DoDIN APL Day Agenda 2025

Moderator: TBA

09:00 | Navigating the Pitfalls on the Path to DoDIN APL Certification (Y20a) Jeremy Duncan, Managing Partner, Tachyon Dynamics
This talk covers common administrative, logistical, and technical pitfalls in achieving certification, offering valuable insights for both new and experienced vendors to streamline their path to approval.

09:30 | Planning for the Next-Gen of Government IT (Y20b) Chip Daniels, VP of Strategy and Operations, SolarWinds
Government IT systems must adapt to meet emerging demands while maintaining strict security and compliance standards. This talk explores strategies for planning and deploying next-generation IT solutions within the Department of Defense, with a focus on navigating DoDIN APL requirements.

10:00 | Post-Quantum Cryptography and DoDIN Certification (Y20c) Stiepan Kovac, Quantum Resistant Cryptography
This talk explores the impact of post-quantum cryptography (PQC) on the DoDIN APL certification process, with insights into emerging PQC standards, how they align with current DoDIN requirements, and strategies for integrating quantum-resistant algorithms into products seeking certification.

Moderator: Robert Teague, Director CMMC Services, Redspin

11:00 | APL Pitfalls—Why Vendors Enter the DoDIN APL Process and Fail and How to Avoid These Issues (Y21a) Kathleen Moyer, Director of Service Delivery, Corsec Security
This talk covers common pitfalls vendors face during the certification journey—from technical non-conformities to documentation errors—and provides practical guidance on how to avoid them. Learn from real-world examples and gain strategies to streamline your path to APL approval, saving time, resources, and frustration.

11:30 | Optimizing Compliance: Streamlining Security and Certification Readiness (Y21b) Shashi Karanam, Senior Manager, Cybersecurity GRC, Comcast
In today’s fast-changing regulatory landscape, continuous compliance is key. This session explores how proactive security assessments and early compliance planning can help vendors streamline certification processes and meet security and interoperability requirements efficiently.

12:00 | Preparing for the DoDIN APL Testing Process (Y21c) Herbert Markle, CC Technical Director and Lead DoDIN APL Consultant, Booz Allen Hamilton
As one prepares a product for the DoDIN APL process there are some things that can be accomplished ahead of time to help make the testing experience better. This talk will focus on upfront planning, lessons learned, and long term planning.

Moderator: TBA

13:30 | Software Acquisition Guide for Government Enterprise Consumers (Y22a) Sridhar Balasubramanian, Principal Product Security Architect, NetApp, Inc.
This talk explores how the Software Acquisition Guide helps procurement teams assess suppliers’ cybersecurity practices across the software lifecycle—covering development, supply chains, deployment, and vulnerability management.

14:00 | Your Data Their Target (Y22b) Westley McDuffie, Client Technical Advocate, IBM
This talk highlights how leveraging Intelligence Preparation of the Battlespace (IPB) enables proactive defense—understanding threats, predicting adversary moves, and securing critical information to maintain cyber superiority.

14:30 | A Novel Approach to Reducing Costs (Y22c) Nik Pruthi, President, NIKSUN
A novel approach to reducing compliance and certification costs while simultaneously decreasing your attack surface, improving reliability, and enhancing interoperability.

Moderator: Shrav Mehta, CEO, Secureframe

15:30 Secure, Operate, Defend: Developing for the APL; Planning for Adoption (Y23a) Joshua Fallon, Senior Network Defense Analyst Monitoring & Response Directorate CERT Division, Carnegie Mellon University Software Engineering Institute
This talk explores strategies for managing products throughout their lifecycle to maintain compliance, address evolving security requirements, and ensure continued alignment with DoDIN standards.

16:00 | Panel Discussion: Future-Proofing DoDIN APL—Innovations Shaping the Next Generation of Certified Technologies (Y23b) Leader: Herbert Markle, CC Technical Director and Lead DoDIN APL Consultant, Booz Allen Hamilton; Panelists: Bill Shelton, Program Director- Certifications, SDL, SBOM, Juniper Networks; Westley McDuffie, Client Technical Advocate, IBM
As technology evolves at an unprecedented pace, how can the DoDIN APL certification process adapt to ensure future readiness without stifling innovation? This panel brings together industry leaders, government stakeholders, and cybersecurity experts to discuss the emerging technologies—such as AI/ML, zero-trust architectures, quantum-resistant solutions, and advanced network security—that will shape the future of the DoD Information Network. The discussion will explore how these innovations can be integrated into existing certification frameworks, address challenges in certifying cutting-edge solutions, and consider what the future holds for the DoDIN APL process. Topics include:

• How emerging technologies challenge traditional certification models.
• Balancing security, innovation, and compliance in the DoDIN ecosystem.
• The future role of AI, Zero Trust, and Post-Quantum Cryptography in DoDIN APL.
• Strategies for accelerating certification timelines for innovative solutions.
• Collaboration opportunities between government and industry to future-proof the DoDIN APL process.