src/assets/data/search-data.json

-[{"id":"/","path":" ","title":"Platform One","description":"Platform One allows users to deploy a DevSecOps Software Factory and start solving software problems with a 90% solution day 1, instead of starting from nothing.","content":"Platform One Platform One allows users to deploy a DevSecOps Software Factory and start solving software problems with a 90% solution day 1, instead of starting from nothing. Learn More Calling all Party Bus customers and potential Party Bus passengers Mark your calendars for the following dates. Party Bus will be hosting an \"Ask an Engineer\" Session the last Wednesday of each month through November. Upcoming Sessions October 26th November 30th Click here to join the session! What can Platform One do for you? Your browser does not support the video tag. Platform One (P1) is a modern cloud-era platform that provides valuable tooling, hosts CI/CD DevSecOps pipelines, and offers a secure Kubernetes platform for hosting microservices. Authorization to go live with your application can be achieved faster than ever by using Iron Bank hardened containers and P1 pipeline security tools. The resulting Certificate to Field (CtF) and Continuous Authority to Operate (cATO) provides developers the ability to push validated code into production on an ongoing basis. This results in shorter development cycles, less debugging, and more rapid feature development. Download DoD-wide approved containers or harden with Iron Bank Deploy your own software factory with Big Bang Get hands-on experience onboarding with Party Bus Provide access to development, testing, and production enclaves Stay secured with our Cybersecurity team processes Explore The Products How Our Teams Help Manages Software Factories for development teams so they can focus on building mission applications Decouples development teams from factory teams with DevSecOps and Site Reliability Engineer (SRE) expertise Helps instantiate DevSecOps CI/CD pipelines / software factories in days at various classification levels Builds and leverages the DoD hardened containers while avoiding one-size-fits-all architectures Fully complies with the DoD Enterprise DevSecOps Initiative (DSOP) with DoD-wide reciprocity Centralizes the container hardening of 300+ enterprise containers (databases, development tools, CI/CD tools, cybersecurity tools, etc.) Platform One and Kessel Run Joining forces Download the Memo Platform One, Kessel Run, We “Believe” Software Principles The USAF's Platform One and Kessel Run teams have been hard at work to converge our technology, services, and data to ensure rapid application portability across key software systems that support our warfighters. To do so, we believe it is important to document shared core beliefs that we are pursuing through collaboration of our limited pool of talented software personnel. These principles guide our collaboration, technology decisions, and engagement with industry. Platform One Awards 2020 DEFENSE ACQUISITION WORKFORCE AWARD WINNERS David Packard Excellence in Acquisition Award Software Innovation Team Award 2021 IMPROVEMENT AND INNOVATION AWARDS WINNERS Team of the Year Platform One WHO WE SERVE"},{"id":"/services","path":" services","title":"Platform One Services","content":"Home Services Platform One Services PLATFORM ONE ENTERPRISE SERVICES Platform One provides additional pay-per-use services and contract vehicles to facilitate teams' adoption and move to DevSecOps. The list of services will continuously evolve. CUSTOM DEVELOPMENT SERVICES Build and deliver new and accredited custom software applications (microservices) by leveraging the Platform One pipeline and following Platform One's DoD Continuous Authority to Operate (cATO) (pay per app) To learn more about these capabilities, please contact af.cso@us.af.mil with Subject: \"Platform One Custom Development Services Question\" CLOUD NATIVE ACCESS POINT (CNAP) The Cloud Native Acess Point is available on Cloud One to provide access to Development, Testing, and Production enclaves at IL-2, IL-4, and IL-5 that use Platform One DevSecOps environments by using an internet-facing Cloud-native Zero trust model To learn more about these capabilities, please contact af.cso@us.af.mil with Subject: \"Platform One CNAP Question\" PLATFORM ONE CONTINUOUS INTEGRATION CONTINUOUS DELIVERY (CI/CD) WITH INFRASTRUCTURE AS CODE (IaC) Teams can use existing CI/CD pipelines hosted on Repo One with their current Infrastructure as Code (IaC) code If a custom CI/CD pipeline is needed due to specific program mission needs, check out the Big Bang options To learn more about these capabilities, please contact af.cso@us.af.mil with Subject: \"Platform One CI/CD Options Question\" PLATFORM ONE DEVSECOPS MANAGED TOOLS Platform One Enterprise Chat provides a collaboration solutions suitable for connecting developer teams (pay per use): IL-4 (.mil email only) https://chat.il2.dso.mil Platform One All Domain Common Environment (see above, pay per use) Platform One Multi-Level Security Data Transfer (CDS/Diode) (pay per use) Platform One Stack Exchange: knowledge sharing service for software developers and engineers (pay per use) To learn more about these capabilities, please contact af.cso@us.af.mil with Subject: \"Platform One Managed Tools Question\" Cloud Native DNS Platform one deploys a CNCF-graduated authoritative DNS server to provide a highly available, secure central way to manage DNS for dso.mil. This solution centralized DNS management for the organization and allowed us to execute DNS updates in minutes vs. weeks (for IL5) Cloud-native, agnostic and elastic DNS capability with .MIL and non .MIL capabilities Fully managed by configuration as code and Git mergers Runs on Kubernetes using coreDNS Enterprise Collaboration Provides secure collaboration tools to enable those who advance the mission Mattermost - Communicate with your peers within the DoD anytime/anywhere Jira - Plan, track, and manage your projects Confluence - Create, collaborate and organize all of your work in one place PLATFORM ONE TRAINING AND ONBOARDING OPTIONS Check out the CSO DevSecOps / DAU training: DevSecOps Training Resources Virtual Platform One Learning Hub that provides self-service onboarding 1-day training Session: Introduction to DevSecOps. Overview and understanding of the vision and activities Onboarding options for Party Bus To learn more about these capabilities, please contact af.cso@us.af.mil with Subject: \"Platform One Training Question\" Identity Management/SSO/PKI Brings Single Sign On with various DoD PKI options and MFA options Brings Person Entity (PE) and Non Person Entity (NPE) x509 certificate based authentication Connects to existing AF, DoD and DIB PKI capabilities Provide secure and cloud native, agnostic and elastic capability Leverages VAULT capability and provides automated certificate generation, Kubernetes native and allows for automated certificate rotation Can be used for code signing, container signing and NPE/PE authentication Centralizes/Aggregates logs and pushes to CSSP and vSO"},{"id":"/resellers","path":" resellers","title":"Platform One Official Resellers","content":"Home Resellers Platform One Official Resellers Why A Platform One Reseller By leveraging this fast track, applications can be approved to work on government systems faster than ever. Partnering with a Reseller means rapid environment deployment and priority access to platform updates, new services, better security*, continuous feedback, education, and training and container hardening. Authorized Resellers are qualified service providers of the Department of Defense Enterprise DevSecOps Technology Stack. Use of Platform One Big Bang environments and Iron Bank Hardened containers enables more secure software operations, leading to continuous Authorization to Operate (cATO). *Platform One's technologies have been pen tested by the NSA, the US Air Force, and the US Navy. Request for P1 Services Connect With Our Resellers Booz Allen Booz Allen Hamilton, an innovator and pioneer in successful P1 capability implementations, brings credible experience in driving adoption of Agile DevSecOps, Software Factories, and P1 products and services in support of mission critical programs. Learn More BrainGu As P1 subject matter experts with experience in delivering Kubernetes-based DevSecOps platforms, BrainGu knows that the journey to transitioning from an existing legacy software solution to a Cloud-Native/DevSecOps solution can be difficult. We succeed in technology distribution because we respect the importance of the value that legacy technology brings. Learn More ECS ECS, ASGN's federal government segment, delivers advanced solutions in cloud, cybersecurity, data and artificial intelligence (AI), application and IT modernization, science, and engineering. Learn More Novetta Novetta, a part of Accenture Federal Services, brings nearly a decade of mission-focused, Agile-based DevSecOps experience to the most challenging National Security/DoD problems. Learn More Revacomm RevaComm is a Hawaii-based, minority-owned, 8(a)SDB who has been instrumental not only in building, maintaining, educating, and onboarding Platform One customers to Party Bus, but also in playing a vital role in P1's Big Bang deployment for Party Bus. Learn More Seed Innovations Seed Innovations, LLC (Seed) is a woman-owned small business specializing in P1's adoption. Seed has been involved in the development of Party Bus, Big Bang, and Container Hardening (Iron Bank) over the last two years. Learn More WHO WE SERVE"},{"id":"/resources","path":" resources","title":"P1 Resources","description":"Information at your fingertips: guides, documents, and external links to help spread valuable knowledge pertaining to Platform One and the DoD.","content":"Home Resources P1 Resources Information at your fingertips: guides, documents, and external links to help spread valuable knowledge pertaining to Platform One and the DoD. Platform One Iron Bank Big Bang Party Bus CNAP CYBER DISA Container Guide DCCSR Repository DevSecOps/DAU Training DevSecOps Reference Design Memorandum Distribution ASK ME ANYTHING RECORDINGS AND PRESENTATIONS Check out hot topics and presentation slides from previous AMA's currently available on software.af.mil Explore More SOFTWARE.AF.MIL devsecops training resources Self-learning videos for all levels covering Kubernetes to Service Mesh, literature recommendations, and more. Learn More POPULAR CONTENT All Content P1 E1 Inception Drew Belk Austen Bryan Rob Slaughter 26m 25sec P1 E2 the People Jeff McCoy Matt Houston 44m 09sec P1 E3 Organizing Value Erica Westendorf 50m 01sec HAVE MORE QUESTIONS ABOUT PLATFORM ONE? If you have P1 SSO access, click Get Answers to find most of your questions answered on the FAQ page. Click Contact Us for more specific inquiries. Get Answers Request P1 SSO Access Contact Us"},{"id":"/who-we-are","path":" who-we-are","title":"Who We Are","content":"Home Who We Are Who We Are We care about the pulse of our organization and use it to help continuously improve our processes! - Platform One Leadership VISION Accelerate the DoD's dominance by delivering innovative, trusted technologies today. MISSION Transform how the DoD delivers warfighter capability through innovative frameworks, collaborative culture, and secure software. VALUE STATEMENTS Our values were determined through a working session that was open-invite to the entire P1 team. The people defined what was important to them instead of having someone tell them what to value! EMPOWER Empower individuals and teams with the trust to be accountable and grow Platform One into an organization that drives change personally and professionally. OBSESS Obsessively know our customers and solve their challenges by delivering actual, functional solutions instead of arguing about requirements and process. Continue to improve the solution well into the future. VALUE We. Value. Diversity. We are committed to Diversity and Inclusion. Employees in our inclusive environments feel appreciated for their unique characteristics and therefore comfortable sharing their ideas and other aspects of their true and authentic selves. NOURISH Nourish a culture of open, safe, candid communication, and decision making at all levels. We accomplish this by a heightened sense of self-awareness and encourage people to know their own faults and continuously work to improve them. When engaged in conversation, seek to understand the other's point of view prior to attempting to change his or her opinions. CORE PRINCIPLES Scale Features aren't complete until they are tested, automated, documented, and with training modules. Mission Obsessed Obsessed over the code that will form the baseline for weapon systems across the DoD: ships, planes, tanks, and nukes. Everyone Codes What we do is code.  All of us... even if it is 3 hours a week using Youtube videos. No exceptions. Ownership Own every aspect of what you do, what you write, what you say, and what you use. Simple and Robust Make features as if 100,000 developers will use what you've developed. Continual Learning We always look to improve our baseline and our brains. Live in the trenches Success or failure is found in the details.  Don't ignore them because you don't have time to understand. No Egos We will never be the best at everything, so don't claim or try to be.  Be open-minded about what others can bring to the table. Invest in People The best investment you can make is in yourselves. The next best investment you can make is in the people next to you. We Serve We exist to help others succeed.  When they succeed, we succeed.  If you can help someone, do it. Shoot for the moon Be bold and strive to make monumental changes that sound so crazy people won't believe you... even after you've done it. Smart Decisions Encourage decisions to be made by the individuals with the most information.  If it's a technical decision, that means technical people, even if they are the lowest ranking. MEET THE LEADERSHIP TEAM Our leaders range in personality from the Pointy-haired boss from Dilbert to Bill Lumbergh from Office Space but, like, in a good way. They are instrumental in driving the vision for Platform One and our continued growth and improvement. They keep the mood nice and light-hearted while removing blockers and knocking down barriers for our teams. If you want to know why P1 is such a great place to work, learn about our leaders. LT COL BRIAN VIOLA Materiel Leader Lt Col Brian Viola is currently the Materiel Leader of Platform One, Air Force Lifecycle Management Center, Cryptologic & Cyber System Division, Cyber Systems Group. He attended Louisiana State University and commissioned through the Reserve Officer Training Corps. Most recently, Lt Col Viola served as the Commander for the 346th Test Squadron. DUONG HANG Deputy Materiel Leader Loves coders in uniform MAJOR CAMDON CADY Chief of Operations and Chief Technology Officer Expert waffle maker KEVIN TWIBELL Chief Information Security Officer Let’s stop talking about all the things we want to change and start doing it. PHILLIP \"CASPER\" RECORD  Phillip is..well...Phillip. Yeah, that about sums it up..."},{"id":"/products/party-bus/service-catalog","path":" products party-bus service-catalog","title":"Service Catalog","content":"Home The Party Bus Service Catalog Party Bus’ Service Catalog CI/CD cATO PIPELINE FLOW Take your idea and get it to production using our pipelines and Certificate-to-Field (CtF). Click on the tools icon to see what tools are supported for that phase and the +/- for a quick explanation for that specific stage. PUSH TO REPOSITORY A developer will make \nchanges to necessary code \nand achieve revision control. CONTINUOUS INTEGRATION (CI) CONTINUOUS DELIVERY (CD) CONTINUOUS DEPLOYMENT (CD) Compliance Check Docker File Lint Find Unauthorized Job TruffleHog Job Build Build Unit Tests Lint Unit Tests SCA Dependency Check Fortify Sonarqube Job Build Image Build Image Scan Image Twistlock Scan Anchore Deploy Staging Deploy Staging E2E Tests E2E Tests Pen Tests Release Release Job (Production Only) ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ Supported Tools The following tools are available in the MDO (Production/Application) Environment where the PB customers live. COLLABORATION TOOLS CONTAINERIZATION Docker Base Images OS Iron Bank Red Hat Security Anchore SD Elements OWASP Twistlock Single Sign On * Keycloak Service Mesh Istio *SSO integration within Party Bus is not permitted, teams must use our auth service and JWT process. BUILD Gradle Maven NPM UNIT TESTS Cypress.io Jest JUnit5 CONTINUOUS DELIVERY Persistent Storage PostgreSQL Minio MySQL GitLab Amazon S3 GitOps, IAC, CAC Kubernetes Amazon Web Services Argo Terraform CONTINUOUS INTEGRATION Build Image using Dockerfile pulling images from Iron Bank that are built on Universal Base Image. Static Code Analysis (SCA) language specific unit testing, linting tools, Sonarqube, OWASP Dependency Check, Trufflehog, Fortify, and Twistlock. CONTINUOUS DELIVERY Dynamic Application Securtiy Testing (DAST) using Twistlock, OWASP ZAP, and Cypress End-to-End Testing. Deploy to Staging and Production clusters using ArgoCD Auto App Deployments. WHAT DOES cATO ACTUALLY MEAN? We, Platform One, build a Continuous ATO from multiple ATOs covering the infrastructure, platform, and deployment process. The infrastructure and platform ATOs cover a majority of NIST 800-53 RMF controls. The DoD CIO and DAF CSO have released multiple guidance documents related to the cATO, click the button below for more information. DSOP Documents Once a team completes the Certificate to Field (valid for one year or until architecture is changed – major release) real-time deployments to production are enabled. The Certificate to Field (CtF) process uses SD Elements to answer the final NIST 800-53 RMF controls that are specific to the application. To be compliant with the DevSecOps Reference Design ( PDF ) and retain our ATOs, we pull approved images from Iron Bank . DevSecOps Reference Supported Environments Using CNCF Certified Kubernetes Distributions. (Rancher, Konvoy) ENVIRONMENT DEVELOPMENT ENVIRONMENT SUPPORTED (DSOP) PRODUCTION (DEVELOPMENT) SUPPORTED (MISSION DEVOPS = MDO) IL2 (On Cloud One) IL4 (On Cloud One) IL5 (On Cloud One) S (ODIN IL6)* DevSecOps Pipelines are available at IL6, cATO/CTF would need to be discussed with ODIN PM TS/SCI (ODIN JWICS)* DevSecOps Pipelines are available on JWICS, cATO/CTF would need to be discussed with ODIN PM * PlatformOne and ODIN Programs are working a formal MoA (Agreement) to leverage each other's environments and services. More ODIN Info Available Feature Types What is available for your development/collaboration environment and in the MDO (Production/Application) Environment ***Supported technologies between the hours of 0800 CST-1800 CST M-F only. These environments are available for use 24X7, but support is not guaranteed outside of these hours. Platform One reserves the right to discontinue support to current services in interest of security and maintaining our cATO. Platform Services Foundational PaaS available to every application team. Services are not available for individual teams to configure. See Party Bus Tech Stack for more info. DSOP - this is what is available for your development/collaboration environment. PB maintains complete control over these capabilities. These features are not available for PB customer teams to configure, manage, or change. Application Teams will be given access to certain tools only. Anything beyond the cATO requirements is a roadmap item. See Party Bus Tech Stack for more info. PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity All of Big Bang Core Big Bang Addons (except Nexus) Supported Fortify Confluence Jira Big Bang 3rd Party Community Supported: mysql postgres See the Party Bus Tech Stack / PaaS / Release Notes (coming soon) Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team None Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced Big Bang Add-ons: Nexus, Anchore Not Supported (IB rejected or Vendor lock-in) None Pipeline Tools See MDO Guidance for more information PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity Gitlab Premium Fortify Sonarqube Twistlock Trufflehog OWASP Dependency Check OWASP Zap ArgoCD SDElements Launchboard (Beta) Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team None Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced Big Bang Add-ons: Nexus, Anchore Not Supported (IB rejected or Vendor lock-in) None Backup PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity Velero Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced Not Supported (IB rejected or Vendor lock-in) Padawan The Padawan static sites solution aims to help developers quickly deploy static site content. See Padawan Docs for more info. This p1.dso.mil site that you're looking at right now is built/deployed/hosted on Party Bus Padawan! PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity Deployment Sites IL2 IL4 Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team Supported Package Types Vanilla npm mkdocs hugo jekyll Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced None at this time Not Supported (IB rejected or Vendor lock-in) None at this time This is what is available in the MDO (Production/Application) Environment. This is where the PB customers live. Persistent Storage Solutions** PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity Amazon RDS (multi-tenant only) Aurora PostgresSQL MySQL MinIO (Native Object Storage) Communicate with S3 through MinIO - No direct link to S3 Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team Any Iron Bank image - to be used at customer risk, no Party Bus support is provided. Proven Iron Bank approved customer integrations in their own BB environment. Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced FileServer (CDN) Not Supported (IB rejected or Vendor lock-in) Any and all provided cloud services (Lambda, S3 etc) Languages PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity NPM based TypeScript / JavaScript Angular React Node.js Vue Java (Maven or Gradle build engine) Python (built in python commands) Golang (built in go commands) .NET-Core (built in .NET-Core commands) C# with .NET 3/5 Framework beta C++ - beta (Toolset: gcc, g++ v.10, cmake, conan) Ruby (bundler only, other Ruby package managers are not supported) PHP (Composer only, other PHP package managers are not supported) See Pipeline Templates Repository Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced Not Supported (IB rejected or Vendor lock-in) Rust (Fortify / Sonarqube cannot scan) Supported Message Queues PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity Kafka Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team Any Iron Bank image - to be used at customer risk, no Party Bus support is guaranteed unless using the Party Bus Kafka Managed Service. RabbitMQ is a message queue option that customers have successfully self-managed. * While there is an IB image for RabbitMQ, there is No High Availability option and egress or ingress connections are NOT allowed.* Proven IB approved customer integrations in their own Big Bang environment. Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced None at this time Not Supported (IB rejected or Vendor lock-in) Any and all provided cloud services unless otherwise specified (SNS/SQS) Nifi - approved in IB, but due to authentication and installation issues, customers will not be able to install and use Nifi in the Party Bus environments. Email Services PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity None at this time Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team None at this time Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced Testing email options - release date TBD Not Supported (IB rejected or Vendor lock-in) PB explicitly does not allow emails Web Servers PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity Other Containerized Web Servers that are Iron Bank approved (e.g. NGINX, Tomcat, .php Apache) Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team Any Iron Bank image - to be used at customer risk, no Party Bus support is guaranteed. Proven Iron Bank approved customer integrations in their own Big Bang environment. Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced None at this time Not Supported (IB rejected or Vendor lock-in) Any and all provided cloud services **Data distribution is subject to the data owner permissions. P1 does not offer a data platform for distribution. It is up to the Application to handle this data appropriately (JWT token). P1 does not offer any data cleaning, remediation, data spill etc. This is up to the application team. Direct Database access is not permitted. Ingress is only allowed on 443. All containers must come through Iron Bank. See the Iron Bank onboarding found here . UNSUPPORTED RDS/STORAGE All the below are 'use at your own risk' . This means the Product Team is responsible for backups and any data loss. MongoDb Please reference the Unsupported Database Guidance UNSUPPORTED LANGUAGES Rust UNSUPPORTED GENERAL Multi language project (One language per project is allowed) TECHNICAL FIT Platform One expects a technical diagram and a dockerfile be provided at the technical fit meeting. The Party Bus anchors can assist in the creation of the technical diagram and dockerfile. Below are examples. Technical Diagram Example Dockerfiles ARE YOU A TECH FIT FOR PARTY BUS? Let's get started! Submit one form for each mission application. Tech Fit Form"},{"id":"/products/party-bus","path":" products party-bus","title":"The Party Bus","description":"The environment and services you need to develop and deploy your software application","content":"Home The Party Bus The Party Bus The environment and services you need to develop and deploy your software application Why Party Bus? PARTY BUS IS A cATO ENABLED DEVSECOPS SERVICE For government software programs who need rapid development of approved, working mission applications to warfighter. We provide a non-vendor locked, CNCF kubernetes based platform. We provide a secure, multi-tenant, and multi-classification environment with Staging and Production capabilities. We stand out by allowing our customers to field applications with cATO'd templatized pipelines Onboarding onto Party Bus Leverage a Multi Tenant DevSecOps environment with our environment and services Service Catalog The cost of each program office standing up their own DevSecOps environment can be saved by using Party Bus. Check out the service catalog to see what is included when you are a Party Bus customer. View Our Services What You'll Learn in our workshops Get hands-on experience and training with our rapid workshop to stand up a hello world pipeline with a templated app through Party Bus. Agile & UCD Methodologies Paired Programming Test-Driven Development Certificate to Field (CtF) Explore Onboarding Process Party Bus Process We Move Fast, And We Move Smart The Party Bus team will be measuring twice and cutting once. We believe the sooner we can get you squared away on our level of standards (which is high, why else would we invite you to join our elite team of products and services), the sooner you can serve the users and warfighters within DoD that need your product or solution yesterday. Have More Questions About Party Bus? Click Get Answers to find most of your questions answered on the FAQ page. Click Contact us for more specific inquiries. Get Answers Contact Us Ask an Engineer      1 / 1   "},{"id":"/products/party-bus/onboarding","path":" products party-bus onboarding","title":"Party Bus Onboarding","content":"Home The Party Bus Onboarding Party Bus Onboarding Process Overview Intake Request Our Customer Success Team gains an understanding of your application Conduct Technical Fit Collaborate with Mission DevOps Engineers in a Technical Fit Session Pricing Quote Customer Success and Acquisitions teams to finalize your pricing quote Party Bus Workshop Learn the Party Bus way to onboard, provision, and procure pipelines and environment for your application and continuously deliver Steps to Party Bus Success 01. INTAKE REQUEST Step One Resources: • Intake/Contact P1 Request • Party Bus Service Catalog • Intake Questions What is Party Bus? Party Bus is a Multi-tenant continuous ATO'd, declarative and opinionated environment. This means our team of engineers provision and configure pipelines for your team so you can focus on your software. Ensure Party Bus is the right fit for you and your team by reviewing our service catalog prior to a Tech fit session with one of our experts. During Intake our Customer Success Team will collaborate with you to provide all the essential information about the Party Bus, your application, and review the Party Bus Service Catalog. What do we need from you? Team Technical lead, Government POC, and development team members info. Architecture diagram listing application containers, tech stack, APIs, DBs, frameworks and other dependancies. Docker containers (needed before pipelines are built) 02. TECHNICAL FIT Step Two Resources: • Party Bus Service Catalog • Docker File Examples What is the Tech Fit? Our team will contact you to schedule a Technical Fit with our PB Engineers. Together we'll review your tech stack, current architectural set-up, dependencies and usage requirements. This step ensures a true fit for your application and provides the best Party Bus experience. What do we need from you? Review technical elements that are supported in the Party Bus Service Catalog resource. During the techincal fit: You'll step us through your technical and architectural overview of your application. Bring Docker Files and prepare questions to ask Party Bus Anchors. Getting an understanding of your application allows us to get a perspective into the current state of the application, so we can suggest and adapt it for future state success. The PB Anchors will determine the application is a good fit. If it is approved, then you'll move on to the Pricing Quote Phase. If your application is not accepted, then a team member will communicate what adjustments are necessary to refactor your application, or outline why Party Bus may not be ideal for your application. 03. PRICING QUOTE Step Three Resources: • Party Bus Service Catalog Congratulations! The app is a good fit! After the tech fit is complete, your Party Bus requirements are evaluated by our Customer Success and Acquisitions teams to finalize your pricing quote. You will be assigned a Business Account Manager when your quote is complete. This individual will guide you through the steps to complete the contracting and payment processes. 04. ACCESS & PARTY BUS WORKSHOP Step Four Resources: • P1 SSO Self-Registration • 2875 Documents and Instructions • Party Bus Service Catalog You're on the Party Bus! At this point, you're officially part of the Party Bus. Your project has been funded. Our team will provide access to the following tools: Gitlab; Mattermost; Jira; Confluence; Pipeline tools. Don't have access to your team's tools and pipelines? Email our team. Next, sign up for the required 3-Day Party Bus Onboarding Workshop: Product teams and developers attend a 3-day session Product Managers attend a 1-day session You may need to associate your Platform One account with your CAC to access Party Bus Tools and Pipelines. Fill out paperwork if you don't have a CAC to associate with your account. See resources above. Need Assistance? Get in touch with us Contact us Or get in touch with a Platform One Contact or our Party Bus Onboarding Contact"},{"id":"/products/big-bang/onboarding","path":" products big-bang onboarding","title":"Big Bang Onboarding","content":"Home Big Bang Big Bang Onboarding Big Bang Onboarding CUSTOMER ON-BOARDING GUIDES 1 DAY WORKSHOP An introduction to learn about Big Bang products and associated technologies. 9/07/21 9/21/21 10/05/21 10/19/21 1-Week Engineer Cohort After attending a workshop experience a deep dive into the Big Bang Deployment with hands on labs. 9/28/21 10/12/21 WORKSHOP AND ENGINEER COHORT OVERVIEW BIG BANG WORKSHOP WHO SHOULD COME? Engineers & Developers interested in learning more about the Big Bang tech stack and how it can help you kick-start a software factory. View Workshop Prerequisites TOPICS COVERED Platform One & Big Bang Introduction The Core Big Bang Stack Kubernetes Basics The Big Bang model of GitOps Monitoring and Logging Capabilities Istio & Kubernetes Networking Additional Big Bang Services & Apps HOW TO REGISTER Please click the link below and enter the following password to register: BigBangWorkshop Register for a Workshop Big Bang Engineer Cohort WHO SHOULD COME? SRE/Operations Engineers interested in deploying a Big Bang Cluster into their own environment. Below is an overview of topics we cover during the course. View Engineer Cohort Prerequisites Day 1: Overview of Platform One Big Bang Lab Access Kubernetes Refresher Day 2: Secrets Management Git Repo Setup Deployment of Big Bang Day 3: Security Tools Extending Big Bang Day 4: Take Home Lab HAVE QUESTIONS ABOUT ONBOARDING SESSIONS? Get Answers Contact Us"},{"id":"/products/big-bang","path":" products big-bang","title":"Big Bang","description":"Big Bang is a DevSecOps platform built from DoD hardened and approved packages deployed in a customer owned Kubernetes cluster.","content":"Home Big Bang Big Bang Big Bang is a DevSecOps platform built from DoD hardened and approved packages deployed in a customer owned Kubernetes cluster. Big Bang Technical Oversight Committee Empowering you to create custom environments for your mission Big Bang will help you build a custom software factory for your specific mission needs to enable faster development and deployment of your mission applications. The Big Bang Advantage AVOID VENDOR LOCK Big Bang is Kubernetes distro-agnostic, meaning you can pick between Upstream, Rancher, Konvoy, Tanzu Kubernetes Grid, or OpenShift Container Partner. FASTER ATO VIA RECIPROCITY Our Platform is accredited DOD wide and we can work AO to AO to ensure reciprocity. WIDE RANGE OF TOOL CHOICES We offer multiple tools at each stage of CI/CD pipeline. The tool choices can be customized to your preference and to the programming language of your choice. Big Bang Resources Getting Started Our Platform is accredited DOD wide and we can work AO to AO to ensure reciprocity. Quick Start Guide Product Release Notes Check out the latest Release Notes. Release Notes Open Source Contributions We are hard at work building an open-source platform but we need your help. Get Involved! Licensing Expectations Our core platform is open source with extensible enterprise-level capabilities. Please read our report on licensing expectations Licensing Info Resellers THE BIG BANG STAGES Stage 1 - We create your DevSecOps (DSOP) Software Factory. We set this up for you. Stage 2 - You use the DevSecOps (DSOP) Software Factory to build and deploy your mission applications. You run these pipelines to build and deploy mission applications any number of times. We move fast, and we move smart. The Big Bang team will deploy a Software Factory with tools that are built for your specific mission needs. We believe the sooner we can get you squared away on our level of automation and security standards (which is high, why else would we invite you to join our elite team of products and services), the sooner you can serve the users and warfighters within DoD that need your product or solution yesterday. Ready to Procure Big Bang Services? Contact us      1 / 3   "},{"id":"/products/iron-bank","path":" products iron-bank","title":"Iron Bank","description":"Iron Bank is Platform One's authorized, hardened container repository—supporting the building blocks necessary for modern software delivery.","content":"Home Iron Bank Iron Bank Iron Bank is Platform One's authorized, hardened container repository—supporting the building blocks necessary for modern software delivery. Visit the Iron Bank Repository Announcement! Iron Bank is happy to announce the initial release of the Acceptance Baseline Criteria (ABCs) and Overall Risk Assessment (ORA) for Iron Bank containers. For additional information regarding this announcement, including links to the existing ABC and ORA documents, please see our README on Repo One. ABC/ORA Documentation Why Iron Bank? Automates, secures, and accelerates the approval process of commercial and open source containers to be used within the DoD with DoD-wide reciprocity Brings accredited software to the DoD using processes and procedures that are faster and more efficient than other methods Maintains continuously updated containers so that developers have access to the latest tools Provides a toolbox of commonly used and secured capabilities for mission apps Provides end-to-end management of container justifications for known vulnerabilities and container approval process via Vulnerability Assessment Tool (VAT) Assists vendors with the hardening process of containers Provides continuous monitoring of all hardened images The Iron Bank website displays all hardened applications, along with their relevant details Repo One is the central repository for the source code to create hardened and evaluated containers for the DoD How Do We Do It? Iron Bank works with the open source community and commercial vendors to centralize hardened versions of their applications, which are then easily accessible to the entire DoD. This enables the defense community to deploy their secure applications from Iron Bank at an unprecedented speed. Registry One Process Highlights The Iron Bank approval process centralizes and standardizes application hardening throughout the DoD. This information is stored in Repo One. Every 24 hours applications are built and scanned again for findings Applications are continuously updated to the latest version Body of evidence that is public facing and readily available for use DISA STIGs, CIS benchmarks, and best practices applied Explore Iron Bank Repo One Onboarding Interested in submitting a container to be hardened and published on Iron Bank and Registry One? Check out the Contributor Onboarding Guide and see how to successfully scan and harden your container(s) through the DevSecOps Platform. Onboarding Guide Onboarding Checklist How to justify/address CVEs Your browser does not support the video tag. Onboarding Process Want to learn more about Iron Bank Onboarding Process? Watch this video to learn about the processes involved throughout the various stages of the hardening process. You can refer to the Onboarding Presentation below for reference during the video. Onboarding Presentation How Do I Contribute Containers to Iron Bank to be Hardened? Before contributing application containers, you should first make sure the application you are contributing is not already in the Iron Bank. If the application/container image does not exist, requests can be made with the Iron Bank Onboarding team for accreditation. Please complete the Iron Bank Onboarding Request . Iron Bank Onboarding Request Internal Hardening Request Iron Bank OnBoarding Sessions Every Wednesday at 1530-1630 EST We will be giving an overview of the Iron Bank process, and how to get an application through for the first 30 minutes and then we will be answering your questions. By the end of this meeting, you should know the next steps for you to take and where to find all the necessary documentation. Register in advance for the meeting at the link below. After registering, you will receive a confirmation email containing information about joining the meeting. Register Now Iron Bank Get Unstuck/AMA Working Sessions Every Wednesday at 1630-1730 EST Need some help with your containers getting through Iron Bank? Have questions on where things are at? Are you feeling stuck and want to figure out next steps? This is the meeting for you! Come meet with the Iron Bank leadership and engineers to get answers to your questions. Register in advance for the meeting at the link below. After registering, you will receive a confirmation email containing information about joining the meeting. Register Now Iron Bank Diagram DO YOU HAVE FEEDBACK FOR IRON BANK? We are always looking to improve our processes to meet our vendor's needs. Leave Feedback Pulling Hardened Containers From Registry One The below diagram outlines how to manually pull containers from Registry One. Iron Bank offers service accounts to automate the pulling process. Launch Registry One 1. Click \"ironbank\" located under Project Name 2. Click \"Repositories\" in the top menu bar 3. Find an image to pull and click into the image 4. Click the stacked document icon under \"Pull Command\" to copy the pull command to your clipboard 5. Use the copied command in your terminal window Pulling Containers How Do I Use A Hardened Container at a Multi-Security Level? Applications are typically approved at multiple Impact Levels (IL). Each organization is welcome to accept reciprocity with our approvals, but may choose to do additional assessments such as an Intelligence Review. We are working on automatically transferring images from lower classification levels to higher classifications for immediate use. The Iron Bank Pipeline Every container must pass each phase of the Iron Bank pipeline to be available on Iron Bank and Registry One. Passing these six phases results in a container being signed and accredited. Learn More Initialization Collect resources needed for container build such as yaml files, Dockerfiles, and README files. Antivirus Scan Perform antivirus and malware scanning to make sure there is no malicious code brought into the container. Build Build container based on Dockerfile. This is completed in an isolated environment network access. Scanning Perform three scans on container using Anchore, OpenSCAP, and Prisma Cloud to check to see if there are any CVE findings. Check CVEs Check to make sure there are no new CVE findings. If there are new findings, new justifications can be provided. Publish Container is signed and published to Ironbank Front End and Registry One for consumption. Iron Bank Pipeline FEEDBACK FOR OUR ONBOARDING ON ANYTHING ELSE? Onboarding Feedback AMA Feedback Have More Questions? Check out our FAQ page. FAQ      1 / 3   "},{"id":"/products/iron-bank/getting-started","path":" products iron-bank getting-started","title":"Getting Started With Iron Bank","content":"Home Iron Bank Getting Started Getting Started With Iron Bank STEP ONE: IMPORTANT FIRST STEPS 1 2 3 4 STEP ONE: IMPORTANT FIRST STEPS STEP TWO: IRON BANK TERMS STEP THREE: TECHNICAL QUESTIONS STEP FOUR: ONBOARDING QUESTIONS Important first steps Before moving on to the next section please make sure you have completed the following Please reference this guide for what you need to do to be ready for Iron Bank. The Iron Bank Onboarding Sessions are held every Wednesday from 1530-1630EST. You can register for an onboarding session in advance here . Although not required, you can join the AMA session to answer any questions you might have. These sessions are held every Wednesday from 1630-1730EST. You can also register for this session in advance by clicking here . Note: After registering for either meeting, you will receive a confirmation email containing information about joining the meeting. I have attended an onboarding session or have reviewed the virtual materials. * Read the above paragraph for more information. We highly recommend attending the onboarding session prior to submitting a container hardening request. Yes No Other: Next Have More Questions? Check out our FAQ page. FAQ"},{"id":"/products/cnap","path":" products cnap","title":"Cloud Native Access Point","description":"CNAP is available on AWS GovCloud to provide access to development, testing, and production enclaves at IL-2, IL-4, and IL-5","content":"Home CNAP Cloud Native Access Point CNAP is available on AWS GovCloud to provide access to development, testing, and production enclaves at IL-2, IL-4, and IL-5 The future is zero trust What is CNAP The Cloud Native Access Portal is a Secure Access Service Edge (SASE) cloud-based enterprise security framework with a Zero Trust Architecture core providing eased access to AWS GovCloud resources (IL 2/4/5) for the DoD from both on and off NIPR. Device compliance Network devices are not to be trusted by default, rather each connected device is checked for identity and integrity then aligned against a managed set of policies (or access denied outright) before allowing encrypted access to intended mission applications. Software Defined Perimeter A Software Defined Perimeter (SDP) is based on a need-to-know model, in which device posture and identity are verified before access to application infrastructure is granted effectively leaving application infrastructure undetectable. How Do we do it? A CNAP is an off-NIPR Cloud Access Point (CAP) alternative that provides modernized cybersecurity capabilities based on the DoD Zero Trust Reference Architecture (ZTRA). It is an access point for person entities (PE) and non-person entities (NPE) to DoD resources in a commercial cloud environment from the internet (i.e., non-DODIN). Cyber Security Documentation collaboration across dod landscape Enabling DoD telework and remote access to AWS GovCloud environments through a device-based zero trust approach to access. Bring your DoD contractors into your environment from off-site. Access to your AWS GovCloud (IL 2/4/5) environment from commercial internet. Removes the need for additional VPNs, NIPRNet routing, and DISA CAP. Future proofed zero trust in accordance with EO 14028 Explore CNAP Register to Start Journey Trust Nothing / Verify Everything Zero Trust (ZT) is a cybersecurity strategy and framework that embeds security throughout the architecture to prevent malicious personas from accessing our most critical assets. Device compliance and network micro segmentation through AppGate Client Palo Alto Firewall provides Border Protection, perimeter firewall, IDS, WAF Keycloak provides DoD approved PKI / MFA and SSO Logging stack (EFK) for centralized logging and aggregation Zero Trust capabilities address (End-User Focused) A data-centric security model eliminates the idea of trusted or untrusted networks, devices, personas, or processes and shifts to multi-attribute-based confidence levels that enable authentication and authorization policies under the concept of least privileged access. Modernizing Federal Government Cybersecurity Aligned with Dod reference design The Federal Government must adopt security best practices, advance toward Zero Trust Architecture, accelerate movement to secure cloud services, centralize and streamline access to cybersecurity data to drive analytics for identifying and managing cybersecurity risks, and invest in both technology and personnel to match these modernization goals. To facilitate this approach, the migration to cloud technology shall adopt Zero Trust Architecture, as practicable. Executive Order 14208 OMB M-22-09 Memo CNAP Offerings P1 CNAP Specifically for Platform One customers providing a secure authenticaion and authorization platform to access DoD resources. Learn Now CNAP As a Service CNAP for customers with their own AWS GovCloud environment interested in a Zero Trust Architecture secure access capability. Learn Now Zero Trust gateway (ZTAP) Currently in development, based off of CNAP architecture. On premise deployed and managed instances of ZTA capability to expand edge coverage and unique use cases. Learn Now ONBOARDING INTO CNAP Platform One provides extensive options for product teams wanting to onboard into the CNAP. Customer Engagement Team Work with the Customer Service Team at Platform One to understand and identify the service offering to best support your future needs. Here, a technical fit and cost review align your needs with the right solution. Interconnection Security agreement Work with security and networking to understand and align towards a reduced attack surface. appgate coordination Aligning organizational firewall policies and device management compliance. ato / iatt support In true agile fashion, take lessons learned and continue development of your application leveraging a continuous delivery model. Have more questions about CNAP? Click FAQ to find answers to common questions. Click Contact Us for more specific inquiries. FAQ CONTACT US"},{"id":"/products/cybersecurity","path":" products cybersecurity","title":"CyberSecurity","description":"Platform One provides integrated cyber testing, monitoring, and event management for the infrastructure, platform, all enterprise services, and customer applications.","content":"Home CyberSecurity PROVIDING OPTIMUM CyberSecurity Platform One provides integrated cyber testing, monitoring, and event management for the infrastructure, platform, all enterprise services, and customer applications. ABILITY TO FIGHT AND WIN IS SOFTWARE DEPENDENT DEPENDENCIES The capabilities of weapons systems and other critical systems are defined by the speed of software development and deployment CHALLENGES The legacy approach to software development is a leading source of risk to DoD: it takes too long, is too expensive, and exposes warfighters to unacceptable risk INNOVATIONS Modernize DoD software development to become safer, more automated and test driven by fundamentally changing the skillsets, processes, and platforms. PROGRAMS CAN SAVE WITH PLATFORM ONE The Continuous Authorization approach saves program teams months of approval process time along with millions of dollars 18 MONTHS PMOs/PEOs save per Program $12.5 MILLION Saved per 5 years of Program Planned time 100 YEARS Planned Program Time saved over 30+ Programs in P1’s first year Learn More TRADITIONAL AUTHORIZATION APPROACH Authorize System System Development and Testing Authorize System Security Controls Authorize System Operate System INDUSTRY AVERAGE PERFORMANCE* (Traditional Development Approach) Deployment Frequency: 30-180 days Lead Time for Changes: 30-180 days Time to Restore Service: 7-30 days Change Failure Rate: 46-60% CONTINUOUS AUTHORIZATION APPROACH Authorize Platform, Process, Team Authorize the Platform Authorize the DevSecOps Process Authorize the Team Teams that run the Platform Teams that Create, Build, Secure and Operate the Software Product cATO PERFORMANCE TARGETS* (Industry Elite DevSecOps Performance) Deployment Frequency: Multiple/day Lead Time for Changes: Less than 1 day Time to Restore Service: Less than 1 hour Change Failure Rate: 0-15% *DORA Accelerate State of DevOps Report DEVSECOPS LIFECYCLE FOR CtF AND cATO PROCESSES Click on the links below for an in-depth look into CtF requirements and cATO details SECURITY CONTROL GATE Certificate to Field (CtF) from Platform One is required to move your product into production within the Continuous Authority to Operate (cATO) framework. CtF Requirements The cATO accredits the process , the people, and the culture that will continuously allow the delivery of applications through the rapid-delivery model and maintain the security required by the DoD. cATO Process Have more questions about platform one? Click Get Answers to find most of your questions answered on the FAQ page. Click Contact Us for more specific inquiries. FAQ CONTACT US"},{"id":"/products/cybersecurity/dsopTimeline","path":" products cybersecurity dsopTimeline","title":"DevSecOps","content":"RAPIDLY DELIVERING SOFTWARE INFLUENCES THE ABILITY TO FIGHT AND WIN Traditionally, the legacy process has taken years and millions of invested dollars for applications to get deployed. Although vetted through the proper risk assessment and security processes, by the time an application is completed, security measures have been updated and accreditation becomes outdated. With Platform One, you will see exponential savings of time and money using the DevSecOps / Agile method, while still focusing on cybersecurity. Traditional Legacy Process Timeline of how long a mission application would take going from acquisition to deployment THE CAPABILITIES OF WEAPONS SYSTEMS AND OTHER CRITICAL SYSTEMS ARE DEFINED BY THE QUICKNESS OF SOFTWARE DEVELOPMENT AND DEPLOYMENT THE BENEFITS OF THE DEVSECOPS / AGILE PROCESS Agile processes focus on interative development cycles in which feedback is continuously reintegrated, while DevSecOps methodologies emphasize security at the earliest stages of development A Continuous cycle of research, development, testing, and security Cyber Scanning - 1 Software Assurance - 2 Testing - 3 Accreditation - 4 DevSecOps & Agile Savings"},{"id":"/products/cybersecurity/ctf","path":" products cybersecurity ctf","title":"Certificate to Field","description":"The CtF is the application-level accreditation that allows your application to run in a specific environment within the DoD.","content":"Home CyberSecurity CTF Certificate to Field The CtF is the application-level accreditation that allows your application to run in a specific environment within the DoD. WHAT IS THE CERTIFICATE TO FIELD (C t F)? WHO NEEDS A C t F A CtF must be issued for all applications developed within Platform One to allow them to operate in a production environment at the specified Impact Level (IL) or classification within the DoD. DATA USAGE A CtF must also be issued for any application that uses production data regardless of environment (Test/Staging/Production), IL, or Classification. C t F EXPIRATION Once a CtF is issued, it is good for one year from the date of issuance, unless the product moves to the next major version or implements an architectural change that would require modification of the controls being assessed. THREE MAIN PARTS TO RECEIVING A MISSION APPLICATION C t F ACCREDITATION PASSING the PIPELINE Platform One will create and deploy a CI/CD pipeline to your repository comprised of a full suite of industry standard testing tools. This pipeline will make sure that your application code is secured and ready to be deployed to the DoD. You will be able to see a visual representation of your pipeline on GitLab - the CI/CD section allows you to view each stage and its status (green check marks for passing, red Xs for failures). You can also view the output of each stage. When the time comes for CtF approval, the security team will review the pipeline and each individual stage to make sure that you have properly passed each stage without errors or warnings. hardened docker images Platform One provides an entire suite of hardened images available to teams through Iron Bank. Hardened images are stripped-down versions of Docker images approved to be used within the DoD. Hardened Docker images ensure the application you deploy into the Platform One Kubernetes clusters follows all security checks. Failure to do so results in the image-checking stage failing in the pipeline. Explore Iron Bank SDElements SDElements is a security questionnaire based on multiple NIST standards that ensures your application follows best security practices. The questionnaire is comprised of questions about your application's tech stack, how it connects, how it sends data, etc. There is 1 questionnaire per application service (UI, API, any other service your application runs). SDElements will generate 50+ questions that your team will need to answer to address and explain how your application tackles industry standard practices. High-level C t F Steps The CtF process is comprised of three main phases and ends with a CtF meeting 1. ONBOARDING Start your CtF journey and have your first engagement with the cybersecurity team. The cybersecurity team will provision all the required tools for CtF and explain each element to you so you understand what is required. The goal is to ensure there are no major roadblocks or hiccups down the road. 2. WORK During this phase, you will work on your applications. You will leverage the tools provisioned in the cybersecurity onboarding process to ensure you meet the intent of the CtF while designing and developing your application's Minimal Viable Product (MVP). 3. Assessment Once you complete your MVP and all the items in your CtF checklist (more on this soon), the cybersecurity team will start their assessment of your application and its services. Expect some back-and-forth during this phase to address incomplete or vague items, or those that do not meet the intent of the control. 4. C t F MEETING After the assessment is complete, your team will participate in the CtF meeting. The meeting includes all stakeholders and consists of a review of your application, its architecture, and the controls. The Platform One Chief Information Security Officer will then make the CtF issuance determination for the application. Learn More Have more questions about platform one? Click Get Answers to find most of your questions answered on the FAQ page. Click Contact Us for more specific inquiries. FAQ CONTACT US"},{"id":"/products/cybersecurity/cato","path":" products cybersecurity cato","title":"cATO = CONTINUOUS AUTHORIZATION","description":"Continuous Authority to Operate (cATO) allows rapid delivery to the DoD","content":"Home CyberSecurity cATO cATO = CONTINUOUS AUTHORIZATION Continuous Authority to Operate (cATO) allows rapid delivery to the DoD WHAT IS CONTINUOUS AUTHORITY TO OPERATE (cATO)? TRUST Trust is established through assessments and authorizations of the process, the team, and the platform for managing the cyber risk of an application coming out of a software factory. RISK DETERMINATION Application change risks are mitigated by the use of DevSecOps control gate pass/fail rules and security automation findings and analysis. SECURE Idempotence and immutability provide for consistent, repeatable, and secure application support infrastructure and near real-time visualization of the security posture. COMPONENTS TO cATO FOCUS ON THE MISSION cATO places the focus on the mission software rather than the platform. Platform One was created so that DoD teams could focus primarily on their mission applications, rather than having to develop a platform and software factories. FEEDBACK & MONITORING cATO replaces the traditional linear authorization process and works in a continuous process. Security requirements are met due to continuous monitoring and always stay in compliance. DEVSECOPS DevSecOps (Development Security Operations) provides one of the main benefits of cATO. Automatically injected sidecar containers provide risk reduction alongside Kubernetes. Infrastructure as Code (IaC), continuous intregration, continuous deployment, and security throughout provides insight on risks. MVP'S STREAMLINE DEVELOPMENT cATO saves time in later development cycle, as risk and errors are continously reduced during deployment activities. cATO METHOD cATO PROCESS The Continuous Authorization approach provides authorization of platform(s), processes and teams. The platform (including development, test, pre-production, and production environments) is assessed and authorized using Risk Management Framework (RMF) processes. The platform incorporates continuous monitoring with behavior modification/zero trust enforcement and integrated Tier 2 CSSP support. The cATO process is adaptable to differences in component/change risk, urgent mission needs, and the AO's risk tolerance. cATO moves from compliance-driven risk management to data-driven risk management. Authorizing the team allows review of the program office personnel experience, clearances, skills, and certification requirements. Critical team members are interviewed to assess their knowledge of the program office's DevSecOps continuous authorization process and their understanding of the AO's risk tolerance. Integrated training workshops and tabletop excercises are held to ensure that individual teams work collaboratively within the continuous authorization process. Ongoing team performance is monitored against the outcome metrics established for the program. HAVE MORE QUESTIONS ABOUT PLATFORM ONE? Click Get Answers to find most of your questions answered on the FAQ page. Click Contact Us for more specific inquiries. Get Answers CONTACT US"},{"id":"/residency","path":" residency","title":"Residency","description":"Are you ready to take the leap? Consider joining Platform One and the DevSecOps Initiative in the experience of a lifetime by joining us for a 6-month remote Residency. Here’s your chance to learn a skill, hone a talent, experience a different culture and put your fingerprints on the transformation of DoD in one of the most crucial moments yet.","content":"Home Residency 6-Month Residency Are you ready to take the leap? Consider joining Platform One and the DevSecOps Initiative in the experience of a lifetime by joining us for a 6-month remote Residency. Here’s your chance to learn a skill, hone a talent, experience a different culture and put your fingerprints on the transformation of DoD in one of the most crucial moments yet. Purpose Platform One is seeking applicants for our competitive 6-month residency program! This program is intended to build a cadre of DevSecOps users and professionals to accelerate DevSecOps adoption and capabilities within the DoD, and directly support the DoD DevSecOps initiative. Legacy software acquisition and development practices in the DoD do not provide the agility to deploy new software “at the speed of operations”. In addition, security is often an afterthought, not built in from the beginning of the lifecycle of the application and underlying infrastructure. DevSecOps is the industry best practice for rapid, secure software development. DevSecOps is an organizational software engineering culture and practice that unifies software development (Dev), security (Sec) and operations (Ops). The main characteristics of DevSecOps are automation, monitoring, and security application in all phases of the software lifecycle: plan, develop, build, test, release, deliver, deploy, operate, and monitor. In DevSecOps, testing and security are conducted earlier in the development process through automated unit, functional, integration, and security testing - this is a key DevSecOps differentiator since security and functional capabilities are tested and built simultaneously. Residency Details Prospective candidates are military (CONUS - Active Duty) and DoD Civil Service with the following skill sets: Software Development Cyber Security Design Thinking Software Product Management ACQUISITIONS / CONTRACTING Selected program residents will be full time employees at Platform One and will work remotely on one of the various Value Streams at Platform One: Big Bang, Party Bus, Iron Bank, CNAP, Cyber, or Acquisitions. Program residents will learn and participate in the best application development practices, learn to use, manage, and build DevSecOps pipelines, and develop an appreciation of the importance of design thinking in product development. Program residents with a cybersecurity background, will develop a deeper understanding of how cybersecurity is executed in accordance with the DoD DevSecOps Reference Design, will learn more about how Platform One manages its continuous Authority to Operate (cATO), and learn how to accredit mission applications using the Risk Management Framework. Program residents with Acquisition Program Management or Contracting experience (Contract Specialist and Contracting Officers) will learn more about how contracting vehicles like Small Business Innovate Research (SBIR), and Basic Ordering Agreements (BOA) contract vehicles enable the acquisition and scaling of talent, software licenses, and cloud services to enable service delivery at Platform One. VALUE STREAMS Platform One will only be selecting a set quantity of residents to embed within our value streams as depicted below: Download DoD-wide approved containers or harden with Iron Bank Deploy your own software factory with Big Bang Get hands-on experience onboarding with Party Bus Provide access to development, testing, and production enclaves Stay secured with our Cybersecurity team processes Application Process Application Submission Window Interviews will be conducted Selected residents will be notified Prospective residents must send back Memorandum of Agreement signed by their Commanders to confirm their seat. Confirmed selectees will receive an acceptance letter from the Platform One Materiel Leader. Begin Residency. 1 October 2022 - 31 December 2022 9 January 2023 - 20 January 2023 24 January 2023 27 January 2023 30 January 2023 1 October 2022 - 31 December 2022 9 January 2023 - 20 January 2023 24 January 2023 27 January 2023 30 January 2023 Application Submission Window Interviews will be conducted Selected residents will be notified Prospective residents must send back Memorandum of Agreement signed by their Commanders to confirm their seat. Confirmed selectees will receive an acceptance letter from the Platform One Materiel Leader. Begin Residency. How To Apply Write a single page Letter of Intent detailing your: Background, Experiences, Interests and goals, WHY this opportunity is important to you in further developing your DevSecOps knowledge, and What weapon or IT systems you hope to support in the future? Be sure to include your current branch of service and unit information on letter. Contracting Only: List your years of experience, warrant, and certification level. Fill out skills matrix spreadsheet (N/A to Acquisitions/Contracting) Skills Matrix Sheet Fill out your form, upload letters of intent, and skills matrix by clicking the “Apply Here” button below. Commander or equivalent approval is required to participate in this program. DISCLAIMER: The application process uses Google Forms which is blocked by some Government networks. Please apply from a different network or device if you are blocked from using Google Forms. Apply Here Apply to the Residency, NLT 31 December 2022. Applications received after this date will not be considered. Coordinating Instructions Selected applicants must be able to start the six-month residency on 6 February 2023. The program will last for 6 months and will be 100% Remote. There are no TDY costs associated with the residency program. Applicants must have at least 6 months left at their current duty station or service commitment to be eligible to apply. There is no payback tour incurred by participating in this opportunity."},{"id":"/careers","path":" careers","title":"CAREERS","description":"Platform One allows users to deploy a DevSecOps Software Factory and start solving software problems with a 90% solution day 1, instead of starting from nothing.","content":"Home Careers CAREERS Platform One allows users to deploy a DevSecOps Software Factory and start solving software problems with a 90% solution day 1, instead of starting from nothing. Apply Now Join the Team Your browser does not support the video tag. Platform One (P1) is a modern cloud-era platform that provides valuable tooling, hosts CI/CD DevSecOps pipelines, and offers a secure Kubernetes platform for hosting microservices. Authorization to go live with your application can be achieved faster than ever by using Iron Bank hardened containers and P1 pipeline security tools. The resulting Certificate to Field (CtF) and Continuous Authority to Operate (cATO) provides developers the ability to push validated code into production on an ongoing basis. This results in shorter development cycles, less debugging, and more rapid feature development. VIEW OPENINGS VALUE STATEMENTS Our values were determined through a working session that was open-invite to the entire P1 team. The people defined what was important to them instead of having someone tell them what to value! EMPOWER Empower individuals and teams with the trust to be accountable and grow Platform One into an organization that drives change personally and professionally. OBSESS Obsessively know our customers and solve their challenges by delivering actual, functional solutions instead of arguing about requirements and process. Continue to improve the solution well into the future. VALUE We. Value. Diversity. We are committed to Diversity and Inclusion. Employees in our inclusive environments feel appreciated for their unique characteristics and therefore comfortable sharing their ideas and other aspects of their true and authentic selves. NOURISH Nourish a culture of open, safe, candid communication, and decision making at all levels. We accomplish this by a heightened sense of self-awareness and encourage people to know their own faults and continuously work to improve them. When engaged in conversation, seek to understand the other's point of view prior to attempting to change his or her opinions. We care about the pulse of our organization and use it to help continuously improve our processes! - Platform One Leadership VISION A collaborative Defense Department enabled by continuous delivery. MISSION Accelerate Secure Software Delivery for the DoD. Platform One Awards 2020 DEFENSE ACQUISITION WORKFORCE AWARD WINNERS David Packard Excellence in Acquisition Award Software Innovation Team Award 2021 IMPROVEMENT AND INNOVATION AWARDS WINNERS Team of the Year Platform One Ready to join the platform one team? We are looking for innovativers to join our mission to transform the digital force through rapid software development. View Openings"},{"id":"/contact-us","path":" contact-us","title":"Contact Us","content":"Home Contact Us Contact Us First Name Last Name Sector Government Sponsoring Program* * required Email* * required Phone* * required How can we help? How did you hear about Platform One? Send Info If you have a tech issue, please visit the Platform One Support Hub. Looking for the Residency Program sign up? Residency Program"},{"id":"/products/party-bus/ama","path":" products party-bus ama","title":"AMA","content":"Calling all Party Bus customers and potential Party Bus passengers Mark your calendars for the following dates. Party Bus will be hosting an \"Ask an Engineer\" Session the last Wednesday of each month through November. Upcoming Sessions October 26th November 30th Click here to join the session!"}]
\ No newline at end of file
