FORT BELVOIR, Va. – Applied Cyber Technologies (ACT)—a component of PEO EIS’s Defense Cyber Operations (DCO) program—recently celebrated the completion of its first two milestones in the development of its cloud-based continuous integration/continuous delivery(CI/CD) pipeline known as DRUID.
DRUID—short for the “Defense Cyber Operations Resource for Updates, Innovation and Development” —is designed to vastly improve how the Army’s Cyber Mission Forces (CMF) train, conduct missions and fight an elusive threat. When complete, DRUID will enable cyber warriors to build complex application images, automatically scan and remediate them, and push them to the integration environment with 100 percent automation.
Most of the Army’s inventory of IT systems is based on virtual machines (VMs) that require challenging, manual processes; DRUID solves this problem. Besides enabling the Army to continuously build, scan, harden, test and maintain a common baseline for all of DCO’s systems, DRUID provides the capacity to rapidly layer new technologies onto this baseline. This allows the Army to consistently and continuously maintain a fleet of systems and tools, all baked using the same pipeline. DRUID also allows DCO to onboard new vendors in days instead of months without sacrificing security protocols, ensuring continuity across tools deployed to the field. Finally, DRUID brings a brand new workflow to DCO without requiring the swapping out of the entire infrastructure to support containers.
DRUID’s container-based mindset and use of Agile, CI/CD, and development, security and operations (DevSecOps) methodologies, make it unique and advanced in the Army’s cyber enterprise.
“Up until now, the Army hasn’t had a publicly accessible developmental environment that can be used to find innovative solutions for our critical cyber problems,” said Lt. Col. Pete Amara, ACT’s new product lead. “DRUID solves this legacy problem in the Army’s IT infrastructure by applying modern continuous integration processes and workflows to legacy systems and deployment models.”
DRUID not only increases cyber Soldiers’ access to emerging technologies, it allows them to access specific and unique skill sets from industry, academia and government, across a potentially global network. This directly impacts mission effectiveness by enabling the Army’s cyber mission problems to be solved at the speed of operational relevance.
As of late June 2020, ACT has finished configuring, integrating and testing DRUID’s application image. The product office’s next steps include strengthening DRUID’s security scanning and image building functions, and completing its connection to the continuous integration portion of the pipeline. This next milestone will culminate with the installation and configuration of the complete DRUID CI/CD pipeline at Fort Belvoir’s Forge, DCO’s innovation center for defensive cyber prototypes.
ACT’s developmental milestones for DRUID are being achieved at the same quick pace that the contract was initially awarded. Earlier this year, ACT awarded the DRUID contract to ORock Technologies within 90 days by using a unique feature of its Other Transaction Authority (OTA) mechanism. Through its rapid-procurement model, ACT is able to source solutions from industry-leading vendors, vet their capabilities and award contracts in record time. Rapid procurement of cyber solutions is critical to the Army’s ability to fight ever-changing cyber threats and best prepares CMF for the battles ahead.