Defense Unicorns

At Defense Unicorns, we believe in hiring for a culture add instead of a culture fit! 🦄 When it comes to building our stellar workplace culture, we know that every unicorn brings something special to the table, making our company and products even more fantastical. That's why, if you've ever swung by for an interview, you might have noticed our unique "culture add" first-round chat. Instead of searching for folks who blend seamlessly with our current vibe, we're on a mission to discover candidates with fresh ideas, diverse backgrounds, and unique viewpoints that expand and enrich our collective mindset. 🚀 If you're interested in becoming a unicorn, check out the link below 👇 https://lnkd.in/gTu5WQuP #CultureAdd #DiversityandInclusion #TeamCulture #Hiring #WorkplaceDiversity #EmployeeEngagement

Dream: All the software your mission needs, exactly where and when your mission needs it.🤯 Reality: There's a Defense Unicorns workshop for that.🥳 Calling all Program Managers and Engineers! Join us at our upcoming workshop in Washington DC! Be a part of our upcoming event where we bring United States Department of Defense, Industry partners, and our own Unicorns to work together and find actionable solutions to the real-world technical problems blocking your mission from critical capabilities. Accelerate mission value delivery in this two-day workshop with dedicated tracks for: 💻 Engineering  🏛 Program Management Where? 📍 Washington D.C. When? 🗓 August 12th & 13th You can join Drew Belk 🦄, Victoria Wyler, Phil Cole, Andrew Greene, Devin Allen, James 🦄 G., and Kyle Palko but attendance is limited, so apply for an invite today: https://shorturl.at/Y8auV

It’s Tuesday, and people are still recovering from a logic error due to a routine sensor configuration that happened on Friday, so now is a great time to talk about some key takeaways: ✨ Operational environments and cybersecurity must work hand-in-hand. This ensures that security measures don’t inadvertently disrupt operations. Regular and open communication between IT operations and cybersecurity teams is crucial to ensure updates and configurations are compatible. ✨ Take the time to understand the system failure; this is not a place for cutting corners, or you risk more vulnerability in the future. Use this opportunity to update your policies and procedures, conduct a postmortem, and learn from the incident to improve next time. Cybersecurity tools often require elevated privileges to monitor and protect critical areas where threats might exist. However, if these tools don't communicate properly with the environment, the consequences can be severe, like on Friday when there were mass outages at Hospitals, Airports, Banking Institutions, etc… With effective communication and alignment between operational and cybersecurity teams, we can mitigate the risk of such disruptions in the future and enhance our overall security posture. What are the first steps you would recommend taking after a situation like this? #CyberSecurity #ITCommunication

Join me on an egg 🥚 hunt of OpenSSF’s website, where you will find an axolotl that has earned its sandbox badge! Our team recently contributed Zarf, the open source tool we developed to enable continuous software delivery in disconnected environments, to OpenSSF. Zarf is now officially recognized as a Sandbox initiative on their website! We are looking forward to watching the Zarf community grow and continue to enhance the United States Department of Defense missions that Zarf supports!

Why do your environment and cybersecurity capabilities need to work closely together? Ask the millions of people stuck at airports today  🤷♂️ A recent software update conflict this morning gave countless organizations a widespread taste of just how crucial it is for these two components to be tightly coupled. Many organizations, regardless of the cybersecurity provider, encounter similar issues when updates or new security measures conflict with existing operational protocols. The reason for this outage will become clearer over the coming days, but in the meantime what are your thoughts?

Unlock the power of people in the cATO process in under a minute ⏱ In our latest video, Drew Belk 🦄 dives into the DevSecOps Continuous Authorization Implementation Guide, highlighting a crucial yet often overlooked aspect of the cATO process: the people. While tooling is important, a real game-changer in a continuous ATO is integrating and educating your team. Empowering your people to understand and utilize these tools effectively is key to success. You can keep an eye out here for more videos on the ATO and cATO, or you can read the Guide here: https://shorturl.at/FLS1P #DevSecOps #ATO

Biggest benefit of working at Defense Unicorns? ✨ THE SWAG ✨ Come check out our open roles and maybe you, too, can wear a unicorn shirt to work everyday ✨ 🦄 Security Engineer / Internal Penetration Tester 🦄 Contracts Specialist 🦄 DevSecOps Engineer 🦄 Golang Engineer 🦄 Lead Product Designer 🦄 Platform Engineer 🦄 Air Force Business Development Lead Head to the link below for more info and to apply 🦄 https://lnkd.in/g8xRVj-x #contractspecialist #devsecops #golang #penetrationtesting #platformengineer #hiring #productdesigner

The first #DefenseUnicornsWorkshop is in the books 🎉 We delved into the critical challenges facing the United States Department of Defense and explored how Defense Unicorns can help you walk away with actionable solutions to improve your mission capabilities. Thank you to all the incredible attendees of our first-ever workshop on Overcoming Software Delivery Challenges in Defense Missions! Share your experience with #DefenseUnicornsWorkshop If you want to connect with peers and 🦄s like Drew Belk 🦄, Austen Bryan, Victoria Wyler, Andrew Greene, Kyle Palko, and Phil Cole, who have gone through the same software delivery struggles, then stay tuned for a workshop near you! Where in the world should we workshop next?

📢 A Critical Lesson on the importance of Defense-in-Depth for the Government Cybersecurity Community 📢 A recent Cybersecurity and Infrastructure Security Agency Red Team exercise showed how important it is to strategically manage and mitigate vulnerabilities. CISA’s Red Team exploited a CVE at an undisclosed federal agency and was able to access the agency’s Oracle Solaris system. It took the agency more than two weeks to patch this vulnerability, during which time the Red Team maintained access, simulating a long-term threat. Here are a few key takeaways that a cybersecurity team or contractor should always have in place: ✨ It should never take more than 48 hours to patch a vulnerability. ✨ Dedicate time to enacting a strong Defense-in-Depth strategy upfront to avoid this level of breach in the future. ✨ Have an incident response plan prepared in case a vulnerability in your system is exploited; you don’t want to develop the plan as it happens. You can read the advisory here: https://shorturl.at/YeY1A

🚨 Say what!? 🚨 The Office of Management and Budget just dropped some exciting news about the Federal Government's cybersecurity budget for FY 2026, and guess what? Open source software (OSS) is taking center stage! Here’s the scoop 🍨 The memo is calling for a major upgrade in how the Government handles OSS, including: ✨ Promoting the security and sustainability of open source software (OSS) ✨ Motivating government agencies to engage in the development and maintenance of OSS ✨ Overhauling the government's approach to reviewing, approving, and centralizing OSS ✨ Incorporating these practices into cybersecurity frameworks ✨ Creating open source program offices to coordinate OSS usage across agencies and the government Seeing these changes make our unicorn hearts happy 💖 #opensourcesoftware #usgovernment #cybersecurity