Software Factory

Pre-Configured Capability Development

Fully portable and pre-configured to accelerate delivery into any production environment

Focus on the Mission: secure DevSecOps environments

Focus on The Mission

Address the critical challenges faced in establishing secure DevSecOps environments.

Accelerated Build Times for mission capabilities

Accelerated Build-times

Rapidly build mission capabilities with a comprehensive suite of software development tools.

Secure Your Supply Chain with comprehensive SBOMs

Secure Your Supply Chain

Generate comprehensive SBOMs. Have confidence in the security of your software dev process.

Simplified and Streamlined Coding

Software Factory eliminates the complexity associated with configuration, integration, and delivery of an internal developer platform. Moreover, it streamlines the challenges of managing configuration, compliance, and mission application security. This enables your teams to dedicate their efforts to developing optimal mission applications and environments for the warfighter.

Quickly Create a Pipeline with Pre-Made Components*

Development Teams can select from a set of preconfigured and hardened CI/CD pipeline components allowing them to own their pipeline while also providing Security Teams vital information.

CI/CD pipeline showing customizable components and stages

*Example is for illustrative purposes only. It does not accurately represent the current number of available pipeline components. Pipelines can be configured to automate the steps of your software approval process as needed. New components are regularly being added.

Flexibly Add & Remove Pipeline Components in your pipeline without relying on other teams.

Add and Remove Pipeline components

Removes The Manual Process of compiling pipeline artifacts & results for AO Review.

Removes the manual compliance process

Develop & Package Your Software to be deployed into any infrastructure including Air Gap environments

Develop and Package your software

Security Teams can Easily Look Up and Monitor the Compliance of the development team's pipeline.

Easily Monitor Pipeline Compliance

Develop Mission Software Anywhere With

Unicorn Delivery Service logo

Software Factory reduces compliance overhead by meeting most NIST-800-53 controls by default when deployed on UDS, speeding up authorization so you can focus on mission-critical tasks. Deployable anywhere, it produces artifacts compatible across environments, offering flexibility to build on the low side and deploy to the high side seamlessly.

Bundled UDS packages include

Gitlab logo

GitLab

A DevOps software package that can develop, secure, and operate software.

Gitlab logo

GitLab Runner

A continuous integration runner for GitLab.

Mattermost logo

Mattermost

An open source, self-hosted online chat.

SonarQube logo

SonarQube

An open-source platform developed by SonarSource for continuous inspection of code quality.

Software Delivery Lifecycle

Achieve a Continuous ATO by securing your supply chain and running CI/CD pipelines

Software Factory provides the tooling to set your organization up for a continuous ATO (cATO). Plus, you gain full ownership of your environment and data, with the freedom to choose support providers, control costs, and ensure data sovereignty. Customize Software Factory's open architecture and pipeline templates to fit your unique mission or application needs, aligning perfectly with your workflows.

Software Delivery Lifecycle diagram showing CI/CD pipeline stages

Software Factory Use Cases

Flexible Deployment Across Boundaries and Environments

Deploy Within the Same Authorization Boundary

Utilize automation to establish continuous deployment practices in your environment.

Deploy Artifacts Across Authorization Boundaries

Develop in low-security or cloud environments, then deploy to high-security or on premises systems.

Packaged Artifacts Are Built to Run in K8s

So they can deploy to multiple target infrastructures.

Develop and Deploy in An Air Gapped Environment

Our tooling is packaged so it can be deployed to multiple environments easily. Developing in an air gap or moving some portions of your pipeline to higher classification levels to protect sensitive vulnerabilities is possible.