FY24_Webinar Series_Rise 8_Watch

3-Part Webinar Series

Security by Design for Government Agencies: Setting the Course

Part 1

Understanding the impact of traditional ATO

First, we examine the ATO functionality, the importance of automation, and the challenges involved in shifting left. In addition, we discuss collaboration enhancements, user-centered design, and how empathy plays a crucial role in managing change.

Part 2

Exploring  the continuous ATO playbook

As part of the cATO manifesto, we outline key principles of security, privacy, and compliance. To advance cybersecurity within resource constraints, Bryon advocates drawing smaller authorization boundaries for speed and agility, establishing authorization boundaries at the API level, and switching from initial authorization to ongoing authorization. Additionally, we discuss how developing trust with assessors can streamline the process.

Part 3

Integrating cATO into Government DevSecOps  

We shift our focus to practical advice on integrating cATO into DevSecOps. Provide actionable steps, including forming cross-functional teams, utilizing Just in Time Training, linking authorization packages to infrastructure as code, and setting up a secure release pipeline. Ultimately, we underline the “WHY” and remind everyone that real humans at the end of this process depend on us to secure the software.

Meet our experts

FY24_Webinar Series_Rise 8_Watch

Bryon Kroger

Founder and CEO


FY24_Webinar Series_Rise 8_Watch

Rohit Sethi

Chief Executive Officer

Security Compass

FY24_Webinar Series_Rise 8_Watch

Jay Ryan

U.S. Federal Government Program Manager

Security Compass

More resources

Research Report 

The State of Secure Development & ATO in U.S. Government Agencies

FY24_Webinar Series_Rise 8_Watch

The ATO process, evolving amidst cybersecurity changes, faces ongoing challenges. This report outlines both hurdles and opportunities for U.S. government agencies.

cATO Playbook

Continuous Delivery Risk Management Framework Playbook

FY24_Webinar Series_Rise 8_Watch

More than a tool for faster software delivery, utilize Rise8’s playbook to enhance security and privacy outcomes and foster continuous delivery.