SOCOM creating common core capabilities in the cloud to transform

The Air Force has Platform One. The Army is creating cArmy. And now Special Operations Command is jumping on the DevSecOps bandwagon with its own version called Agile Dagger.

Like the Air Force and Army’s versions, Agile Dagger isn’t about any one technology or process. It’s about getting capabilities to the field faster through standardization and with security built in from the beginning.

“We have established a DevSecOps-as-a-service approach. I think that we are the only ones, at least that I know of, in the DoD to have approached it from as a service, meaning you can actually log in to the platform, write code, put code into the environment, have ATO’ed, and then have it moved up automatically to other classification levels,” said Lisa Costa, the chief information officer of the Special Operations Command in the Defense Department, on Ask the CIO sponsored by ViON and Quantum. “I think we have kind of broken the code on that, and we are happy to share with all of the services’ efforts on how we have done that. But I think what’s really important with DevSecOps is what used to take months and years can literally take minutes or hours. That’s really what we’re going to because any initiative that you have in digital transformation has to relate back to what is the objective and the key result that I’m going for.”

She said through Agile Dagger, SOCOM organizations can share code and ensure integration of applications across different mission areas. Costa said Agile Dagger borrows heavily from similar efforts in the Air Force and the Army.

One of the reason SOCOM is using the DevSecOps-as-a-service approach is because of investment in the cloud it made several years ago.

Costa said before she became CIO in 2018 SOCOM started down the cloud path by understanding what workloads were most approach for commercial and government-only cloud services, and what needed to stay on-premise.

Taking full advantage of cloud services

Today, SOCOM is using all three approaches for all kinds of applications and data.

“We’re adopting cloud at an incredibly fast rate. Cloud allows us to get away from fixed facility, infrastructure. It allows us to reduce our cost in military construction projects. And it allows us to deliver capability to the end user, wherever that end user might be, which could be a very austere environment, or a highly contested and congested environment, quickly and within the relevance of the mission,” Costa said. “We especially are sensitive to the issue of being able to deliver a workload anywhere in the world, in minutes to seconds, as opposed to the traditional months or years. When I talk about DevSecOps, it’s not just for individual micro services, it’s an entire ecosystem that looks at creating cloud native code, as well as putting that code into a GitHub environment so that we can share and have reciprocity across our entire network. It allows us to take advantage of, and this is a really key, talent that resides in locations that are non-traditional for software.”

She said decisions about which cloud makes the most sense for SOCOM are driven by operational needs and how often special operations forces will need to access the application and data in austere environments.

One of the success stories with the cloud over the past year has been SOCOM’s move to Office 365 that is supporting about 80,000 remote users.

At the same time, however, SOCOM still is figuring out the right balance between cloud and on-premise infrastructure.

“We did have a lot of questions revolving around how are we going to manage the cloud from an enterprise perspective? We have a lot of great innovative individuals out there in special operations, but you can eat up a lot of your cloud resources that you allocated for the year in two days. We were concerned that there could be this uncontrollable appetite, and then also, perhaps a lack of knowledge of how to use cloud assets,” Costa said. “We developed a cloud brokerage office that has developed contracts with all of the leading cloud providers and has established ground rules associated with how much, resources we would allow etc., before we get alerts.”

Cyber standards means better data protection

The cloud broker office works with a theater Special Operations Commands that are associated with a combatant commands to meet their needs for cloud services. The theater SOCOM and COCOM answer a series of questions to help identify what the best cloud instantiation is, what the best approach is, whether it should be on premise or in a public or private cloud, what security level is needed and the types of parameters that one will put on it for types of services.

“The key here, and I really want to emphasize this, is cybersecurity in the cloud, which is really not well known. The skill sets in cybersecurity in the cloud are in high demand and there is low density so we want to do it right,” she said. “We are not only upskilling our own folks, but we are making use of people who are experts in this. It pays to go to an expert in cloud cybersecurity, and then teach your folks as you go as opposed to going ahead, dipping your toe in the cloud and then potentially exposing capability or information. The cloud brokerage office really helps with understanding where our data is and how it’s protected.”

Costa said protecting but also making data accessible is a main reason SOCOM’s approach to the cloud has to achieve the right balance.

New initiative focused on information sharing

She said a new initiative called Data Discovery is helping to ensure that data is accessible at the point of creation.

“When data is created on the network, whether it’s created by a human, a sensor or any other device or capability, we want that information to be able to automatically be discoverable and searchable,” Costa said. “It is incredibly important that individuals who are sitting at the edge understand what knowledge exists here at the headquarters that we’re able to also bring in from DoD and leverage and vice versa. The information at the edge has to be understood and searchable so that we’re feeding, tipping and queuing results, and that we’re able to understand the environment better and shape the environment. So ensuring that our folks as soon as a document, for example, is opened and someone starts typing, that information can immediately be known on the network based on how it’s marked.”

The Data Discovery initiative uses a recommender engine software, similar to commercial tools, to help special operations forces have a better understanding of where data exists in real time.

All of these efforts from Agile Dagger to Data Discovery to the adoption of cloud are part of how SOCOM is creating core capabilities that will underpin broad modernization and transformation efforts.

“This model of having a core capability and core services that can be checked out and built into your capability is really important for us so that there is reusability. It’s also a way of ensuring that the best code is used, as opposed to having very different standards of code being used across software,” Costa said. “It goes back to how do we get to that approach where we’re using the best and brightest resources that we have. The second piece of this is you really have to be careful about DevSecOps because there is the whole buy versus build discussion. Fundamentally, we want to buy as much as we can, and only build when it is something that is incredibly SOCOM unique because you’ll end up spending all of your DevSecOps credits in terms of continuous improvement, continuous delivery always maintaining software as opposed to developing new capabilities.”

Join moderator Jason Miller and Dr. Costa as they discuss:

  • SOCOM’s cloud strategy
  • How SOCOM is utilizing DevSecOps
  • The security shift
  • SOCOM’s data strategy

Listen to the full program:

Complimentary Registration

Please register using the form on this page or call (202) 274-4830.

This program is sponsored by  




By providing your contact information to us, you agree: (i) to receive promotional and/or news alerts via email from Federal News Network and our third party partners, (ii) that we may share your information with our third party partners who provide products and services that may be of interest to you and (iii) that you are not located within the European Economic Area.


Featured speakers

  • Lisa Costa

    Chief Information Officer, U.S. Special Operations Command

  • Jason Miller

    Executive Editor, Federal News Network

Sign up for breaking news alerts