• Provides an enterprise-wide consolidated
DevSecOps platform for all Coast Guard systems,
supporting up to 200 concurrent users
• Permits the creation of reusable agency-wide
DevSecOps CI/CD pipelines across all projects
• Built-in flexibility to support dozens of best-of-breed
industry tools and the ability to expand the toolset
with market growth
• Performs build-level artifact analysis to facilitate
rapid identification and correction of code issues
early in the development lifecycle
• Supported by multiple Standard Operating
Procedures (SOPs) and training videos, allowing
USCG to fully sustain factory operations and growth
The US Coast Guard’s (USCG’s) Command, Control, Communications, Computers, Cyber and Intelligence Service Center (C5ISC) contracted with Karthik Consulting (KC) to collaboratively develop, test, implement, and sustain a Software Factory (SF) solution. USCG dubbed their solution the High Efficiency Rapid Modernization Network (HERMN), which embodies methods for translating commercial practices and DoD requirements into repeatable self-sustaining processes for establishing, growing, operating, and adapting scalable, high-quality, and secure in-house agile software operations.
Using a COTS DevSecOps platform as the foundation, KC developed modular extensions to give USCG the ability to realize quality and productivity gains on an enterprise-wide scale. By extending a modern COTS platform, USCG realized the best of both worlds: the proven stability of a commercial product; and supplements to that platform which can be configured to meet USCG’s varying project-specific needs. Furthermore, KC worked extensively with tool vendors and cloud providers to create a containerized solution that USCG could host in their own cloud account. This afforded USCG all the benefits of a modern cloud platform, combined with the security of a self-contained and complete solution managed by USCG. KC also developed training materials to facilitate the full transition of Software Factory operations to USCG and other contractor staff.
The SF provides an extended DevSecOps platform which weaves continuous and configurable security throughout development and operations, ultimately generating and supporting containerized cloud applications.
Configurable Security Controls
Application Onboarding
Continuous Scanning
Staged Hardened Containers
Policy as Code (PaC) / Infrastructure as Code (IaC)
Full Support for Operations
Sample tools are noted. The SF’s flexible design is tool agnostic.
Take a look at what KC is doing to contribute to global cyber security, agile software development and cloud services.
Felix Martin, 571 435 7632 fmartin@karthikconsulting.com
CAGE: 56GH3
DUNS: 828199880 UEI: FGNNM7KNUPF6
GSA MAS
GSA OASIS Pool 1 and 3
NIH CIO-SP3 8(a) & SB
GSA STARS III 8(a)
Air Force SBEAS
Army RS3
Navy Seaport-NexGen
FAA eFAST