
Continuous Code Scanning
Enable developers to receive continuous code review with GitHub Enterprise. This results in code that is more secure and higher quality.
Software Composition Analysis (SCA)
Government developers need to know what is in their code. Most applications have open source software components. Being able to understand this is crucial for federal government organizations. OWASP Dependency Check powers FGC DSO’s SCA.
Automated Security & Unit Testing
Government organizations need to meet citizen’s digital service demands. With FGC DSO it is easy to automate security and unit testing while delivering applications faster.
Static Analysis Security Testing (SAST)
Analyze source code and uncover security vulnerabilities. SonarQube powers FGC DSO’s SAST and supports 25+ programming languages.
Coverage Metrics
Arm developers, project managers, and executives with enterprise-wide metrics for security, code, builds, testing, releases, and toolchains.
Maintain Applications
Government applications need to maintain their security and compliance posture while meeting end-users needs. With FGC DSO, code changes are checked in and automatically tested against NIST and FIPS standards. Our baseline tool set is FedRAMP Authorized.
Reduce Cognitive Load and Increase Productivity
Our DevSecOps SaaS provides an integrated toolchain that can be provisioned quickly for customers to start leveraging source code management and continuous integration/continuous delivery (CI/CD) pipeline implementation.
Software Factory
FedRAMP High Authorized Cloud
FedRAMP Approved Cloud on Microsoft Azure, includes HVA cloud adoption.
3000+ cloud native services with policy enforced
DISA STIG enabled
Federal GovCloud DevSecOps
Leverage Industry’s first FedRAMP authorized DevSecOps platform – including GitHub for Agile Development Teams.
Secure Automation and Release Process enabled for Agile Development & Operation Teams
Increase release velocity and improve software quality
Security Controls Management & ATO Documentation
Security and compliance documents, controls, and reports are automated and templated with ATO governance solution.
We manage the vast majority of government security controls.
Blend architecture, deployment and security views
Secure Cloud Operations
24/7 help desk support security monitoring, support, and patching managed by Azure Certified Engineers.
Governed by the government.
Operational cost savings and immediate availability
Case Study
DevSecOps
See how the FAA revolutionized the cloud design in which applications, tools, and services are designed to migrate seamlessly
