DoD Enterprise Initiative (DSOP)


The DSOP is joint effort of the DOD’s Chief Information Officer, Office of the Undersecretary of Defense for Acquisition and Sustainment. The services focus on bringing automated software tools, services and standards to DOD programs so that warfighters can create, deploy, and operate software applications in a secure, flexible, and interoperable manner.


Selecting, certifying, and packaging best of breed development tools and services (over 100 options)
Creating a centralized artifacts repository of hardened and centrally authorized containers
Designing a Scalable Micro-services Architecture with Service Mesh/API Gateway and baked-in security
Standardizing metrics and define acceptable thresholds for continuous Authority To Operate (cATO)
Working with DAU to create state of the art DevSecOps curriculum
Creating the Sidecar Container Security Stack (SCSS) for baked-in zero trust security
Providing on-boarding and support for adoption of Agile and DevSecOps
Developing best-practices, training, and support for pathfinding and related activities
Creating new contracting language to enable and incentivize the use of Agile and DevSecOps


The software automated tools, services, and standards that enable programs to develop, secure, deploy, and operate applications in a secure, flexible and interoperable fashion.





Software and cybersecurity permeate all aspects of the Department of Defense’s (DoD) mission, encompassing business systems, weapons systems, artificial intelligence, cybersecurity, and space operations. To meet the challenges posed by this dynamic environment, establishing DevSecOps capabilities becomes imperative

  • Deliver applications rapidly and in a secure manner, increasing the warfighters competitive advantage
  • Bake-in and enforce cybersecurity functions and policy from inception through operations
  • Enhance enterprise visibility of development activities and reduce accreditation timelines
  • Ensure seamless application portability across enterprise, Cloud and disconnected, intermittent and classified environments
  • Drive DoD transformation to Agile and Lean Software Development and Delivery

Leveraging industry acquisition best practices combined with a centralized contract vehicle for DevSecOps tools and services will enable rapid prototyping, real-time deployments. and scalability.

We cannot be left behind: China, Russia and North Korea are already implementing DevOps

DoD Program Value

Deploy a DoD-hardened Software Factory, on their existing or new environments (including classified, disconnected and clouds), within days instead of a year. Cost and time savings.
Multiple DevSecOps pipeline exemplars are available with various options to avoid vendor lock-in and enable true DoD-scale as there is not a one-size-fit-all for CI/CD.
Creates rapid prototyping (in days and not months or years) for any Business, C4ISR and Weapons system. Deployment in Production.
Enables learning and continuous feedback from actual end-users (warfighters)
Allows bug and security fixes in minutes instead of weeks/months
Enables continuous Authorization to Operate (ATO) process for rapid deployment and scalability. Authorize Once, use Many times.
Brings a holistic and baked-in cybersecurity stack, gaining complete visibility of all assets, software security state and infrastructure as code
Facilitates the adoption of micro-services by using Micro-services Architecture
Deployed on any environment, including DoD-approved Cloud and Jedi (when available)
Enables automated testing and security