+[{"id":"/","path":" ","title":"Platform One","description":"Platform One allows users to deploy a DevSecOps Software Factory and start solving software problems with a 90% solution day 1, instead of starting from nothing.","content":"Platform One Platform One allows users to deploy a DevSecOps Software Factory and start solving software problems with a 90% solution day 1, instead of starting from nothing. Learn More Calling all Party Bus customers and potential Party Bus passengers Mark your calendars for the following dates. Party Bus will be hosting an \"Ask an Engineer\" Session the last Wednesday of each month through November. Upcoming Sessions October 26th November 30th Click here to join the session! What can Platform One do for you? Your browser does not support the video tag. Platform One (P1) is a modern cloud-era platform that provides valuable tooling, hosts CI/CD DevSecOps pipelines, and offers a secure Kubernetes platform for hosting microservices. Authorization to go live with your application can be achieved faster than ever by using Iron Bank hardened containers and P1 pipeline security tools. The resulting Certificate to Field (CtF) and Continuous Authority to Operate (cATO) provides developers the ability to push validated code into production on an ongoing basis. This results in shorter development cycles, less debugging, and more rapid feature development. Download DoD-wide approved containers or harden with Iron Bank Deploy your own software factory with Big Bang Get hands-on experience onboarding with Party Bus Provide access to development, testing, and production enclaves Stay secured with our Cybersecurity team processes Explore The Products How Our Teams Help Manages Software Factories for development teams so they can focus on building mission applications Decouples development teams from factory teams with DevSecOps and Site Reliability Engineer (SRE) expertise Helps instantiate DevSecOps CI/CD pipelines / software factories in days at various classification levels Builds and leverages the DoD hardened containers while avoiding one-size-fits-all architectures Fully complies with the DoD Enterprise DevSecOps Initiative (DSOP) with DoD-wide reciprocity Centralizes the container hardening of 300+ enterprise containers (databases, development tools, CI/CD tools, cybersecurity tools, etc.) Platform One and Kessel Run Joining forces Download the Memo Platform One, Kessel Run, We “Believe” Software Principles The USAF's Platform One and Kessel Run teams have been hard at work to converge our technology, services, and data to ensure rapid application portability across key software systems that support our warfighters. To do so, we believe it is important to document shared core beliefs that we are pursuing through collaboration of our limited pool of talented software personnel. These principles guide our collaboration, technology decisions, and engagement with industry. Platform One Awards 2020 DEFENSE ACQUISITION WORKFORCE AWARD WINNERS David Packard Excellence in Acquisition Award Software Innovation Team Award 2021 IMPROVEMENT AND INNOVATION AWARDS WINNERS Team of the Year Platform One WHO WE SERVE"},{"id":"/services","path":" services","title":"Platform One Services","content":"Home Services Platform One Services PLATFORM ONE ENTERPRISE SERVICES Platform One provides additional pay-per-use services and contract vehicles to facilitate teams' adoption and move to DevSecOps. The list of services will continuously evolve. CUSTOM DEVELOPMENT SERVICES Build and deliver new and accredited custom software applications (microservices) by leveraging the Platform One pipeline and following Platform One's DoD Continuous Authority to Operate (cATO) (pay per app) To learn more about these capabilities, please contact platformone@afwerxpartner.com with Subject: \"Platform One Custom Development Services Question\" CLOUD NATIVE ACCESS POINT (CNAP) The Cloud Native Acess Point is available on Cloud One to provide access to Development, Testing, and Production enclaves at IL-2, IL-4, and IL-5 that use Platform One DevSecOps environments by using an internet-facing Cloud-native Zero trust model To learn more about these capabilities, please contact platformone@afwerxpartner.com with Subject: \"Platform One CNAP Question\" PLATFORM ONE CONTINUOUS INTEGRATION CONTINUOUS DELIVERY (CI/CD) WITH INFRASTRUCTURE AS CODE (IaC) Teams can use existing CI/CD pipelines hosted on Repo One with their current Infrastructure as Code (IaC) code If a custom CI/CD pipeline is needed due to specific program mission needs, check out the Big Bang options To learn more about these capabilities, please contact platformone@afwerxpartner.com with Subject: \"Platform One CI/CD Options Question\" PLATFORM ONE DEVSECOPS MANAGED TOOLS Platform One Enterprise Chat provides a collaboration solutions suitable for connecting developer teams (pay per use): IL-4 (.mil email only) https://chat.il2.dso.mil Platform One All Domain Common Environment (see above, pay per use) Platform One Multi-Level Security Data Transfer (CDS/Diode) (pay per use) Platform One Stack Exchange: knowledge sharing service for software developers and engineers (pay per use) To learn more about these capabilities, please contact platformone@afwerxpartner.com with Subject: \"Platform One Managed Tools Question\" Cloud Native DNS Platform one deploys a CNCF-graduated authoritative DNS server to provide a highly available, secure central way to manage DNS for dso.mil. This solution centralized DNS management for the organization and allowed us to execute DNS updates in minutes vs. weeks (for IL5) Cloud-native, agnostic and elastic DNS capability with .MIL and non .MIL capabilities Fully managed by configuration as code and Git mergers Runs on Kubernetes using coreDNS Enterprise Collaboration Provides secure collaboration tools to enable those who advance the mission Mattermost - Communicate with your peers within the DoD anytime/anywhere Jira - Plan, track, and manage your projects Confluence - Create, collaborate and organize all of your work in one place PLATFORM ONE TRAINING AND ONBOARDING OPTIONS Check out the CSO DevSecOps / DAU training: DevSecOps Training Resources Virtual Platform One Learning Hub that provides self-service onboarding 1-day training Session: Introduction to DevSecOps. Overview and understanding of the vision and activities Onboarding options for Party Bus To learn more about these capabilities, please contact platformone@afwerxpartner.com with Subject: \"Platform One Training Question\" Identity Management/SSO/PKI Brings Single Sign On with various DoD PKI options and MFA options Brings Person Entity (PE) and Non Person Entity (NPE) x509 certificate based authentication Connects to existing AF, DoD and DIB PKI capabilities Provide secure and cloud native, agnostic and elastic capability Leverages VAULT capability and provides automated certificate generation, Kubernetes native and allows for automated certificate rotation Can be used for code signing, container signing and NPE/PE authentication Centralizes/Aggregates logs and pushes to CSSP and vSO"},{"id":"/resellers","path":" resellers","title":"Platform One Official Resellers","content":"Home Resellers Platform One Official Resellers Why A Platform One Reseller By leveraging this fast track, applications can be approved to work on government systems faster than ever. Partnering with a Reseller means rapid environment deployment and priority access to platform updates, new services, better security*, continuous feedback, education, and training and container hardening. Authorized Resellers are qualified service providers of the Department of Defense Enterprise DevSecOps Technology Stack. Use of Platform One Big Bang environments and Iron Bank Hardened containers enables more secure software operations, leading to continuous Authorization to Operate (cATO). *Platform One's technologies have been pen tested by the NSA, the US Air Force, and the US Navy. Request for P1 Services Connect With Our Resellers Booz Allen Booz Allen Hamilton, an innovator and pioneer in successful P1 capability implementations, brings credible experience in driving adoption of Agile DevSecOps, Software Factories, and P1 products and services in support of mission critical programs. Learn More BrainGu As P1 subject matter experts with experience in delivering Kubernetes-based DevSecOps platforms, BrainGu knows that the journey to transitioning from an existing legacy software solution to a Cloud-Native/DevSecOps solution can be difficult. We succeed in technology distribution because we respect the importance of the value that legacy technology brings. Learn More ECS ECS, ASGN's federal government segment, delivers advanced solutions in cloud, cybersecurity, data and artificial intelligence (AI), application and IT modernization, science, and engineering. Learn More Novetta Novetta, a part of Accenture Federal Services, brings nearly a decade of mission-focused, Agile-based DevSecOps experience to the most challenging National Security/DoD problems. Learn More Revacomm RevaComm is a Hawaii-based, minority-owned, 8(a)SDB who has been instrumental not only in building, maintaining, educating, and onboarding Platform One customers to Party Bus, but also in playing a vital role in P1's Big Bang deployment for Party Bus. Learn More Seed Innovations Seed Innovations, LLC (Seed) is a woman-owned small business specializing in P1's adoption. Seed has been involved in the development of Party Bus, Big Bang, and Container Hardening (Iron Bank) over the last two years. Learn More WHO WE SERVE"},{"id":"/resources","path":" resources","title":"P1 Resources","description":"Information at your fingertips: guides, documents, and external links to help spread valuable knowledge pertaining to Platform One and the DoD.","content":"Home Resources P1 Resources Information at your fingertips: guides, documents, and external links to help spread valuable knowledge pertaining to Platform One and the DoD. Platform One Iron Bank Big Bang Party Bus CNAP CYBER DISA Container Guide DCCSR Repository DevSecOps/DAU Training DevSecOps Reference Design Memorandum Distribution ASK ME ANYTHING RECORDINGS AND PRESENTATIONS Check out hot topics and presentation slides from previous AMA's currently available on software.af.mil Explore More SOFTWARE.AF.MIL devsecops training resources Self-learning videos for all levels covering Kubernetes to Service Mesh, literature recommendations, and more. Learn More POPULAR CONTENT All Content P1 E1 Inception Drew Belk Austen Bryan Rob Slaughter 26m 25sec P1 E2 the People Jeff McCoy Matt Houston 44m 09sec P1 E3 Organizing Value Erica Westendorf 50m 01sec HAVE MORE QUESTIONS ABOUT PLATFORM ONE? If you have P1 SSO access, click Get Answers to find most of your questions answered on the FAQ page. Click Contact Us for more specific inquiries. Get Answers Request P1 SSO Access Contact Us"},{"id":"/who-we-are","path":" who-we-are","title":"Who We Are","content":"Home Who We Are Who We Are We care about the pulse of our organization and use it to help continuously improve our processes! - Platform One Leadership VISION Accelerate the DoD's dominance by delivering innovative, trusted technologies today. MISSION Transform how the DoD delivers warfighter capability through innovative frameworks, collaborative culture, and secure software. VALUE STATEMENTS Our values were determined through a working session that was open-invite to the entire P1 team. The people defined what was important to them instead of having someone tell them what to value! EMPOWER Empower individuals and teams with the trust to be accountable and grow Platform One into an organization that drives change personally and professionally. OBSESS Obsessively know our customers and solve their challenges by delivering actual, functional solutions instead of arguing about requirements and process. Continue to improve the solution well into the future. VALUE We. Value. Diversity. We are committed to Diversity and Inclusion. Employees in our inclusive environments feel appreciated for their unique characteristics and therefore comfortable sharing their ideas and other aspects of their true and authentic selves. NOURISH Nourish a culture of open, safe, candid communication, and decision making at all levels. We accomplish this by a heightened sense of self-awareness and encourage people to know their own faults and continuously work to improve them. When engaged in conversation, seek to understand the other's point of view prior to attempting to change his or her opinions. CORE PRINCIPLES Scale Features aren't complete until they are tested, automated, documented, and with training modules. Mission Obsessed Obsessed over the code that will form the baseline for weapon systems across the DoD: ships, planes, tanks, and nukes. Everyone Codes What we do is code.  All of us... even if it is 3 hours a week using Youtube videos. No exceptions. Ownership Own every aspect of what you do, what you write, what you say, and what you use. Simple and Robust Make features as if 100,000 developers will use what you've developed. Continual Learning We always look to improve our baseline and our brains. Live in the trenches Success or failure is found in the details.  Don't ignore them because you don't have time to understand. No Egos We will never be the best at everything, so don't claim or try to be.  Be open-minded about what others can bring to the table. Invest in People The best investment you can make is in yourselves. The next best investment you can make is in the people next to you. We Serve We exist to help others succeed.  When they succeed, we succeed.  If you can help someone, do it. Shoot for the moon Be bold and strive to make monumental changes that sound so crazy people won't believe you... even after you've done it. Smart Decisions Encourage decisions to be made by the individuals with the most information.  If it's a technical decision, that means technical people, even if they are the lowest ranking. MEET THE LEADERSHIP TEAM Our leaders range in personality from the Pointy-haired boss from Dilbert to Bill Lumbergh from Office Space but, like, in a good way. They are instrumental in driving the vision for Platform One and our continued growth and improvement. They keep the mood nice and light-hearted while removing blockers and knocking down barriers for our teams. If you want to know why P1 is such a great place to work, learn about our leaders. LT COL BRIAN VIOLA Materiel Leader Lt Col Brian Viola is currently the Materiel Leader of Platform One, Air Force Lifecycle Management Center, Cryptologic & Cyber System Division, Cyber Systems Group. He attended Louisiana State University and commissioned through the Reserve Officer Training Corps. Most recently, Lt Col Viola served as the Commander for the 346th Test Squadron. DUONG HANG Deputy Materiel Leader Loves coders in uniform MAJOR CAMDON CADY Chief of Operations and Chief Technology Officer Expert waffle maker KEVIN TWIBELL Chief Information Security Officer Let’s stop talking about all the things we want to change and start doing it. PHILLIP \"CASPER\" RECORD  Phillip is..well...Phillip. Yeah, that about sums it up..."},{"id":"/products/party-bus/service-catalog","path":" products party-bus service-catalog","title":"Service Catalog","content":"Home The Party Bus Service Catalog Party Bus Service Catalog CI/CD cATO PIPELINE FLOW Take your idea and get it to production using our pipelines and Certificate-to-Field (CtF). Click on the tools icon to see what tools are supported for that phase and the +/- for a quick explanation for that specific stage. PUSH TO REPOSITORY A developer will make \nchanges to necessary code \nand achieve revision control. CONTINUOUS INTEGRATION (CI) CONTINUOUS DELIVERY (CD) CONTINUOUS DEPLOYMENT (CD) Compliance Check Docker File Lint Find Unauthorized Job TruffleHog Job Build Build Unit Tests Lint Unit Tests SCA Dependency Check Fortify Sonarqube Job Build Image Build Image Scan Image Twistlock Scan Anchore Deploy Staging Deploy Staging E2E Tests E2E Tests Pen Tests Release Release Job (Production Only) ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ ➕ Supported Tools The following tools are available in the MDO (Production/Application) Environment where the PB customers live. COLLABORATION TOOLS CONTAINERIZATION Docker Base Images OS Iron Bank Red Hat Security Anchore SD Elements OWASP Twistlock Single Sign On * Keycloak Service Mesh Istio *SSO integration within Party Bus is not permitted, teams must use our auth service and JWT process. BUILD Gradle Maven NPM UNIT TESTS Cypress.io Jest JUnit5 CONTINUOUS DELIVERY Persistent Storage PostgreSQL Minio MySQL GitLab Amazon S3 GitOps, IAC, CAC Kubernetes Amazon Web Services Argo Terraform CONTINUOUS INTEGRATION Build Image using Dockerfile pulling images from Iron Bank that are built on Universal Base Image. Static Code Analysis (SCA) language specific unit testing, linting tools, Sonarqube, OWASP Dependency Check, Trufflehog, Fortify, and Twistlock. CONTINUOUS DELIVERY Dynamic Application Securtiy Testing (DAST) using Twistlock, OWASP ZAP, and Cypress End-to-End Testing. Deploy to Staging and Production clusters using ArgoCD Auto App Deployments. WHAT DOES cATO ACTUALLY MEAN? We, Platform One, build a Continuous ATO from multiple ATOs covering the infrastructure, platform, and deployment process. The infrastructure and platform ATOs cover a majority of NIST 800-53 RMF controls. The DoD CIO and DAF CSO have released multiple guidance documents related to the cATO, click the button below for more information. DSOP Documents Once a team completes the Certificate to Field (valid for one year or until architecture is changed – major release) real-time deployments to production are enabled. The Certificate to Field (CtF) process uses SD Elements to answer the final NIST 800-53 RMF controls that are specific to the application. To be compliant with the DevSecOps Reference Design ( PDF ) and retain our ATOs, we pull approved images from Iron Bank . DevSecOps Reference Supported Environments Using CNCF Certified Kubernetes Distributions. (Rancher, Konvoy) ENVIRONMENT DEVELOPMENT ENVIRONMENT SUPPORTED (DSOP) PRODUCTION (DEVELOPMENT) SUPPORTED (MISSION DEVOPS = MDO) IL2 (On Cloud One) IL4 (On Cloud One) IL5 (On Cloud One) S (ODIN IL6)* DevSecOps Pipelines are available at IL6, cATO/CTF would need to be discussed with ODIN PM TS/SCI (ODIN JWICS)* DevSecOps Pipelines are available on JWICS, cATO/CTF would need to be discussed with ODIN PM * PlatformOne and ODIN Programs are working a formal MoA (Agreement) to leverage each other's environments and services. More ODIN Info Available Feature Types What is available for your development/collaboration environment and in the MDO (Production/Application) Environment ***Supported technologies between the hours of 0800 CST-1800 CST M-F only. These environments are available for use 24X7, but support is not guaranteed outside of these hours. Platform One reserves the right to discontinue support to current services in interest of security and maintaining our cATO. Platform Services Foundational PaaS available to every application team. Services are not available for individual teams to configure. See Party Bus Tech Stack for more info. DSOP - this is what is available for your development/collaboration environment. PB maintains complete control over these capabilities. These features are not available for PB customer teams to configure, manage, or change. Application Teams will be given access to certain tools only. Anything beyond the cATO requirements is a roadmap item. See Party Bus Tech Stack for more info. PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity All of Big Bang Core Big Bang Addons (except Nexus) Supported Fortify Confluence Jira Big Bang 3rd Party Community Supported: mysql postgres See the Party Bus Tech Stack / PaaS / Release Notes (coming soon) Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team None Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced Big Bang Add-ons: Nexus, Anchore Not Supported (IB rejected or Vendor lock-in) None Pipeline Tools See MDO Guidance for more information PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity Gitlab Premium Fortify Sonarqube Twistlock Trufflehog OWASP Dependency Check OWASP Zap ArgoCD SDElements Launchboard (Beta) Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team None Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced Big Bang Add-ons: Nexus, Anchore Not Supported (IB rejected or Vendor lock-in) None Backup PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity Velero Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced Not Supported (IB rejected or Vendor lock-in) Padawan The Padawan static sites solution aims to help developers quickly deploy static site content. See Padawan Docs for more info. This p1.dso.mil site that you're looking at right now is built/deployed/hosted on Party Bus Padawan! PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity Deployment Sites IL2 IL4 Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team Supported Package Types Vanilla npm mkdocs hugo jekyll Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced None at this time Not Supported (IB rejected or Vendor lock-in) None at this time This is what is available in the MDO (Production/Application) Environment. This is where the PB customers live. Persistent Storage Solutions** PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity Amazon RDS (multi-tenant only) Aurora PostgresSQL MySQL MinIO (Native Object Storage) Communicate with S3 through MinIO - No direct link to S3 Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team Any Iron Bank image - to be used at customer risk, no Party Bus support is provided. Proven Iron Bank approved customer integrations in their own BB environment. Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced FileServer (CDN) Not Supported (IB rejected or Vendor lock-in) Any and all provided cloud services (Lambda, S3 etc) Languages PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity NPM based TypeScript / JavaScript Angular React Node.js Vue Java (Maven or Gradle build engine) Python (built in python commands) Golang (built in go commands) .NET-Core (built in .NET-Core commands) C# with .NET 3/5 Framework beta C++ - beta (Toolset: gcc, g++ v.10, cmake, conan) Ruby (bundler only, other Ruby package managers are not supported) PHP (Composer only, other PHP package managers are not supported) See Pipeline Templates Repository Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced Not Supported (IB rejected or Vendor lock-in) Rust (Fortify / Sonarqube cannot scan) Supported Message Queues PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity Kafka Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team Any Iron Bank image - to be used at customer risk, no Party Bus support is guaranteed unless using the Party Bus Kafka Managed Service. RabbitMQ is a message queue option that customers have successfully self-managed. * While there is an IB image for RabbitMQ, there is No High Availability option and egress or ingress connections are NOT allowed.* Proven IB approved customer integrations in their own Big Bang environment. Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced None at this time Not Supported (IB rejected or Vendor lock-in) Any and all provided cloud services unless otherwise specified (SNS/SQS) Nifi - approved in IB, but due to authentication and installation issues, customers will not be able to install and use Nifi in the Party Bus environments. Email Services PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity None at this time Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team None at this time Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced Testing email options - release date TBD Not Supported (IB rejected or Vendor lock-in) PB explicitly does not allow emails Web Servers PB fully supported Managed Service and covered in the PB customer support agreement. *Customer has access to in a limited capacity Other Containerized Web Servers that are Iron Bank approved (e.g. NGINX, Tomcat, .php Apache) Above PB baselined PaaS offerings. Customers can deploy at their own discretion but will not receive technical assistance from PB managed service team Any Iron Bank image - to be used at customer risk, no Party Bus support is guaranteed. Proven Iron Bank approved customer integrations in their own Big Bang environment. Roadmap (in the future, unsupported at this time) In P1 TOC discussion or open sourced None at this time Not Supported (IB rejected or Vendor lock-in) Any and all provided cloud services **Data distribution is subject to the data owner permissions. P1 does not offer a data platform for distribution. It is up to the Application to handle this data appropriately (JWT token). P1 does not offer any data cleaning, remediation, data spill etc. This is up to the application team. Direct Database access is not permitted. Ingress is only allowed on 443. All containers must come through Iron Bank. See the Iron Bank onboarding found here . UNSUPPORTED RDS/STORAGE All the below are 'use at your own risk' . This means the Product Team is responsible for backups and any data loss. MongoDb Please reference the Unsupported Database Guidance UNSUPPORTED LANGUAGES Rust UNSUPPORTED GENERAL Multi language project (One language per project is allowed) TECHNICAL FIT Platform One expects a technical diagram and a dockerfile be provided at the technical fit meeting. The Party Bus anchors can assist in the creation of the technical diagram and dockerfile. Below are examples. Technical Diagram Example Dockerfiles ARE YOU A TECH FIT FOR PARTY BUS? Let's get started! Submit one form for each mission application. Tech Fit Form"},{"id":"/products/party-bus","path":" products party-bus","title":"The Party Bus","description":"The environment and services you need to develop and deploy your software application","content":"Home The Party Bus The Party Bus The environment and services you need to develop and deploy your software application Why Party Bus? PARTY BUS IS A cATO ENABLED DEVSECOPS SERVICE For government software programs who need rapid development of approved, working mission applications to warfighter. We provide a non-vendor locked, CNCF kubernetes based platform. We provide a secure, multi-tenant, and multi-classification environment with Staging and Production capabilities. We stand out by allowing our customers to field applications with cATO'd templatized pipelines Onboarding onto Party Bus Leverage a Multi Tenant DevSecOps environment with our environment and services Service Catalog The cost of each program office standing up their own DevSecOps environment can be saved by using Party Bus. Check out the service catalog to see what is included when you are a Party Bus customer. View Our Services What You'll Learn in our workshops Get hands-on experience and training with our rapid workshop to stand up a hello world pipeline with a templated app through Party Bus. Agile & UCD Methodologies Paired Programming Test-Driven Development Certificate to Field (CtF) Explore Onboarding Process Party Bus Process We Move Fast, And We Move Smart The Party Bus team will be measuring twice and cutting once. We believe the sooner we can get you squared away on our level of standards (which is high, why else would we invite you to join our elite team of products and services), the sooner you can serve the users and warfighters within DoD that need your product or solution yesterday. Have More Questions About Party Bus? Click Get Answers to find most of your questions answered on the FAQ page. Click Contact us for more specific inquiries. Get Answers Contact Us Ask an Engineer      1 / 1   "},{"id":"/products/party-bus/onboarding","path":" products party-bus onboarding","title":"Party Bus Onboarding","content":"Home The Party Bus Onboarding Party Bus Onboarding Process Overview Intake Request Our Customer Success Team gains an understanding of your application Conduct Technical Fit Collaborate with Mission DevOps Engineers in a Technical Fit Session Pricing Quote Customer Success and Acquisitions teams to finalize your pricing quote Party Bus Workshop Learn the Party Bus way to onboard, provision, and procure pipelines and environment for your application and continuously deliver Steps to Party Bus Success 01. INTAKE REQUEST Step One Resources: • Intake/Contact P1 Request • Party Bus Service Catalog • Intake Questions What is Party Bus? Party Bus is a Multi-tenant continuous ATO'd, declarative and opinionated environment. This means our team of engineers provision and configure pipelines for your team so you can focus on your software. Ensure Party Bus is the right fit for you and your team by reviewing our service catalog prior to a Tech fit session with one of our experts. During Intake our Customer Success Team will collaborate with you to provide all the essential information about the Party Bus, your application, and review the Party Bus Service Catalog. What do we need from you? Team Technical lead, Government POC, and development team members info. Architecture diagram listing application containers, tech stack, APIs, DBs, frameworks and other dependancies. Docker containers (needed before pipelines are built) 02. TECHNICAL FIT Step Two Resources: • Party Bus Service Catalog • Docker File Examples What is the Tech Fit? Our team will contact you to schedule a Technical Fit with our PB Engineers. Together we'll review your tech stack, current architectural set-up, dependencies and usage requirements. This step ensures a true fit for your application and provides the best Party Bus experience. What do we need from you? Review technical elements that are supported in the Party Bus Service Catalog resource. During the techincal fit: You'll step us through your technical and architectural overview of your application. Bring Docker Files and prepare questions to ask Party Bus Anchors. Getting an understanding of your application allows us to get a perspective into the current state of the application, so we can suggest and adapt it for future state success. The PB Anchors will determine the application is a good fit. If it is approved, then you'll move on to the Pricing Quote Phase. If your application is not accepted, then a team member will communicate what adjustments are necessary to refactor your application, or outline why Party Bus may not be ideal for your application. 03. PRICING QUOTE Step Three Resources: • Party Bus Service Catalog Congratulations! The app is a good fit! After the tech fit is complete, your Party Bus requirements are evaluated by our Customer Success and Acquisitions teams to finalize your pricing quote. You will be assigned a Business Account Manager when your quote is complete. This individual will guide you through the steps to complete the contracting and payment processes. 04. ACCESS & PARTY BUS WORKSHOP Step Four Resources: • P1 SSO Self-Registration • 2875 Documents and Instructions • Party Bus Service Catalog You're on the Party Bus! At this point, you're officially part of the Party Bus. Your project has been funded. Our team will provide access to the following tools: Gitlab; Mattermost; Jira; Confluence; Pipeline tools. Don't have access to your team's tools and pipelines? Email our team. Next, sign up for the required 3-Day Party Bus Onboarding Workshop: Product teams and developers attend a 3-day session Product Managers attend a 1-day session You may need to associate your Platform One account with your CAC to access Party Bus Tools and Pipelines. Fill out paperwork if you don't have a CAC to associate with your account. See resources above. Need Assistance? Get in touch with us Contact us Or get in touch with a Platform One Contact or our Party Bus Onboarding Contact"},{"id":"/products/big-bang/onboarding","path":" products big-bang onboarding","title":"Big Bang Onboarding","content":"Home Big Bang Big Bang Onboarding Big Bang Onboarding CUSTOMER ON-BOARDING GUIDES 1 DAY WORKSHOP An introduction to learn about Big Bang products and associated technologies. 9/07/21 9/21/21 10/05/21 10/19/21 1-Week Engineer Cohort After attending a workshop experience a deep dive into the Big Bang Deployment with hands on labs. 9/28/21 10/12/21 WORKSHOP AND ENGINEER COHORT OVERVIEW BIG BANG WORKSHOP WHO SHOULD COME? Engineers & Developers interested in learning more about the Big Bang tech stack and how it can help you kick-start a software factory. View Workshop Prerequisites TOPICS COVERED Platform One & Big Bang Introduction The Core Big Bang Stack Kubernetes Basics The Big Bang model of GitOps Monitoring and Logging Capabilities Istio & Kubernetes Networking Additional Big Bang Services & Apps HOW TO REGISTER Please click the link below and enter the following password to register: BigBangWorkshop Register for a Workshop Big Bang Engineer Cohort WHO SHOULD COME? SRE/Operations Engineers interested in deploying a Big Bang Cluster into their own environment. Below is an overview of topics we cover during the course. View Engineer Cohort Prerequisites Day 1: Overview of Platform One Big Bang Lab Access Kubernetes Refresher Day 2: Secrets Management Git Repo Setup Deployment of Big Bang Day 3: Security Tools Extending Big Bang Day 4: Take Home Lab HAVE QUESTIONS ABOUT ONBOARDING SESSIONS? Get Answers Contact Us"},{"id":"/products/big-bang","path":" products big-bang","title":"Big Bang","description":"Big Bang is a DevSecOps platform built from DoD hardened and approved packages deployed in a customer owned Kubernetes cluster.","content":"Home Big Bang Big Bang Big Bang is a DevSecOps platform built from DoD hardened and approved packages deployed in a customer owned Kubernetes cluster. Big Bang Technical Oversight Committee Empowering you to create custom environments for your mission Big Bang will help you build a custom software factory for your specific mission needs to enable faster development and deployment of your mission applications. The Big Bang Advantage AVOID VENDOR LOCK Big Bang is Kubernetes distro-agnostic, meaning you can pick between Upstream, Rancher, Konvoy, Tanzu Kubernetes Grid, or OpenShift Container Partner. FASTER ATO VIA RECIPROCITY Our Platform is accredited DOD wide and we can work AO to AO to ensure reciprocity. WIDE RANGE OF TOOL CHOICES We offer multiple tools at each stage of CI/CD pipeline. The tool choices can be customized to your preference and to the programming language of your choice. Big Bang Resources Getting Started Our Platform is accredited DOD wide and we can work AO to AO to ensure reciprocity. Quick Start Guide Product Release Notes Check out the latest Release Notes. Release Notes Open Source Contributions We are hard at work building an open-source platform but we need your help. Get Involved! Licensing Expectations Our core platform is open source with extensible enterprise-level capabilities. Please read our report on licensing expectations Licensing Info Resellers THE BIG BANG STAGES Stage 1 - We create your DevSecOps (DSOP) Software Factory. We set this up for you. Stage 2 - You use the DevSecOps (DSOP) Software Factory to build and deploy your mission applications. You run these pipelines to build and deploy mission applications any number of times. We move fast, and we move smart. The Big Bang team will deploy a Software Factory with tools that are built for your specific mission needs. We believe the sooner we can get you squared away on our level of automation and security standards (which is high, why else would we invite you to join our elite team of products and services), the sooner you can serve the users and warfighters within DoD that need your product or solution yesterday. Ready to Procure Big Bang Services? Contact us      1 / 3   "},{"id":"/products/iron-bank","path":" products iron-bank","title":"Iron Bank","description":"Iron Bank is Platform One's authorized, hardened, and approved image repository that supports the end to end lifecycle needed for modern software development.","content":"Home Iron Bank Iron Bank Iron Bank is Platform One's authorized, hardened, and approved image repository that supports the end to end lifecycle needed for modern software development. Visit the Iron Bank Repository Announcement! Iron Bank is happy to announce the initial release of the Acceptance Baseline Criteria (ABCs) and Overall Risk Assessment (ORA) for Iron Bank images. For additional information regarding this announcement, including links to the existing ABC and ORA documents, please see our README on Repo One. ABC/ORA Documentation Why Iron Bank? Automates, secures, and accelerates the approval process of commercial and open source images to be used within the DoD with DoD-wide reciprocity Brings accredited software to the DoD using processes and procedures that are faster and more efficient than other methods Provides continuous monitoring of approved images Maintains continuously updated images so that developers have access to the latest tools Provides a toolbox of commonly used and secured capabilities for mission apps Provides end-to-end management of image justifications for known vulnerabilities and image approval process via Vulnerability Assessment Tool (VAT) Assists vendors with the hardening process of images The Iron Bank website offers a view of all approved applications and provides any necessary details in regards to the application Registry One is a fully compliant Open Container Initiative registry. All images found under the Iron Bank project are guaranteed to be approved Repo One is the central repository for the source code to create hardened and evaluated images for the DoD How Do We Do It? We work with the open source community and commercial vendors to centralize a hardened and approved version of an application that is easily accessible to the entire DoD. By leveraging our Certificate to Field (CtF) process, the DoD community can quickly and easily deploy applications at unprecedented speed. Process Highlights The Iron Bank approval process centralizes and standardizes application hardening throughout the DoD. This information is stored in Repo One. Every 12 hours applications are built and scanned again for findings Applications are continuously updated to the latest version Body of evidence that is public facing and readily available for use DISA STIGs, CIS benchmarks, and best practices applied Onboarding Interested in submitting a image to be hardened and published on Iron Bank and Registry One? Check out the Contributor Onboarding Guide and see how to successfully scan and harden your image(s) through the DevSecOps Platform. Onboarding Guide Onboarding Checklist How to justify/address CVEs Your browser does not support the video tag. Onboarding Process Want to learn more about Iron Bank Onboarding Process? Watch this video to learn about the processes involved throughout the various stages of the hardening process. You can refer to the Onboarding Presentation below for reference during the video. Onboarding Presentation How Do I Contribute Images to Iron Bank to be Hardened? Before contributing application images, you should first make sure the application you are contributing is not already in the Iron Bank. If the application/container image does not exist, requests can be made with the Iron Bank Onboarding team for accreditation. Please complete the Iron Bank Onboarding Request . Iron Bank Onboarding Request Internal Hardening Request Iron Bank OnBoarding Sessions Every Wednesday at 1530-1630 EST We will be giving an overview of the Iron Bank process, and how to get an application through for the first 30 minutes and then we will be answering your questions. By the end of this meeting, you should know the next steps for you to take and where to find all the necessary documentation. Register in advance for the meeting at the link below. After registering, you will receive a confirmation email containing information about joining the meeting. Register Now Iron Bank Get Unstuck/AMA Working Sessions Every Wednesday at 1630-1730 EST Need some help with your images getting through Iron Bank? Have questions on where things are at? Are you feeling stuck and want to figure out next steps? This is the meeting for you! Come meet with the Iron Bank leadership and engineers to get answers to your questions. Register in advance for the meeting at the link below. After registering, you will receive a confirmation email containing information about joining the meeting. Register Now Pulling Hardened Images From Registry One All images under the Iron Bank project are officially approved. See the following diagram on how to manually pull images from Registry One. Automated pull capabilities coming soon. Launch Registry One 1. Click \"ironbank\" located under Project Name 2. Click \"Repositories\" in the top menu bar 3. Find an image to pull and click into the image 4. Click the stacked document icon under \"Pull Command\" to copy the pull command to your clipboard 5. Use the copied command in your terminal window How Do I Use A Hardened Image at a Multi-Security Level? Applications are typically approved at multiple Impact Levels (IL). Each organization is welcome to accept reciprocity with our approvals, but may choose to do additional assessments such as an Intelligence Review. We are working on automatically transferring images from lower classification levels to higher classifications for immediate use. The Iron Bank Pipeline Every image must pass each phase of the Iron Bank pipeline to be available on Iron Bank and Registry One. Passing these six phases results in a image being signed and accredited. Learn More Initialization Collect resources needed for container build such as yaml files, Dockerfiles, and README files. Antivirus Scan Perform antivirus and malware scanning to make sure there is no malicious code brought into the container. Build Build container based on Dockerfile. This is completed in an isolated environment network access. Scanning Perform three scans on container using Anchore, OpenSCAP, and Prisma Cloud to check to see if there are any CVE findings. Check CVEs Check to make sure there are no new CVE findings. If there are new findings, new justifications can be provided. Publish Container is signed and published to Ironbank Front End and Registry One for consumption. DO YOU HAVE FEEDBACK FOR IRON BANK? We are always looking to improve our processes to meet our vendor's needs. Leave Feedback Have More Questions? Check out our FAQ page. FAQ      1 / 3   "},{"id":"/products/iron-bank/getting-started","path":" products iron-bank getting-started","title":"Getting Started With Iron Bank","content":"Home Iron Bank Getting Started Getting Started With Iron Bank STEP ONE: IMPORTANT FIRST STEPS 1 2 3 4 STEP ONE: IMPORTANT FIRST STEPS STEP TWO: IRON BANK TERMS STEP THREE: TECHNICAL QUESTIONS STEP FOUR: ONBOARDING QUESTIONS Important first steps Before moving on to the next section please make sure you have completed the following Please reference this guide for what you need to do to be ready for Iron Bank. The Iron Bank Onboarding Sessions are held every Wednesday from 1530-1630EST. You can register for an onboarding session in advance here . Although not required, you can join the AMA session to answer any questions you might have. These sessions are held every Wednesday from 1630-1730EST. You can also register for this session in advance by clicking here . Note: After registering for either meeting, you will receive a confirmation email containing information about joining the meeting. I have attended an onboarding session or have reviewed the virtual materials. * Read the above paragraph for more information. We highly recommend attending the onboarding session prior to submitting a container hardening request. Yes No Other: Next Have More Questions? Check out our FAQ page. FAQ"},{"id":"/products/cnap","path":" products cnap","title":"Cloud Native Access Point","description":"CNAP is available on AWS GovCloud to provide access to development, testing, and production enclaves at IL-2, IL-4, and IL-5","content":"Home CNAP Cloud Native Access Point CNAP is available on AWS GovCloud to provide access to development, testing, and production enclaves at IL-2, IL-4, and IL-5 The future is zero trust What is CNAP The Cloud Native Access Portal is a Secure Access Service Edge (SASE) cloud-based enterprise security framework with a Zero Trust Architecture core providing eased access to AWS GovCloud resources (IL 2/4/5) for the DoD from both on and off NIPR. Device compliance Network devices are not to be trusted by default, rather each connected device is checked for identity and integrity then aligned against a managed set of policies (or access denied outright) before allowing encrypted access to intended mission applications. Software Defined Perimeter A Software Defined Perimeter (SDP) is based on a need-to-know model, in which device posture and identity are verified before access to application infrastructure is granted effectively leaving application infrastructure undetectable. How Do we do it? A CNAP is an off-NIPR Cloud Access Point (CAP) alternative that provides modernized cybersecurity capabilities based on the DoD Zero Trust Reference Architecture (ZTRA). It is an access point for person entities (PE) and non-person entities (NPE) to DoD resources in a commercial cloud environment from the internet (i.e., non-DODIN). Cyber Security Documentation collaboration across dod landscape Enabling DoD telework and remote access to AWS GovCloud environments through a device-based zero trust approach to access. Bring your DoD contractors into your environment from off-site. Access to your AWS GovCloud (IL 2/4/5) environment from commercial internet. Removes the need for additional VPNs, NIPRNet routing, and DISA CAP. Future proofed zero trust in accordance with EO 14028 Explore CNAP Register to Start Journey Trust Nothing / Verify Everything Zero Trust (ZT) is a cybersecurity strategy and framework that embeds security throughout the architecture to prevent malicious personas from accessing our most critical assets. Device compliance and network micro segmentation through AppGate Client Palo Alto Firewall provides Border Protection, perimeter firewall, IDS, WAF Keycloak provides DoD approved PKI / MFA and SSO Logging stack (EFK) for centralized logging and aggregation Zero Trust capabilities address (End-User Focused) A data-centric security model eliminates the idea of trusted or untrusted networks, devices, personas, or processes and shifts to multi-attribute-based confidence levels that enable authentication and authorization policies under the concept of least privileged access. Modernizing Federal Government Cybersecurity Aligned with Dod reference design The Federal Government must adopt security best practices, advance toward Zero Trust Architecture, accelerate movement to secure cloud