How AI-Powered Compliance Solutions Are Transforming Regulatory Management for Government Agencies

Posted on by
Reply

Government agencies manage between 12,000 and 40,000 regulatory obligations, with approximately 200 to 250 new regulatory alerts issued globally every day across the financial services sector alone. This escalating complexity is driving agencies to rethink their approach to compliance management, moving away from manual, reactive processes toward intelligent, proactive solutions.

The Overwhelming Scale of Modern Regulatory Compliance

Traditional compliance methods cannot keep up with today’s regulatory demands. In the U.S., the Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA) account for over 5,000 of those obligations. In the future, 74% of organizations anticipate even more regulatory activity, highlighting the rise and complexity of compliance requirements.

The challenge extends beyond just volume to the speed at which regulations evolve and their divergence across jurisdictions. Traditional methods—spreadsheets, siloed systems and manual tracking—leave agencies vulnerable to gaps and inconsistencies that can result in significant penalties and reputational damage.

For Government agencies, the stakes are even higher. They must demonstrate complete adherence to regulatory standards while maintaining public trust through transparency and accountability. This creates additional pressure on compliance teams to meet regulatory requirements in a way that can withstand public scrutiny and audits.

The Hidden Costs of Manual Compliance Operations

Manual compliance processes are costly and inefficient. A 10-person compliance team loses approximately $500,000 annually to manual tasks like monitoring, tagging, mapping and documentation—excluding the costs of fines and remediation. That time could instead be spent on strategic analysis and risk prevention.

A high employee turnover rate of 23% further inflates costs, as onboarding new analysts takes months. By the time they are fully trained, they are often ready to move on from routine tasks, creating a cycle of constant training, development and replacement.

Manual processes also introduce risks such as compliance gaps, failed audits and regulatory penalties. Organizations using manual processes experience 3.2 times more violations than those with automation. These inefficiencies contribute to the expectation that compliance costs will rise 6-9% annually through 2030, making automation a financial necessity.

AI as a Force Multiplier for Compliance Teams

Archer, AI-Powered Compliance Solutions Are Transforming Regulatory Management, blog, embedded image, 2025

Artificial intelligence (AI) serves as a force multiplier that can put the expertise of a 15- or 20-year analyst into the hands of an amateur. By delivering institutional knowledge and step-by-step guidance through complex processes, AI significantly reduces onboarding time for new team members.

Its impact is both immediate and measurable. AI-powered horizon scanning reduces the time analysts spend reviewing regulatory updates from hours to minutes, filtering out up to 95% of irrelevant alerts so teams can focus on the 5% that truly matter. Natural language further enhances efficiency by breaking down complex regulatory text into digestible summaries, helping teams quickly understand and act on new requirements.

Most notably, AI automates obligation extraction from dense regulatory text—a process that manually takes 5.3 hours per obligation and has a 14.6% error rate. AI identifies obligation statements, provides rationale and tags content for routing to the appropriate business units. In doing so, AI not only streamlines workflows but also ensures greater quality and accuracy over time through expert-in-the-loop validation.

End-to-End Lifecycle Management for Regulatory Changes

Modern compliance requires a holistic approach, from identifying regulatory updates to operational implementation and audit readiness. The true value comes from operationalizing these insights into frameworks, policies, controls and measurable testing programs. Yet only 38% of organizations successfully map regulatory changes through to updated controls and audit trails.

Lifecycle management starts with comprehensive horizon scanning and extends through policy governance, control alignment and continuous monitoring. When updates—such as tighter insider trading language—triggers changes, AI flags policy conflicts, creates change requests and ties them directly to relevant citations. This creates a clear audit trail, ensuring that modifications are documented, defensible and properly embedded back into the compliance framework.

AI also strengthens control management by flagging gaps between obligations and controls, identifying conflicts with evolving regulations and static policies—such as a privacy policy’s opt-in age that conflicts with new jurisdictional requirements—and recommending changes before violations occur. This creates a responsive system where regulatory changes automatically drive updates across policies, controls and audits.

Proactive Risk Management Through Intelligent Automation

Shifting from reactive to proactive compliance enables smarter risk management. Intelligent automation identifies potential issues before they become violations and informs decisions about expanding products and services or entering new markets. Instead of months-long manual assessments, agencies can use AI to instantly identify control gaps and readiness. This can speed up service expansion or help agencies determine not to proceed.

Automated insights also enhance leadership decision-making. By combining real-time monitoring with impact analysis, agencies can prepare for regulatory changes instead of responding after implementation deadlines. These capabilities yield real results: organizations leveraging AI-driven compliance systems report a 79% reduction in audit cycle times—from 42 days to nine—and 90% fewer evidence requests from business units.

