Solution Review: Certify Once, Secure Always: Fast-Tracking Trusted Software to the Mission Edge
Tuesday, August 19, 2025: 11:00 AM - 11:20 AM
Speaker(s)
Description
Mission assurance in the modern digital Domain requires more than secure code; it demands automated trust, traceability, and speed in how software is delivered to the warfighter. As threats increase and systems become more complex, the Department of the Army needs scalable approaches to mitigate supply chain risk while accelerating capability delivery.
This session will explore how a “Certify Once, Use Many Times” strategy, anchored by SBOM automation, vulnerability intelligence, and SWFT integration, can dramatically streamline the secure acquisition and re-authorization of COTS software. Drawing on Sonatype’s experience supporting IL6 environments and DoD software factories, we will illustrate how a centralized SBOM registry, AI-enriched validation workflows, and policy-enforced governance can replace redundant manual reviews, shorten ATO cycles, and elevate trust across interconnected systems.
Attendees will walk away with a reference architecture for SBOM-driven supply chain security, a path to align with EO 14028 and NIST 800-218, and real-world insight into how DoD teams are deploying these practices today to protect the mission, without slowing it down.
Tracks: