Case Study > USCG: Nautilus Software Factory

USCG: Nautilus Software Factory

Customer Profile

The United States Coast Guard (USCG) plays a pivotal role in safeguarding America’s waters, ensuring maritime safety, security, and stewardship. As maritime challenges evolve, so must the USCG’s software solutions respond efficiently and effectively. Yet, continuous agency operations and new, emerging mission needs rely on many aging, legacy software applications that are costly and challenging to upgrade.

“We have a litany of applications that are just old, aged, decrepit, brittle—and they have to be modernized,” says Jeffery Allen Stuart, Director, USCG C5ISC.

The Business Problem

While performing its mission, the USCG grappled with an outdated software development model, hampered by prolonged USCG data center setups, virtual machine reliance, and a single-development-environment constraint. This, combined with extended onboarding timelines and an insufficient toolset, severely interfered with modernization initiatives.

The institutional hurdles were technical and organizational in nature; and USCG leadership understood that both required changes for the agency to be more responsive to evolving mission demands.

“One of the major thrusts I have is instituting an agile mindset…how we approach everything, whether it be our own individual work or the greater engineering planning cycles,” explained Mr. Stuart.

The urgent need was a departure from this legacy model to an agile, forward-looking model for rapid adoption of technological advances.

  • Infrastructure Delays: The initial setup for new projects was significantly delayed, requiring new infrastructure setups each time.
  • Limited Development Streams: The one-size-fits-all, manually provisioned development environment became a development chokepoint.
  • Security & Governance: Ensuring the external development met USCG’s, DHS’s, and DoD’s stringent security and governance standards was paramount.

The Solution

Enter Synergy’s Nautilus Software Factory. Beyond just addressing the bottlenecks of the legacy system, Nautilus, aligned with the DoD DevSecOps Reference Design, emerged as the gold standard for enterprise DevSecOps implementations.


Nautilus ushered in a cloud-first strategy, breaking free from the limitations of the USCG data center and virtual machines. This shift facilitated faster initial setups, agile development, and the rollout of multiple development environments in tandem. Our suite ensured swift resource onboarding and the deployment of a secure, modern toolset tailored to contemporary maritime demands.

Tools and Technology
  • IaaS Tools: (Terraform, Helm, YAML) for seamless Nautilus Software Factory rollouts.
  • AWS GovCloud: Meeting IA compliance with a secure infrastructure.
  • Kubernetes: Offering cloud-neutral, simultaneous development environments.
  • Modular DevSecOps Pipeline: Application-specific DevSecOps tooling pipeline (Code Check-in, Code Build, Unit Test, Code Quality & Security Scan, Build Container, Container Security Scan, Container Deployment, Test Automation, Performance Testing) to support multiple programming languages and technologies (.NET Core, JavaScript, Java, Python, etc.).


The USCG’s transformation has been profound. Embracing the “DoD Enterprise DevSecOps Reference Architecture,” combined with Agile methodologies and USCG SELC adherence, they’ve enhanced their software creation, security, and deployment capabilities. Operational efficiency received a significant boost, with the CI/CD pipeline accelerating ATO approvals.

Now, MVPs see the light of day in 100 days or less, and MVCRs within six months.

Key Takeaways

  • Collaborative stakeholder engagement is the bedrock of optimized development processes.
  • When security is integral to development, the outcome is a robust and compliant product.
  • Adaptive infrastructure and versatile development environments are the turbochargers of project delivery.


  • DoD Enterprise DevSecOps Reference Design: CNCF Kubernetes. Version 2.0, March 2021