services, centralize and streamline access to cybersecurity data to drive analytics for identifying and managing cybersecurity risks, and invest in both technology and personnel to match these modernization goals. To facilitate this approach, the migration to cloud technology shall adopt Zero Trust Architecture, as practicable. Executive Order 14208 OMB M-22-09 Memo CNAP Offerings P1 CNAP Specifically for Platform One customers providing a secure authenticaion and authorization platform to access DoD resources. Learn Now CNAP As a Service CNAP for customers with their own AWS GovCloud environment interested in a Zero Trust Architecture secure access capability. Learn Now Zero Trust gateway (ZTAP) Currently in development, based off of CNAP architecture. On premise deployed and managed instances of ZTA capability to expand edge coverage and unique use cases. Learn Now ONBOARDING INTO CNAP Platform One provides extensive options for product teams wanting to onboard into the CNAP. Customer Engagement Team Work with the Customer Service Team at Platform One to understand and identify the service offering to best support your future needs. Here, a technical fit and cost review align your needs with the right solution. Interconnection Security agreement Work with security and networking to understand and align towards a reduced attack surface. appgate coordination Aligning organizational firewall policies and device management compliance. ato / iatt support In true agile fashion, take lessons learned and continue development of your application leveraging a continuous delivery model. Have more questions about CNAP? Click FAQ to find answers to common questions. Click Contact Us for more specific inquiries. FAQ CONTACT US"},{"id":"/products/cybersecurity","path":" products cybersecurity","title":"CyberSecurity","description":"Platform One provides integrated cyber testing, monitoring, and event management for the infrastructure, platform, all enterprise services, and customer applications.","content":"Home CyberSecurity PROVIDING OPTIMUM CyberSecurity Platform One provides integrated cyber testing, monitoring, and event management for the infrastructure, platform, all enterprise services, and customer applications. ABILITY TO FIGHT AND WIN IS SOFTWARE DEPENDENT DEPENDENCIES The capabilities of weapons systems and other critical systems are defined by the speed of software development and deployment CHALLENGES The legacy approach to software development is a leading source of risk to DoD: it takes too long, is too expensive, and exposes warfighters to unacceptable risk INNOVATIONS Modernize DoD software development to become safer, more automated and test driven by fundamentally changing the skillsets, processes, and platforms. PROGRAMS CAN SAVE WITH PLATFORM ONE The Continuous Authorization approach saves program teams months of approval process time along with millions of dollars 18 MONTHS PMOs/PEOs save per Program $12.5 MILLION Saved per 5 years of Program Planned time 100 YEARS Planned Program Time saved over 30+ Programs in P1’s first year Learn More TRADITIONAL AUTHORIZATION APPROACH Authorize System System Development and Testing Authorize System Security Controls Authorize System Operate System INDUSTRY AVERAGE PERFORMANCE* (Traditional Development Approach) Deployment Frequency: 30-180 days Lead Time for Changes: 30-180 days Time to Restore Service: 7-30 days Change Failure Rate: 46-60% CONTINUOUS AUTHORIZATION APPROACH Authorize Platform, Process, Team Authorize the Platform Authorize the DevSecOps Process Authorize the Team Teams that run the Platform Teams that Create, Build, Secure and Operate the Software Product cATO PERFORMANCE TARGETS* (Industry Elite DevSecOps Performance) Deployment Frequency: Multiple/day Lead Time for Changes: Less than 1 day Time to Restore Service: Less than 1 hour Change Failure Rate: 0-15% *DORA Accelerate State of DevOps Report DEVSECOPS LIFECYCLE FOR CtF AND cATO PROCESSES Click on the links below for an in-depth look into CtF requirements and cATO details SECURITY CONTROL GATE Certificate to Field (CtF) from Platform One is required to move your product into production within the Continuous Authority to Operate (cATO) framework. CtF Requirements The cATO accredits the process , the people, and the culture that will continuously allow the delivery of applications through the rapid-delivery model and maintain the security required by the DoD. cATO Process Have more questions about platform one? Click Get Answers to find most of your questions answered on the FAQ page. Click Contact Us for more specific inquiries. FAQ CONTACT US"},{"id":"/products/cybersecurity/dsopTimeline","path":" products cybersecurity dsopTimeline","title":"DevSecOps","content":"RAPIDLY DELIVERING SOFTWARE INFLUENCES THE ABILITY TO FIGHT AND WIN Traditionally, the legacy process has taken years and millions of invested dollars for applications to get deployed. Although vetted through the proper risk assessment and security processes, by the time an application is completed, security measures have been updated and accreditation becomes outdated. With Platform One, you will see exponential savings of time and money using the DevSecOps / Agile method, while still focusing on cybersecurity. Traditional Legacy Process Timeline of how long a mission application would take going from acquisition to deployment THE CAPABILITIES OF WEAPONS SYSTEMS AND OTHER CRITICAL SYSTEMS ARE DEFINED BY THE QUICKNESS OF SOFTWARE DEVELOPMENT AND DEPLOYMENT THE BENEFITS OF THE DEVSECOPS / AGILE PROCESS Agile processes focus on interative development cycles in which feedback is continuously reintegrated, while DevSecOps methodologies emphasize security at the earliest stages of development A Continuous cycle of research, development, testing, and security Cyber Scanning - 1 Software Assurance - 2 Testing - 3 Accreditation - 4 DevSecOps & Agile Savings"},{"id":"/products/cybersecurity/ctf","path":" products cybersecurity ctf","title":"Certificate to Field","description":"The CtF is the application-level accreditation that allows your application to run in a specific environment within the DoD.","content":"Home CyberSecurity CTF Certificate to Field The CtF is the application-level accreditation that allows your application to run in a specific environment within the DoD. WHAT IS THE CERTIFICATE TO FIELD (C t F)? WHO NEEDS A C t F A CtF must be issued for all applications developed within Platform One to allow them to operate in a production environment at the specified Impact Level (IL) or classification within the DoD. DATA USAGE A CtF must also be issued for any application that uses production data regardless of environment (Test/Staging/Production), IL, or Classification. C t F EXPIRATION Once a CtF is issued, it is good for one year from the date of issuance, unless the product moves to the next major version or implements an architectural change that would require modification of the controls being assessed. THREE MAIN PARTS TO RECEIVING A MISSION APPLICATION C t F ACCREDITATION PASSING the PIPELINE Platform One will create and deploy a CI/CD pipeline to your repository comprised of a full suite of industry standard testing tools. This pipeline will make sure that your application code is secured and ready to be deployed to the DoD. You will be able to see a visual representation of your pipeline on GitLab - the CI/CD section allows you to view each stage and its status (green check marks for passing, red Xs for failures). You can also view the output of each stage. When the time comes for CtF approval, the security team will review the pipeline and each individual stage to make sure that you have properly passed each stage without errors or warnings. hardened docker images Platform One provides an entire suite of hardened images available to teams through Iron Bank. Hardened images are stripped-down versions of Docker images approved to be used within the DoD. Hardened Docker images ensure the application you deploy into the Platform One Kubernetes clusters follows all security checks. Failure to do so results in the image-checking stage failing in the pipeline. Explore Iron Bank SDElements SDElements is a security questionnaire based on multiple NIST standards that ensures your application follows best security practices. The questionnaire is comprised of questions about your application's tech stack, how it connects, how it sends data, etc. There is 1 questionnaire per application service (UI, API, any other service your application runs). SDElements will generate 50+ questions that your team will need to answer to address and explain how your application tackles industry standard practices. High-level C t F Steps The CtF process is comprised of three main phases and ends with a CtF meeting 1. ONBOARDING Start your CtF journey and have your first engagement with the cybersecurity team. The cybersecurity team will provision all the required tools for CtF and explain each element to you so you understand what is required. The goal is to ensure there are no major roadblocks or hiccups down the road. 2. WORK During this phase, you will work on your applications. You will leverage the tools provisioned in the cybersecurity onboarding process to ensure you meet the intent of the CtF while designing and developing your application's Minimal Viable Product (MVP). 3. Assessment Once you complete your MVP and all the items in your CtF checklist (more on this soon), the cybersecurity team will start their assessment of your application and its services. Expect some back-and-forth during this phase to address incomplete or vague items, or those that do not meet the intent of the control. 4. C t F MEETING After the assessment is complete, your team will participate in the CtF meeting. The meeting includes all stakeholders and consists of a review of your application, its architecture, and the controls. The Platform One Chief Information Security Officer will then make the CtF issuance determination for the application. Learn More Have more questions about platform one? Click Get Answers to find most of your questions answered on the FAQ page. Click Contact Us for more specific inquiries. FAQ CONTACT US"},{"id":"/products/cybersecurity/cato","path":" products cybersecurity cato","title":"cATO = CONTINUOUS AUTHORIZATION","description":"Continuous Authority to Operate (cATO) allows rapid delivery to the DoD","content":"Home CyberSecurity cATO cATO = CONTINUOUS AUTHORIZATION Continuous Authority to Operate (cATO) allows rapid delivery to the DoD WHAT IS CONTINUOUS AUTHORITY TO OPERATE (cATO)? TRUST Trust is established through assessments and authorizations of the process, the team, and the platform for managing the cyber risk of an application coming out of a software factory. RISK DETERMINATION Application change risks are mitigated by the use of DevSecOps control gate pass/fail rules and security automation findings and analysis. SECURE Idempotence and immutability provide for consistent, repeatable, and secure application support infrastructure and near real-time visualization of the security posture. COMPONENTS TO cATO FOCUS ON THE MISSION cATO places the focus on the mission software rather than the platform. Platform One was created so that DoD teams could focus primarily on their mission applications, rather than having to develop a platform and software factories. FEEDBACK & MONITORING cATO replaces the traditional linear authorization process and works in a continuous process. Security requirements are met due to continuous monitoring and always stay in compliance. DEVSECOPS DevSecOps (Development Security Operations) provides one of the main benefits of cATO. Automatically injected sidecar containers provide risk reduction alongside Kubernetes. Infrastructure as Code (IaC), continuous intregration, continuous deployment, and security throughout provides insight on risks. MVP'S STREAMLINE DEVELOPMENT cATO saves time in later development cycle, as risk and errors are continously reduced during deployment activities. cATO METHOD cATO PROCESS The Continuous Authorization approach provides authorization of platform(s), processes and teams. The platform (including development, test, pre-production, and production environments) is assessed and authorized using Risk Management Framework (RMF) processes. The platform incorporates continuous monitoring with behavior modification/zero trust enforcement and integrated Tier 2 CSSP support. The cATO process is adaptable to differences in component/change risk, urgent mission needs, and the AO's risk tolerance. cATO moves from compliance-driven risk management to data-driven risk management. Authorizing the team allows review of the program office personnel experience, clearances, skills, and certification requirements. Critical team members are interviewed to assess their knowledge of the program office's DevSecOps continuous authorization process and their understanding of the AO's risk tolerance. Integrated training workshops and tabletop excercises are held to ensure that individual teams work collaboratively within the continuous authorization process. Ongoing team performance is monitored against the outcome metrics established for the program. HAVE MORE QUESTIONS ABOUT PLATFORM ONE? Click Get Answers to find most of your questions answered on the FAQ page. Click Contact Us for more specific inquiries. Get Answers CONTACT US"},{"id":"/residency","path":" residency","title":"Residency","description":"Are you ready to take the leap? Consider joining Platform One and the DevSecOps Initiative in the experience of a lifetime by joining us for a 6-month remote Residency. Here’s your chance to learn a skill, hone a talent, experience a different culture and put your fingerprints on the transformation of DoD in one of the most crucial moments yet.","content":"Home Residency 6-Month Residency Are you ready to take the leap? Consider joining Platform One and the DevSecOps Initiative in the experience of a lifetime by joining us for a 6-month remote Residency. Here’s your chance to learn a skill, hone a talent, experience a different culture and put your fingerprints on the transformation of DoD in one of the most crucial moments yet. Purpose Platform One is seeking applicants for our competitive 6-month residency program! This program is intended to build a cadre of DevSecOps users and professionals to accelerate DevSecOps adoption and capabilities within the DoD, and directly support the DoD DevSecOps initiative. Legacy software acquisition and development practices in the DoD do not provide the agility to deploy new software “at the speed of operations”. In addition, security is often an afterthought, not built in from the beginning of the lifecycle of the application and underlying infrastructure. DevSecOps is the industry best practice for rapid, secure software development. DevSecOps is an organizational software engineering culture and practice that unifies software development (Dev), security (Sec) and operations (Ops). The main characteristics of DevSecOps are automation, monitoring, and security application in all phases of the software lifecycle: plan, develop, build, test, release, deliver, deploy, operate, and monitor. In DevSecOps, testing and security are conducted earlier in the development process through automated unit, functional, integration, and security testing - this is a key DevSecOps differentiator since security and functional capabilities are tested and built simultaneously. Residency Details Prospective candidates are military (CONUS - Active Duty) and DoD Civil Service with the following skill sets: Software Development Cyber Security Design Thinking Software Product Management ACQUISITIONS / CONTRACTING Selected program residents will be full time employees at Platform One and will work remotely on one of the various Value Streams at Platform One: Big Bang, Party Bus, Iron Bank, CNAP, Cyber, or Acquisitions. Program residents will learn and participate in the best application development practices, learn to use, manage, and build DevSecOps pipelines, and develop an appreciation of the importance of design thinking in product development. Program residents with a cybersecurity background, will develop a deeper understanding of how cybersecurity is executed in accordance with the DoD DevSecOps Reference Design, will learn more about how Platform One manages its continuous Authority to Operate (cATO), and learn how to accredit mission applications using the Risk Management Framework. Program residents with Acquisition Program Management or Contracting experience (Contract Specialist and Contracting Officers) will learn more about how contracting vehicles like Small Business Innovate Research (SBIR), and Basic Ordering Agreements (BOA) contract vehicles enable the acquisition and scaling of talent, software licenses, and cloud services to enable service delivery at Platform One. VALUE STREAMS Platform One will only be selecting a set quantity of residents to embed within our value streams as depicted below: Download DoD-wide approved containers or harden with Iron Bank Deploy your own software factory with Big Bang Get hands-on experience onboarding with Party Bus Provide access to development, testing, and production enclaves Stay secured with our Cybersecurity team processes Application Process Application Submission Window Interviews will be conducted Selected residents will be notified Prospective residents must send back Memorandum of Agreement signed by their Commanders to confirm their seat. Confirmed selectees will receive an acceptance letter from the Platform One Materiel Leader. Begin Residency. 1 October 2022 - 31 December 2022 9 January 2023 - 20 January 2023 24 January 2023 27 January 2023 30 January 2023 1 October 2022 - 31 December 2022 9 January 2023 - 20 January 2023 24 January 2023 27 January 2023 30 January 2023 Application Submission Window Interviews will be conducted Selected residents will be notified Prospective residents must send back Memorandum of Agreement signed by their Commanders to confirm their seat. Confirmed selectees will receive an acceptance letter from the Platform One Materiel Leader. Begin Residency. How To Apply Write a single page Letter of Intent detailing your: Background, Experiences, Interests and goals, WHY this opportunity is important to you in further developing your DevSecOps knowledge, and What weapon or IT systems you hope to support in the future? Be sure to include your current branch of service and unit information on letter. Contracting Only: List your years of experience, warrant, and certification level. Fill out skills matrix spreadsheet (N/A to Acquisitions/Contracting) Skills Matrix Sheet Fill out your form, upload letters of intent, and skills matrix by clicking the “Apply Here” button below. Commander or equivalent approval is required to participate in this program. DISCLAIMER: The application process uses Google Forms which is blocked by some Government networks. Please apply from a different network or device if you are blocked from using Google Forms. Apply Here Apply to the Residency, NLT 31 December 2022. Applications received after this date will not be considered. Coordinating Instructions Selected applicants must be able to start the six-month residency on 6 February 2023. The program will last for 6 months and will be 100% Remote. There are no TDY costs associated with the residency program. Applicants must have at least 6 months left at their current duty station or service commitment to be eligible to apply. There is no payback tour incurred by participating in this opportunity."},{"id":"/careers","path":" careers","title":"CAREERS","description":"Platform One allows users to deploy a DevSecOps Software Factory and start solving software problems with a 90% solution day 1, instead of starting from nothing.","content":"Home Careers CAREERS Platform One allows users to deploy a DevSecOps Software Factory and start solving software problems with a 90% solution day 1, instead of starting from nothing. Apply Now Join the Team Your browser does not support the video tag. Platform One (P1) is a modern cloud-era platform that provides valuable tooling, hosts CI/CD DevSecOps pipelines, and offers a secure Kubernetes platform for hosting microservices. Authorization to go live with your application can be achieved faster than ever by using Iron Bank hardened containers and P1 pipeline security tools. The resulting Certificate to Field (CtF) and Continuous Authority to Operate (cATO) provides developers the ability to push validated code into production on an ongoing basis. This results in shorter development cycles, less debugging, and more rapid feature development. VIEW OPENINGS VALUE STATEMENTS Our values were determined through a working session that was open-invite to the entire P1 team. The people defined what was important to them instead of having someone tell them what to value! EMPOWER Empower individuals and teams with the trust to be accountable and grow Platform One into an organization that drives change personally and professionally. OBSESS Obsessively know our customers and solve their challenges by delivering actual, functional solutions instead of arguing about requirements and process. Continue to improve the solution well into the future. VALUE We. Value. Diversity. We are committed to Diversity and Inclusion. Employees in our inclusive environments feel appreciated for their unique characteristics and therefore comfortable sharing their ideas and other aspects of their true and authentic selves. NOURISH Nourish a culture of open, safe, candid communication, and decision making at all levels. We accomplish this by a heightened sense of self-awareness and encourage people to know their own faults and continuously work to improve them. When engaged in conversation, seek to understand the other's point of view prior to attempting to change his or her opinions. We care about the pulse of our organization and use it to help continuously improve our processes! - Platform One Leadership VISION A collaborative Defense Department enabled by continuous delivery. MISSION Accelerate Secure Software Delivery for the DoD. Platform One Awards 2020 DEFENSE ACQUISITION WORKFORCE AWARD WINNERS David Packard Excellence in Acquisition Award Software Innovation Team Award 2021 IMPROVEMENT AND INNOVATION AWARDS WINNERS Team of the Year Platform One Ready to join the platform one team? We are looking for innovativers to join our mission to transform the digital force through rapid software development. View Openings"},{"id":"/contact-us","path":" contact-us","title":"Contact Us","content":"Home Contact Us Contact Us First Name Last Name Sector Government Sponsoring Program* * required Email* * required Phone* * required How can we help? How did you hear about Platform One? Send Info If you have a tech issue, please visit the Platform One Support Hub. Looking for the Residency Program sign up? Residency Program"},{"id":"/products/party-bus/ama","path":" products party-bus ama","title":"AMA","content":"Calling all Party Bus customers and potential Party Bus passengers Mark your calendars for the following dates. Party Bus will be hosting an \"Ask an Engineer\" Session the last Wednesday of each month through November. Upcoming Sessions October 26th November 30th Click here to join the session!"}]
\ No newline at end of file

