Case Study: U.S. Department of Defense achieves faster, continuous DevSecOps delivery with CNCF Kubernetes

With Kubernetes, the U.S. Department of Defense is enabling DevSecOps on F-16s and battleships

The U.S. Department of Defense faced a critical challenge with software delivery for major weapons systems, a process that could take up to a decade using outdated waterfall methodologies. This slow pace, combined with cybersecurity being an afterthought, hindered progress in areas like AI and machine learning. To address this, they partnered with the Cloud Native Computing Foundation (CNCF) to adopt a modern DevSecOps approach.

The solution implemented by the Cloud Native Computing Foundation was the creation of a DoD-wide Enterprise DevSecOps reference design, mandating the use of CNCF-compliant Kubernetes clusters and open source technologies like Envoy and Istio. This enabled a dramatic increase in velocity and security, reducing release cycles from 3-8 months to one week and achieving continuous authority to operate. The measurable impact is estimated at over 100 years saved across 37 programs, with successful implementations on platforms ranging from F-16 jets to naval ships.

U.S. Department of Defense

Nicolas M. Chaillan

Chief Software Officer