The future of Government compliance lies in embracing intelligent automation that enhances human expertise rather than replacing it. By implementing AI-powered solutions that can manage the velocity and complexity of modern regulatory requirements, agencies can transform their compliance programs from reactive cost centers into proactive strategic assets.

To learn more about how AI-powered compliance solutions can transform your agency’s regulatory management approach, watch the full webinar “Archer Evolv Compliance” and view the solution brief for a deeper dive into the platform’s capabilities.

* All statistics referenced in this blog are sourced directly from the webinar on which this content is based.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Archer, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Meeting the AI Mandates with Confidence: Why Federal Teams Trust Snyk

Posted on by
Reply

Federal agencies are moving fast to unlock the potential of AI—from improving citizen services to driving mission outcomes. But with all that innovation comes a new wave of complexity and risk.  Security, trust, and transparency can’t be afterthoughts. They need to be part of the build process from day one.  That’s where Snyk for Government comes in—now FedRAMP authorized, we’ve taken it even further with the launch of the Snyk AI Trust Platform May 2025. 

AI isn’t magic. It’s built on code, containers, infrastructure templates, and APIs—and increasingly, it’s generating code on its own, generating 40% more vulnerabilities than human developers. Agencies need to track, fix, and manage continuously.  With Snyk, you can shift left and Secure-by-Design:

  • Spot and fix risks early—automatically and at scale
  • Keep developers moving fast while staying compliant
  • Build AI systems that are secure from the ground up

Meet the Snyk AI Trust Platform

Launched in May 2025, the Snyk AI Trust Platform is the first of its kind: an AI-native, agentic security platform designed for how modern teams build today. It gives agencies the tools to move quickly without compromising trust.

This isn’t just DevSecOps—it’s security built for the era of AI-driven, autonomous software development.

How Snyk is supporting new federal AI mandates

Trusted, Transparent AI Development

As agencies embrace AI, expectations around objectivity and transparency are front and center. Snyk helps teams meet those expectations with tools that focus on real technical risks—not subjective filters.

  • Credible vulnerability intelligence: Sourced from standards-based orgs like CVE, CWE, and NIST
  • Customizable policy enforcement: Agencies stay in full control with Snyk Guard’s real-time, no-bias policy engine
  • Integrated into your pipeline: From GitHub to Terraform to container registries—Snyk fits your workflow, not the other way around

 Scaling Secure AI Infrastructure

New funding and fast-tracked initiatives mean federal developers need security tools that keep up.

  • FedRAMP authorized: Snyk is cleared for use across federal cloud environments
  • Automation where it counts: Agentic tools like Snyk Assist and Snyk Agent surface issues and fix them before they ship

 Building Export-Ready, Trusted AI Systems

As global collaboration increases, secure supply chains are more important than ever. Snyk helps you ship software that’s secure, auditable, and globally trusted.

  • Standards-aligned: Support for SBOMs, AIBOMS, international compliance, and NIST-aligned policies
  • Agentic AI security: Governance that scales to GenAI assistants and LLMs—wherever and however they run
  • Broad ecosystem support: Integrates with the open tools your dev teams already use

Whether you’re modernizing legacy systems, launching new GenAI services, or strengthening cross-agency pipelines, Snyk helps federal teams move fast, stay secure, and build trust into every line of code.

📩 Ready for a tailored AI readiness assessment?
 Let’s talk: federal@snyk.io

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Snyk, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Effective Government CX Strategy: Aligning Technology, Culture and Purpose for Mission Success 

Posted on by
Reply

Citizens expect fast, seamless, personalized service. Customer experience (CX) is at the heart of every agency, impacting satisfaction, engagement and trust in Public Sector institutions. At the opening keynote during the 2025 CX and Engagement Summit, thought leaders from the General Services Administration (GSA), the Veteran’s Experience Office (VEO), GovExec, Adobe and The White House discussed centering CX initiatives to meet mission objectives, decrease costs and improve operational efficiency. 

Carahsoft and its partners, such as  Calabrio, Figma, Granicus, Help Scout, Liferay and NetDocuments, are equipped to connect agencies with the latest technology for CX solutions. 

The Strategy Behind Effective CX 

CX-centered solutions improve operations and reinforce trust in Public services. Brian Chidester, the Head of Global Strategy and Innovation at Adobe, emphasized that customers expect the same standards from Government service that they do of leading private companies. Poor CX can result in dissatisfaction, reduced engagement and erosion of trust in Public institutions. 

But CX is not merely about satisfaction. A customer’s experience correlates to operational efficiency, cost savings and service effectiveness. When well-designed, centering CX enables agencies to reduce duplication, minimize support needs and improve system interoperability. 

Constance Sayers, the President of GovExec, discussed the importance of engaging with customers in the face of decreasing trust in Government systems. By centering CX, Public agencies can prove their reliability and effectiveness. 