src/components/Base/LogoCard.vue

@@ -53,6 +53,12 @@ export default {
   vertical-align: middle;
   cursor: not-allowed;
 }
+
+.hvr-grow:hover,
+.hvr-grow:focus,
+.hvr-grow:active {
+  transform: scale(1.1);
+}
 .card-style {
   max-width: 400px;
 }

src/components/WhoWeServe.vue

@@ -4,53 +4,91 @@
 
     <div class="container d-flex flex-wrap justify-content-center">
       <div class="img-wrapper">
-        <img
-          class="img-fluid"
-          src="@/assets/images/branches/dod-seal.webp"
-          alt="US Department of Defense"
-        />
+        <a
+          href="https://www.defense.gov"
+          target="_blank"
+          rel="noopener noreferrer"
+        >
+          <img
+            class="img-fluid hvr-grow"
+            src="@/assets/images/branches/dod-seal.webp"
+            alt="US Department of Defense"
+          />
+        </a>
       </div>
       <div class="img-wrapper">
-        <img
-          class="img-fluid"
-          src="@/assets/images/branches/af-seal.webp"
-          alt="US Air Force"
-        />
+        <a href="https://www.af.mil" target="_blank" rel="noopener noreferrer">
+          <img
+            class="img-fluid hvr-grow"
+            src="@/assets/images/branches/af-seal.webp"
+            alt="US Air Force"
+          />
+        </a>
       </div>
       <div class="img-wrapper">
-        <img
-          class="img-fluid"
-          src="@/assets/images/branches/marines-seal.webp"
-          alt="US Marine Corps"
-        />
+        <a
+          href="https://www.marines.mil"
+          target="_blank"
+          rel="noopener noreferrer"
+        >
+          <img
+            class="img-fluid hvr-grow"
+            src="@/assets/images/branches/marines-seal.webp"
+            alt="US Marine Corps"
+          />
+        </a>
       </div>
       <div class="img-wrapper">
-        <img
-          class="img-fluid"
-          src="@/assets/images/branches/navy-seal.webp"
-          alt="US Navy"
-        />
+        <a
+          href="https://www.navy.mil"
+          target="_blank"
+          rel="noopener noreferrer"
+        >
+          <img
+            class="img-fluid hvr-grow"
+            src="@/assets/images/branches/navy-seal.webp"
+            alt="US Navy"
+          />
+        </a>
       </div>
       <div class="img-wrapper">
-        <img
-          class="img-fluid"
-          src="@/assets/images/branches/army-seal.webp"
-          alt="US Army"
-        />
+        <a
+          href="https://www.army.mil"
+          target="_blank"
+          rel="noopener noreferrer"
+        >
+          <img
+            class="img-fluid hvr-grow"
+            src="@/assets/images/branches/army-seal.webp"
+            alt="US Army"
+          />
+        </a>
       </div>
       <div class="img-wrapper">
-        <img
-          class="img-fluid"
-          src="@/assets/images/branches/cg-seal.webp"
-          alt="US Coast Guard"
-        />
+        <a
+          href="https://www.uscg.mil"
+          target="_blank"
+          rel="noopener noreferrer"
+        >
+          <img
+            class="img-fluid hvr-grow"
+            src="@/assets/images/branches/cg-seal.webp"
+            alt="US Coast Guard"
+          />
+        </a>
       </div>
       <div class="img-wrapper">
-        <img
-          class="img-fluid"
-          src="@/assets/images/branches/sf-seal.webp"
-          alt="US Space Force"
-        />
+        <a
+          href="https://www.spaceforce.mil"
+          target="_blank"
+          rel="noopener noreferrer"
+        >
+          <img
+            class="img-fluid hvr-grow"
+            src="@/assets/images/branches/sf-seal.webp"
+            alt="US Space Force"
+          />
+        </a>
       </div>
     </div>
   </div>

src/router/routes.js

@@ -82,7 +82,7 @@ export const routes = [
       bodyClass: "pb-service-catalog",
       breadcrumb: "Service Catalog",
       header: {
-        subHeadingText: "Party Bus’",
+        subHeadingText: "Party Bus",
       },
     },
   },
@@ -156,7 +156,7 @@ export const routes = [
       breadcrumb: "Iron Bank",
       header: {
         description:
-          "Iron Bank is Platform One's authorized, hardened container repository—supporting the building blocks necessary for modern software delivery.",
+          "Iron Bank is Platform One's authorized, hardened, and approved image repository that supports the end to end lifecycle needed for modern software development.",
       },
     },
   },
@@ -248,7 +248,7 @@ export const routes = [
       header: {
         subHeadingText: "6-Month",
         description:
-          "Are you ready to take the leap? Consider joining Platform One and the DevSecOps Initiative in the experience of a lifetime by joining us for a 6-month remote Residency. Here’s your chance to learn a skill, hone a talent, experience a different culture and put your fingerprints on the transformation of DoD in one of the most crucial moments yet.",
+          "Are you ready to take the leap? Consider joining Platform One and the DevSecOps Initiative in the experience of a lifetime by joining us for a 6-month remote Residency. Here’s your chance to learn a skill, hone a talent, experience a different culture and put your fingerprints on the transformation of DoD in one of the most crucial moments yet.",
       },
     },
   },

src/scss/custom.scss

@@ -21,6 +21,24 @@ body {
     font-family: $body-font-family, sans-serif !important;
   }
 
