The Big Picture: Defense DevSecOps runs on a knowable set of documents, platforms, and tools. This index collects them in one place — the same sources cited across the Secure Delivery series.


Why It Matters

Half the time lost on a defense software program is spent finding the authoritative document or the right tool, not reading it. Bookmark this page instead. Every link is the primary source or the working tool — no vendor summaries in between.

The Details

  • Policy & Strategy: The DoD-level documents that set the rules — CSRMC, DoDI 8510.01, the Zero Trust Strategy, cATO criteria.
  • NIST Publications: The control catalogs and frameworks the evidence maps to.
  • Platforms & Pipeline Tools: Platform One services and the open-source tools that produce the evidence.
  • Compliance & Training: CMMC bodies, assessment portals, and where to build the skills.

Bolding indicates resources I use or have used directly; non-bolded links are curated for reference. Verify the current version of any policy document before citing it — issuances change.

Filter the index

Resource Index

TOC