Securing software through its entire lifecycle

What agencies need are the proper controls to manage and secure their DevSecOps processes, especially as they use more open source software. Having this discipline will open the door a bit wider to innovation as well.