+  .hvr-grow {
+    display: inline-block;
+    vertical-align: middle;
+    transform: translateZ(0);
+    box-shadow: 0 0 1px rgba(0, 0, 0, 0);
+    backface-visibility: hidden;
+    -moz-osx-font-smoothing: grayscale;
+    transition-duration: 0.3s;
+    transition-property: transform;
+    cursor: pointer;
+  }
+
+  .hvr-grow:hover,
+  .hvr-grow:focus,
+  .hvr-grow:active {
+    transform: scale(1.1);
+  }
+
   a {
     text-decoration: none;
   }

src/views/IronBank.vue

@@ -25,16 +25,16 @@
             <p>
               Iron Bank is happy to announce the initial release of the
               Acceptance Baseline Criteria (ABCs) and Overall Risk Assessment
-              (ORA) for Iron Bank containers. For additional information
-              regarding this announcement, including links to the existing ABC
-              and ORA documents, please see our README on Repo One.
+              (ORA) for Iron Bank images. For additional information regarding
+              this announcement, including links to the existing ABC and ORA
+              documents, please see our README on Repo One.
             </p>
           </div>
         </div>
         <v-btn
           class="my-6 mx-3"
           color="primary"
-          href="https://repo1.dso.mil/dsop/dccscr/-/tree/master/ABC/ORA%20Documentation"
+          href="https://docs-ironbank.dso.mil/blog/2022/abc-ora/"
           target="_blank"
           rel="noopener noreferrer"
         >
@@ -51,16 +51,17 @@
             <ul>
               <li>
                 Automates, secures, and accelerates the approval process of
-                commercial and open source containers to be used within the DoD
-                with DoD-wide reciprocity
+                commercial and open source images to be used within the DoD with
+                DoD-wide reciprocity
               </li>
               <li>
                 Brings accredited software to the DoD using processes and
                 procedures that are faster and more efficient than other methods
               </li>
+              <li>Provides continuous monitoring of approved images</li>
               <li>
-                Maintains continuously updated containers so that developers
-                have access to the latest tools
+                Maintains continuously updated images so that developers have
+                access to the latest tools
               </li>
               <li>
                 Provides a toolbox of commonly used and secured capabilities for
@@ -71,12 +72,11 @@
           <div class="col-md-6">
             <ul>
               <li>
-                Provides end-to-end management of container justifications for
-                known vulnerabilities and container approval process via
-                Vulnerability Assessment Tool (VAT)
+                Provides end-to-end management of image justifications for known
+                vulnerabilities and image approval process via Vulnerability
+                Assessment Tool (VAT)
               </li>
-              <li>Assists vendors with the hardening process of containers</li>
-              <li>Provides continuous monitoring of all hardened images</li>
+              <li>Assists vendors with the hardening process of images</li>
               <li>
                 The
                 <a
@@ -86,8 +86,20 @@
                   >Iron Bank
                   <v-icon small left class="mr-0 mb-1">mdi-lock</v-icon></a
                 >
-                website displays all hardened applications, along with their
-                relevant details
+                website offers a view of all approved applications and provides
+                any necessary details in regards to the application
+              </li>
+              <li>
+                <a
+                  href="https://registry1.dso.mil"
+                  target="_blank"
+                  rel="noopener noreferrer"
+                  >Registry One
+                  <v-icon small left class="mr-0 mb-1">mdi-lock</v-icon></a
+                >
+                is a fully compliant Open Container Initiative registry. All
+                images found under the Iron Bank project are guaranteed to be
+                approved
               </li>
               <li>
                 <a
@@ -97,7 +109,7 @@
                   >Repo One</a
                 >
                 is the central repository for the source code to create hardened
-                and evaluated containers for the DoD
+                and evaluated images for the DoD
               </li>
             </ul>
           </div>
@@ -119,24 +131,13 @@
             </v-card>
             <v-card color="transparent" flat>
               <p class="white--text">
-                Iron Bank works with the open source community and commercial
-                vendors to centralize hardened versions of their applications,
-                which are then easily accessible to the entire DoD. This enables
-                the defense community to deploy their secure applications from
-                Iron Bank at an unprecedented speed.
+                We work with the open source community and commercial vendors to
+                centralize a hardened and approved version of an application
+                that is easily accessible to the entire DoD. By leveraging our
+                Certificate to Field (CtF) process, the DoD community can
+                quickly and easily deploy applications at unprecedented speed.
               </p>
             </v-card>
-            <v-card color="transparent" class="mt-auto" flat>
-              <v-btn
-                color="primary"
-                class="my-6"
-                href="https://registry1.dso.mil"
-                target="_blank"
-                rel="noopener noreferrer"
-              >
-                <v-icon color="#202020" left>mdi-lock</v-icon>Registry One
-              </v-btn>
-            </v-card>
           </v-card>
         </div>
         <div class="col-md-7 text-left pl-md-16 pa-12 pa-md-0 border-left-md">
@@ -154,7 +155,7 @@
                 alt="earth icon"
               />
               <p>
-                Every 24 hours applications are built and scanned again for
+                Every 12 hours applications are built and scanned again for
                 findings
               </p>
             </div>
@@ -186,34 +187,6 @@
               <p>DISA STIGs, CIS benchmarks, and best practices applied</p>
             </div>
           </div>
-          <div :class="$vuetify.breakpoint.smAndDown ? 'text-center' : ''">
-            <v-btn
-              :class="
-                $vuetify.breakpoint.smAndDown
-                  ? 'my-3 my-md-6 mx-3'
-                  : 'my-6 mr-6'
-              "
-              color="primary"
-              href="https://ironbank.dso.mil/ironbank/repomap"
-              target="_blank"
-              rel="noopener noreferrer"
-            >
-              <v-icon color="#202020" left>mdi-lock</v-icon> Explore Iron Bank
-            </v-btn>
-            <v-btn
-              :class="
-                $vuetify.breakpoint.smAndDown
-                  ? 'my-3  mx-3 black--text'
-                  : 'my-6 black--text'
-              "
-              color="light"
-              href="https://repo1.dso.mil/dsop"
-              target="_blank"
-              rel="noopener noreferrer"
-            >
-              Repo One
-            </v-btn>
-          </div>
         </div>
       </div>
     </v-container>
@@ -224,10 +197,10 @@
           <div class="row justify-center">
             <div class="col-12 col-xl-8">
               <p>
-                Interested in submitting a container to be hardened and
-                published on Iron Bank and Registry One? Check out the
-                Contributor Onboarding Guide and see how to successfully scan
-                and harden your container(s) through the
+                Interested in submitting a image to be hardened and published on
+                Iron Bank and Registry One? Check out the Contributor Onboarding
+                Guide and see how to successfully scan and harden your image(s)
+                through the
                 <Tooltip
                   text="DevSecOps"
                   tooltip="Development, Security, and Operations"
@@ -315,16 +288,16 @@
       <v-container class="px-md-8 px-auto mt-10">
         <v-container class="px-lg-16">
           <h2 class="my-3 mx-lg-16 mx-auto">
-            How Do I Contribute Containers to Iron Bank to be Hardened?
+            How Do I Contribute Images to Iron Bank to be Hardened?
           </h2>
           <div class="row justify-center">
             <div class="col-12 col-xl-8">
               <p>
-                Before contributing application containers, you should first
-                make sure the application you are contributing is not already in
-                the Iron Bank. If the application/container image does not
-                exist, requests can be made with the Iron Bank Onboarding team
-                for accreditation. Please complete the
+                Before contributing application images, you should first make
+                sure the application you are contributing is not already in the
+                Iron Bank. If the application/container image does not exist,
+                requests can be made with the Iron Bank Onboarding team for
+                accreditation. Please complete the
                 <span class="onboarding-request"
                   >Iron Bank Onboarding Request</span
                 >.
@@ -396,7 +369,7 @@
               </h4>
               <v-card-text class="black--text">
                 <p>
-                  Need some help with your containers getting through Iron Bank?
+                  Need some help with your images getting through Iron Bank?
                   Have questions on where things are at? Are you feeling stuck
                   and want to figure out next steps? This is the meeting for
                   you! Come meet with the Iron Bank leadership and engineers to
@@ -427,44 +400,20 @@
           <img class="img-fluid" :src="IBVSDiagram" alt="Iron Bank Diagram" />
         </div>
       </div>
-      <div class="mx-auto mb-10">
-        <DownloadButton
-          text="Iron Bank Diagram"
-          icon="mdi-image-outline"
-          :href="IBVSDiagram"
-        />
-      </div>
     </v-container>
 
-    <Wave>
-      <div>
-        <h2>DO YOU HAVE FEEDBACK FOR IRON BANK?</h2>
-        <p>
-          We are always looking to improve our processes to meet our vendor's
-          needs.
-        </p>
-        <v-btn
-          color="primary"
-          class="mt-4 mb-12"
-          href="https://forms.gle/qMiZCm8hozgNkJMP7"
-        >
-          Leave Feedback
-        </v-btn>
-      </div>
-    </Wave>
-
     <v-container class="px-md-8 px-auto">
       <v-container class="px-md-8 px-auto">
         <v-container class="px-lg-16">
           <h2 class="my-3 mx-lg-16">
-            Pulling Hardened Containers From Registry One
+            Pulling Hardened Images From Registry One
           </h2>
           <div class="row justify-center">
             <div class="col-12 col-xl-8">
               <p>
-                The below diagram outlines how to manually pull containers from
-                Registry One. Iron Bank offers service accounts to automate the
-                pulling process.
+                All images under the Iron Bank project are officially approved.
+                See the following diagram on how to manually pull images from
+                Registry One. Automated pull capabilities coming soon.
               </p>
             </div>
           </div>
@@ -492,18 +441,10 @@
         <IBCollapsiblesDownloadSteps />
       </div>
 
-      <div class="mx-auto mt-4 mb-10">
-        <DownloadButton
-          text="Pulling Containers"
-          icon="mdi-image-outline"
-          :href="IBVSRegistry1Process"
-        />
-      </div>
-
       <v-container class="px-md-8 px-auto mt-10">
         <v-container class="px-lg-16 text-center">
           <h2 class="my-3 mx-lg-16 mx-auto">
-            How Do I Use A Hardened Container at a Multi-Security Level?
+            How Do I Use A Hardened Image at a Multi-Security Level?
           </h2>
           <div class="row justify-center">
             <div class="col-12 col-xl-8">
@@ -526,9 +467,9 @@
           <div class="row justify-center">
             <div class="col-12 col-xl-8">
               <p>
-                Every container must pass each phase of the Iron Bank pipeline
-                to be available on Iron Bank and Registry One. Passing these six
-                phases results in a container being signed and accredited.
+                Every image must pass each phase of the Iron Bank pipeline to be
+                available on Iron Bank and Registry One. Passing these six
+                phases results in a image being signed and accredited.
               </p>
             </div>
           </div>
@@ -536,7 +477,7 @@
             class="my-6 mx-auto learn-more"
             data-cy="download"
             color="primary"
-            href="https://repo1.dso.mil/ironbank-tools/ironbank-pipeline/-/tree/master/"
+            href="https://docs-ironbank.dso.mil/quickstart/pipeline/"
             target="_blank"
             rel="noopener noreferrer"
           >
@@ -559,29 +500,22 @@
       <div class="mt-16" v-if="$vuetify.breakpoint.smAndDown">
         <IBCollapsiblesPipeline />
       </div>
-
-      <div class="mx-auto mt-4 mb-10">
-        <DownloadButton
-          text="Iron Bank Pipeline"
-          icon="mdi-image-outline"
-          :href="IBVSDiagram"
-        />
-      </div>
     </v-container>
 
     <v-container class="px-auto mx-auto">
-      <h2 class="mx-auto">FEEDBACK FOR OUR ONBOARDING ON ANYTHING ELSE?</h2>
+      <h2>DO YOU HAVE FEEDBACK FOR IRON BANK?</h2>
+      <p>
+        We are always looking to improve our processes to meet our vendor's
+        needs.
+      </p>
       <v-btn
         color="primary"
-        class="mt-4 mb-12 mx-10"
-        href="https://forms.gle/8CgHR4evQtT2HLwC9"
-        >Onboarding Feedback
-      </v-btn>
-      <v-btn
-        color="primary"
-        class="mt-4 mb-12 mx-10"
-        href="https://forms.gle/htEQGd39dgjbfJ5d7"
-        >AMA Feedback
+        class="mt-4 mb-12"
+        href="https://forms.gle/qMiZCm8hozgNkJMP7"
+        target="_blank"
+        rel="noopener noreferrer"
+      >
+        Leave Feedback
       </v-btn>
     </v-container>
 
@@ -599,11 +533,12 @@
           <v-btn
             class="mx-auto mt-6"
             color="primary"
-            href="https://confluence.il2.dso.mil/cq/questions.action?spaceKey=P1"
+            href="https://docs-ironbank.dso.mil/faq/"
             target="_blank"
             rel="noopener noreferrer"
-            ><v-icon color="#202020" left>mdi-lock</v-icon> FAQ</v-btn
           >
+            FAQ
+          </v-btn>
         </div>
       </div>
     </Wave>
@@ -625,7 +560,6 @@ import IBLogo from "@/assets/images/logos/Iron_Bank_Logo_LIGHT.webp";
 import IBVSDiagram from "@/assets/images/iron-bank/IBVS_diagram.webp";
 import IBVSRegistry1Process from "@/assets/images/iron-bank/IBVS_registry1_process.webp";
 import IBVSPipeline from "@/assets/images/iron-bank/IBVS_pipeline.webp";
-import DownloadButton from "@/components/Base/DownloadButton.vue";
 import IBCollapsiblesPipeline from "@/components/IBCollapsiblesPipeline.vue";
 import IBCollapsiblesDownloadSteps from "@/components/IBCollapsiblesDownloadSteps.vue";
 import Tooltip from "@/components/Base/Tooltip.vue";
@@ -635,7 +569,6 @@ export default {
   components: {
     PageHeader,
     Wave,
-    DownloadButton,
     IBCollapsiblesPipeline,
     IBCollapsiblesDownloadSteps,
     LightBox,

src/views/Services.vue

@@ -28,9 +28,9 @@
               <li>
                 To learn more about these capabilities, please contact
                 <a
-                  href="mailto:af.cso@us.af.mil?subject=Platform One Custom Development Services Question"
+                  href="mailto:platformone@afwerxpartner.com?subject=Platform One Custom Development Services Question"
                 >
-                  af.cso@us.af.mil
+                  platformone@afwerxpartner.com
                 </a>
                 with Subject: "Platform One Custom Development Services
                 Question"
@@ -55,9 +55,9 @@
               <li>
                 To learn more about these capabilities, please contact
                 <a
-                  href="mailto:af.cso@us.af.mil?subject=Platform One CNAP Question"
+                  href="mailto:platformone@afwerxpartner.com?subject=Platform One CNAP Question"
                 >
-                  af.cso@us.af.mil
+                  platformone@afwerxpartner.com
                 </a>
                 with Subject: "Platform One CNAP Question"
               </li>
@@ -89,9 +89,9 @@
               <li>
                 To learn more about these capabilities, please contact
                 <a
-                  href="mailto:af.cso@us.af.mil?subject=Platform One CI/CD Options Question"
+                  href="mailto:platformone@afwerxpartner.com?subject=Platform One CI/CD Options Question"
                 >
-                  af.cso@us.af.mil
+                  platformone@afwerxpartner.com
                 </a>
                 with Subject: "Platform One CI/CD Options Question"
               </li>
@@ -133,9 +133,9 @@
               <li>
                 To learn more about these capabilities, please contact
                 <a
-                  href="mailto:af.cso@us.af.mil?subject=Platform One Managed Tools Question"
+                  href="mailto:platformone@afwerxpartner.com?subject=Platform One Managed Tools Question"
                 >
-                  af.cso@us.af.mil
+                  platformone@afwerxpartner.com
                 </a>
                 with Subject: "Platform One Managed Tools Question"
               </li>
@@ -240,9 +240,9 @@
               <li>
                 To learn more about these capabilities, please contact
                 <a
-                  href="mailto:af.cso@us.af.mil?subject=Platform One Training Question"
+                  href="mailto:platformone@afwerxpartner.com?subject=Platform One Training Question"
                 >
-                  af.cso@us.af.mil
+                  platformone@afwerxpartner.com
                 </a>
                 with Subject: "Platform One Training Question"
               </li>

tests/e2e/specs/downloads.js

@@ -23,7 +23,7 @@ describe("Testing File Downloads", () => {
   });
 
   it("Iron Bank Downloads", () => {
-    verifyDownloads(6, "/products/iron-bank");
+    verifyDownloads(3, "/products/iron-bank");
   });
 
   it("Party Bus Downloads", () => {

tests/e2e/specs/locks.js

@@ -11,7 +11,7 @@ function checkLockIcons() {
           cy.log(href);
           if (
             href.match(
-              /(?<!(repo1|p1|login|onboarding|sso-info|jobs|docs-bigbang|padawan-docs).*).dso.mil/
+              /(?<!(repo1|p1|login|onboarding|sso-info|jobs|docs-bigbang|padawan-docs|docs-ironbank).*).dso.mil/
             )
           ) {
             cy.log("Expecting lock icon...");