As federal agencies develop more online services and systems to meet the mission of the U.S. government, their appetite and need to develop and deploy secure software applications rapidly continues to grow. Many agencies are embracing DevSecOps and cloud services as a way to release these applications quickly; however, the need to meet compliance standards (i.e. RMF, STIG, FISMA, HIPAA, etc.) to obtain their Authority to Operate (ATO) can slow down the process, or lead to exhaustive POAMs. To discuss how agencies can take advantage of DevSecOps, while meeting their ATO and security requirements in the same timely fashion, Checkmarx and CloudBees, along with the Institute for Critical Infrastructure Technology and Cybersecurity (ICIT), recently convened a distinguished online panel to discuss how automation and modern tooling can help the ATO process and highlight real world examples of how this is being achieved.