Navigating the Navy Department’s Black Pearl Software Factory Program: Moving Towards Classified Networks
In recent years, the Navy Department’s “Black Pearl” software factory program has been making significant progress in partnering with customers across the department. The program has successfully obtained accreditation up to “impact level five” data, allowing it to work with controlled unclassified information and national security systems. Now, Black Pearl is setting its sights on achieving accreditation for “impact level six” so it can handle secret-level classified workloads.
One of the key aspects of Black Pearl’s success has been its ability to work closely with authorizing officials within the Navy. These officials are responsible for granting or denying authority-to-operate packages, and their approval is crucial for implementing new technologies and agile software development practices. Initially, Black Pearl faced challenges in gaining ATOs, but through building relationships and collaboration with authorizing officials, the program has been able to streamline the process and work towards a common goal of enhancing Navy security.
Manuel Gauto, chief engineer for Black Pearl, emphasized the importance of prioritizing security over compliance and the need to stay ahead of evolving threats and technologies. The program has also developed guidance for Navy organizations to facilitate discussions with authorizing officials on cutting-edge technologies such as software containers, Kubernetes, and the cloud.
In addition to its current initiatives, Black Pearl is working on a new offering called “Shipyard,” which will serve as a software factory for delivering to the cloud. This tool will provide policies, procedures, and code scanning capabilities to ensure the security and compliance of software deployments. Black Pearl is also focused on translating cybersecurity data into formats that authorizing officials are familiar with, in order to facilitate productive conversations and decision-making.
Overall, the Black Pearl program’s dedication to innovation, collaboration, and security is driving its success in delivering DevSecOps practices and services to various Navy organizations. By working closely with authorizing officials and leveraging cutting-edge technologies, Black Pearl is paving the way for a more secure and efficient software development process within the Navy.