Inactive

DISA is seeking information from potential sources for this effort that will replace the current Command and Control (C2) Software Factory (C2SF) effort. C2SF is a cloud-based admin-tenant development... DISA is seeking information from potential sources for this effort that will replace the current Command and Control (C2) Software Factory (C2SF) effort. C2SF is a cloud-based admin-tenant development, security, and operations (DevSecOps) integration platform hosted in accredited impact level 5 (IL5) and impact level 6 (IL6) environments. Its core capability is a centrally hosted toolchain of software used for the execution and auditing/testing of DevSecOps pipelines, where Department of Defense (DoD) Information Technology Program Management Offices (PMO) integrate their contracted products. Each piece of software in the toolchain goes through an independent cost-benefit analysis consisting of the security posture of the tool, its use-case in the commercial market, and the cost-benefit ratio of centralizing the tool under a common platform versus leaving it in an independent PMO acquired product. C2SF utilizes a combination of market research, tenant requirements, common requirements from DoD 3rd party auditors (ex: Joint Interoperability Test Command, Risk Management Executive), and consistency with other DoD DevSecOps platforms. Each PMO customer of C2SF can access centrally hosted software under the C2SF authority to operate accreditation based on their paid agreement with C2SF services.