Sentar Inc.’s CodeValor software assurance tool has been approved for US Department of Defense (DoD) use and will be included in the DoD Platform One Iron Bank repository.
Iron Bank is the DoD repository of security-hardened containers approved for DoD DevSecOps use. As part of the submission process, CodeValor underwent a rigorous auditing and approval process to obtain a continuous Authority to Operate (ATO).
Approved containers in Iron Bank have DoD-wide reciprocity across classifications. This enables developers across DoD to easily acquire and integrate CodeValor into their DecSecOps Continuous Integration/Continuous Delivery (CI/CD) pipelines to secure their code base and reduce ATO timelines.
CodeValor is currently being used at the Missile Defense Agency (MDA) to ensure both legacy and new-code applications are securely developed and deployed. DoD partners and software development teams will now have access to CodeValor’s advanced capabilities, including a command line interface to enable integration, POA&M reports for compliance documentation, and the ability to scan legacy languages such as Ada and Fortran.
“We are excited for CodeValor to be available for use across the DoD,” said Gary Mayes, Director of Research & Development at Sentar. “The DoD’s initiative of enhancing secure software development practices aligns directly with our own. Through this success, we are further protecting the applications that our country’s critical missions are contingent upon.”