The Source Security & Compliance
Article

GitLab, Second Front Systems speed secure development on DoD networks

GitLab Ultimate leverages Second Front and AWS GovCloud to help orgs deliver software compliant with DoD Impact Levels 4 and 5.

November 28, 2023 4 min read
Sandra Gittlen
Sandra Gittlen Managing Editor, Blog

GitLab and Second Front Systems are partnering to bring the power of GitLab’s AI-powered DevSecOps platform to organizations striving to deliver solutions compliant with U.S. Department of Defense Impact Levels 4 and 5. GitLab Ultimate is leveraging Second Front and AWS GovCloud (US) to create a managed cloud environment for highly secure software development.

Second Front provides an offering called Game Warden that enables the delivery of commercial SaaS to the government with built-in accreditation. Game Warden is a DoD-compliant DevSecOps platform-as-a-service (PaaS) that accelerates software delivery onto DoD networks while supporting modern DevSecOps practices and adhering to stringent cybersecurity controls. Game Warden enables hosted applications to inherit an Authority to Operate (ATO) while running on the platform and meet the stringent requirements of higher impact levels, including Levels 4 and 5.

Understanding Impact Levels 4 and 5

Impact levels, as defined by the DoD, categorize information systems based on the potential impact that a breach could have on national security. Impact Levels 4 and 5 represent systems that handle classified information at the controlled unclassified level, with Impact Level 5 including information used for national security systems. Achieving compliance at these levels demands robust security measures and stringent controls to protect sensitive data.

GitLab: A comprehensive DevSecOps solution

Bringing the power of GitLab’s AI-powered DevSecOps platform to an accredited cloud environment like AWS GovCloud enables developers to leverage the benefits of the cloud and GitLab while working to continuously deliver capabilities for national security use cases.

Here are the GitLab features that benefit Impact Level 4 and 5 customers:

Code collaboration and management

  • GitLab Ultimate offers powerful version control features, enabling teams to collaboratively manage code repositories securely.
  • Merge requests, code reviews, and collaboration tools facilitate efficient development workflows while maintaining a focus on security.

Advanced security scanning

  • Security and compliance capabilities are built into GitLab Ultimate. With support for Impact Levels 4 and 5, organizations can leverage advanced security scanning tools to identify and remediate vulnerabilities early in the development process.
  • Organizations can identify vulnerabilities with a broad range of security tools such as static application security testing (SAST), dynamic application security testing (DAST), fuzz testing, API security, and dependency scanning.

Compliance and audit trails

  • Meeting the stringent compliance requirements of Impact Levels 4 and 5 is simplified with GitLab Ultimate.
  • The platform provides comprehensive audit trails and system-wide reporting to ensure transparency and accountability in the development process.

Container and Kubernetes orchestration

  • GitLab Ultimate supports secure container registries and Kubernetes integration, aligning with modern development practices.
  • GitLab Ultimate also supports infrastructure as code security scanning.

CI/CD pipelines with security gates

  • GitLab's continuous integration/continuous delivery (CI/CD) pipelines now include enhanced security gates, ensuring that only secure code is deployed into production environments.

AI-powered workflows

  • GitLab Duo Chat simplifies the software development journey by assisting in daily tasks such as code assistance and issue management.
  • Value Stream Forecasting predicts productivity metrics and identifies anomalies across the software development lifecycle.
  • AI can help developers remediate vulnerabilities more efficiently with GitLab Duo Vulnerability Summary.

Get started

GitLab Ultimate's availability in a managed cloud environment at Impact Levels 4 and 5 marks a significant milestone in the realm of secure software development on AWS GovCloud. Organizations can now benefit from a single, integrated DevSecOps platform that seamlessly combines collaboration, code management, and advanced security features in a managed and accredited cloud deployment of GitLab Ultimate.

As the software development landscape continues to evolve, GitLab's commitment to security and compliance positions it as a leader in empowering organizations to build and deploy software with confidence at the highest security levels.

To learn how you can get started with GitLab’s DevSecOps platform for your secure projects, contact us to set up a call and demo today.

Next up: Discover how to strengthen your cybersecurity posture with Secure by Design principles.

Key takeaways
  • GitLab and Second Front Systems teamed up to help orgs deliver solutions compliant with the U.S. Department of Defense Impact Levels 4 and 5.
  • Impact Level 4 and 5 customers benefit from GitLab's code collaboration and management, advanced security scanning, and more.
  • Organizations can leverage the DevSecOps platform in a managed and accredited cloud deployment of GitLab Ultimate.