Defense Unicorns

🚨 Say what!? 🚨 The Office of Management and Budget just dropped some exciting news about the Federal Government's cybersecurity budget for FY 2026, and guess what? Open source software (OSS) is taking center stage! Here’s the scoop 🍨 The memo is calling for a major upgrade in how the Government handles OSS, including: ✨ Promoting the security and sustainability of open source software (OSS) ✨ Motivating government agencies to engage in the development and maintenance of OSS ✨ Overhauling the government's approach to reviewing, approving, and centralizing OSS ✨ Incorporating these practices into cybersecurity frameworks ✨ Creating open source program offices to coordinate OSS usage across agencies and the government Seeing these changes make our unicorn hearts happy 💖 #opensourcesoftware #usgovernment #cybersecurity

Allow me to recommend some light reading for you 😉 The DevSecOps Continuous Authorization Implementation Guide is only 26 pages, and you will only have to read it 26 times to get the valuable information out of it… or just follow us, and we will break this down because we actually want to read this so you don't have to 🤷♂️ Joshua Oates discusses some common misconceptions between the ATO and cATO processes and gives you a sneak peek into how our open-source Software Factory Package will lighten the burden of those processes. Your mission deserves to work with a team that will read through this whole library for you, and then provide your people with the tools and best practice process to evolve your ATO into a cATO. But if, after all of that, you still want to read the document, you can find it here: https://shorturl.at/FLS1P

✨We are hiring! ✨ 🦄 Campaign Manager 🦄 Contracts Specialist 🦄 DevSecOps Engineer 🦄 Golang Engineer 🦄 Lead Product Designer 🦄 Platform Engineer 🦄 Air Force Business Development Lead Head to the link below for more info and to apply 🦄 https://lnkd.in/g8xRVj-x #jobs #hiring #golang #socialmedia #contracting #devsecops #productdesigner #platformengineer #businessdevelopment

One topic that unites industry partners and the United States Department of Defense - shared frustration with the #ATO process 🤯. Industry partners are trying to deploy the best software to the DoD quickly. Meanwhile, the DoD is waiting for up-to-date solutions to effectively execute the mission. But, there's hope! Here are some recent updates you should know about as the ATO discussion continues: ✨ Office of the DoD Chief Information Officer released the Resolving Risk Management Framework and Cybersecurity Reciprocity Issues memo. ✨ Defense Information Systems Agency has recently updated numerous Security Technical Implementation Guides and Security Requirements Guides to ensure they align with the latest standards set forth in the fifth revision of the NIST Special Publication 800-53. ✨  Defense Unicorns launched a workshop to address the DoD's various struggles related to software delivery, including the ATO and cATO processes.  #Cybersecurity #Defense

How much time do you waste manually validating the security of your system? Whether it’s mandatory or just good practice, validating your system security is valuable but can take time you don’t have. Lula is a completely open source tool designed to give you that time back and probably catch a few risks you missed too 😉 What you get when you use Lula: 🦉 Defense in Depth: detection of malicious or insecure configurations. 🦉 Continuous Risk Management: validate live system compliance against controls, benchmarks, industry standards and best practices. 🦉 OSCAL Native: Uses NIST OSCAL to map implementations to requirements from catalogs and produces an assessment results OSCAL file. No proprietary data format required. Go to https://lula.dev to learn more about the capabilities Lula can bring to you and your security.

Happy Independence Day! 🇺🇸 "The essence of America—that which really unites us—is not ethnicity, or nationality, or religion. It is an idea—and what an idea it is: That you can come from humble circumstances and do great things." — Condoleezza Rice Let's celebrate the spirit of unity and the incredible potential that defines our nation. We extend our heartfelt gratitude to those who have served and continue to serve our country, safeguarding the #freedom we cherish. #FourthOfJuly #IndependenceDay

✨ Are you looking for a role you can be passionate about? ✨ Look no further! Defense Unicorns is hiring for a ton of awesome positions. Head to the link below for more info and to apply 🦄 https://lnkd.in/g8xRVj-x #hiring #devsecops #engineering #productdesigner #productmanager #partnermanager #platformengineer

Here is your sneak peek (or peak 🗻 if we want to keep going with the iceberg analogy 🫠) into the exclusive workshop where we'll equip you with the knowledge to deliver modern capabilities for your mission! Submit for an invite by this Friday to take a deeper dive with 🦄s who can help navigate the intricacies of software delivery for the United States Department of Defense. 📅 Date: July 9th & 10th 📍 Location: Colorado Springs, Colorado Together, we will uncover hidden challenges and learn effective strategies to overcome obstacles facing your mission. Submit for an invite here: https://shorturl.at/j6BEf #DoD #SoftwareDelivery #networking #Innovation #DefenseTech

To paraphrase Prussian Field Marshall, Helmuth von Moltke, ‘no plan survives contact with the enemy.’ Now join me in the mental journey as I apply this to software delivery 🤔… Where you start is generally not where you want to end up, particularly in software development. Sometimes the intent will change, or the problem may shift before delivery, so the plan is always evolving. The development and deployment methodology of “waterfall” doesn’t take this evolution from plan to deployment into account, which is why 🦄s gravitate towards agile methodologies. Agile emphasizes adaptability and continuous improvement to build, test, and validate our ideas incrementally 🙌 In other words, Waterfalls can be dangerous. Just ask anyone who’s gone over one 😅. You can read more about our take on the Agile vs Waterfall debate here: https://shorturl.at/F0fUE

Are you still celebrating Zarf being accepted as a contribution to OpenSSF? We sure are! 🎉 Zarf empowers you to securely package apps and resources, ensuring you have everything necessary to run applications seamlessly in any environment, be it intermittent or fully disconnected. Is anyone else noticing a trend of the United States Department of Defense and its partners becoming significant contributors and consumers of Open-Source Software? We're thrilled to be able to take part in this transition and will continue to advocate for the DoD to utilize and contribute to the Open-Source Community! You can (and should 😉) read more about the Zarf contribution here: https://shorturl.at/SUEXQ #OpenSource #DevSecOps