-
Using agile and DevOps to get better results than a change control board
on March 2, 2021
Agile is a way of quickly reacting to the demands of your project and DevOps is a methodology for building infrastructure and applications that is able to adapt and change quickly. Using these methods, you can avoid many of the pitfalls of traditional waterfall practices described above.
-
Shared infrastructure as code
on August 15, 2018
At many government agencies, a central IT team manages DNS directly. Other teams must request changes using help desk tickets, which can have inconsistent turnaround times, and are susceptible to human error. Having DNS records as code and doing changes through pull requests brought turnaround time down from multiple days to under ten minutes.
-
Win big by going small
on March 13, 2018
Adopting this “smaller is better” mindset as a way to overhaul a large, complex legacy system can feel counterintuitive. But the notion of smallness — of distilling complex, interdependent tasks into achievable units of work — is fundamental to building modern software in both the private and public sector.
-
Getting DevOps buy-in to facilitate agile
on January 25, 2018
Agile without DevOps is a bundle of potential energy with no outlet. We’ve found that it’s easier to get agency buy-in for DevOps if automated security audits are part of that work.
-
Automated scanning for sensitive information in the development lifecycle
on September 26, 2017
Often when developing open source software, and especially software that relies on outside services, you’ll find that you have to manage sensitive information. While there are a large number of things that can be considered sensitive, open source developers often deal with sensitive items such as API tokens, passwords, and private keys that are required for the system to function. Here's how we approached keeping this information safe.
-
cloud.gov is now FedRAMP Authorized for use by federal agencies
on February 2, 2017
We’re delighted to announce that cloud.gov is now FedRAMP Authorized, which enables agencies to quickly transition their web-based services to efficient and easy-to-use cloud hosting. FedRAMP Authorized status marks completion of a comprehensive security and compliance assessment that enables federal agencies to start using cloud.gov with significantly reduced effort. cloud.gov is a government-customized hosting platform that takes care of technical infrastructure and security compliance requirements.
-
Patterns for managing multi-tenant cloud environments
on August 10, 2016
When 18F started, deploying government services into a public cloud was still fairly uncommon. However, everything 18F has built has been deployed into Amazon Web Services (AWS), including cloud.gov. Over that time, our AWS account has grown in size and complexity and we needed a new approach to make sure it remains manageable.
-
cloud.gov is full steam ahead on its FedRAMP assessment process
on July 18, 2016
Here at 18F on the cloud.gov team, we’re working toward getting cloud.gov assessed as FedRAMP compliant, with lots of interesting progress — so here’s an update, including our FedRAMP Ready status!
-
Answering common questions about cloud.gov
on November 13, 2015
Four weeks ago, we announced cloud.gov, a new platform that will enable small federal teams to rapidly develop and deploy web services with best-practice, production-level security and scalability. Currently, we’re running a small pilot program to prepare to open up cloud.gov to all federal agencies. In the meantime, we’d like to lay out some more details about the project and answer some common questions.
-
ACT-IAC event on DevOps in the government
on April 20, 2015
Themed 'Achieve Agile Nirvana Through DevOps,' the education and training event will be held from 8:00 a.m. to 11:00 a.m. on Friday, May 1 at the General Services Administration, 1800 F Street NW, in Washington, D.C.
Back to
18F Blog