There are a few main ways to center CX strategies. Public institutions can: 

  1. Empower Public agencies and services 
  1. Leverage modern tools to deliver efficient, user-centric experiences 
  1. Employ both skilled personnel and relevant technology to provide faster, inclusive and reliable service 

CX must be grounded in outcomes. By starting with a measurable goal, agencies can determine how well strategies and technology meet user needs. Technology such as advanced analytics, artificial intelligence (AI) and cloud computing all enable real-time decision-making and proactive service delivery. Operational goals, such as reducing call volume or wait time, can be directly addressed through CX.  

Achieving Mission Objectives Through CX-Centered Planning 

Maria Roat, the Former US Deputy Federal Chief Information Officer for the Executive Office of the President, emphasized that CX must be a mindset across all teams and departments. To improve mission-related outcomes, proficient staff with specialized skills and experience are essential to seeing continuous improvement. Teams should begin with a clear, defined concept of their mission objectives and desired end-state. Policy constraints and operational hurdles should be taken into account when designing a strategic process to accomplish objectives. Roat advises team leaders  to conceptualize their goals into a single sentence to maintain focus on the mission. By questioning existing procedures, teams can overcome outdated policies and misaligned priorities that create roadblocks to progress. By overcoming barriers and prioritizing preparation and realistic planning, agencies can ensure continued, long-term success for CX initiatives and beyond.  

Sonny Hashimi, the Former Commissioner of Federal Acquisition Service in the GSA, echoes this point, attesting that effective CX begins with understanding the “why;” which issue is being addressed, and who the audience is. Processes cannot be effectively updated without measuring the progress. By defining clear goals and tracking their progress, teams can improve CX by fulfilling grounded outcomes that are measured by how well they meet user needs. By embedding CX into core operations to ensure services are designed around user needs and not internal processes, agencies can offer seamless service. 

People-First CX Initiatives 

At the closing keynote “The Future of Government Customer Experience,” Barbara C. Morton, the Deputy Chief Veterans Experience Officer at the VEO of the Department of Veterans Affairs, discussed how active listening and CX are intrinsically tied. Listening to veterans, survivors and their families empowered the VEO with actionable items to improve their CX. The VA CX Office was established on that very principle, using data and insights to embed CX into everyday programs, services and trainings. In action, this looks like offering services that customers can directly interact with, ensuring users do not “fall between the seams.” CX teams utilize feedback to identify service gaps and implement cross-functional action plans. Technology can be used to amplify human-centered service by improving speed and accuracy. AI, for example, has enabled the VA to scale its services to maximize efficiency. Human-centered design ensures that service design and delivery begin with the lived experiences of customers. Morton attests that in a democracy, to serve is to listen; CX is foundational to Government legitimacy. By tuning in to customer stories, the VEO and other agencies maintain focus on people, not just processes.    

By prioritizing customer experience, agencies can ensure their work reflects both their internal values and the communities they serve. 

To learn more about the topics discussed at the 2025 CX & Engagement Summit, view the session recordings, on-demand. To learn more about the technologies that can help meet your agency’s mission statement, take our Carahsoft’s CX Buyer’s Guide Quiz, or visit our CX and engagement solutions portfolio.  

How AI-Powered Contract Writing is Transforming Federal Acquisition Operations

Posted on by
Reply

Federal agencies are facing growing pressure to deliver acquisition solutions faster, more efficiently and with deeper commercial market engagement; however, traditional manual contract processes are proving insufficient for meeting mission-critical timelines. The union of artificial intelligence (AI) and enterprise resource planning systems now offers a transformative solution that automates contract creation, ensures compliance and maintains the real-time visibility essential for modern Federal operations.

AI-Driven Contract Automation and Efficiency

Integrating AI into contract writing shifts Federal contracting professionals’ focus from administrative burden to strategic work. Modern AI-powered platforms automatically select and populate appropriate Federal Acquisition Regulation (FAR) and Defense Federal Acquisition Regulation Supplement (DFARS) clauses based on acquisition parameters such as contract type, commodity classification and procurement method. This automation eliminates time-consuming manual clause selection and reduces the risk of human error in compliance requirements.

Beyond simple clause insertion, the technology supports form generation and contract assembly. When contracting officers define basic parameters—whether procuring supplies or services, acquisition type and contract structure—the AI system cascades these selections to generate comprehensive solicitation packages. What once required weeks of manual preparation becomes a streamlined process completed in hours. The system maintains full version control and audit trails to document every modification and decision point for future reference and compliance reviews.

This automation enables teams to prioritize higher-value strategic tasks such as developing innovative procurement strategies, refining requirements and engaging with industry to identify cutting-edge solutions that advance mission objectives.

Seamless ERP Integration and Data Flow

Modern contract management lies in seamless integration across the procurement ecosystem. Enterprise resource planning (ERP) integration eliminates data silos, creating a unified environment where contract information flows automatically between sourcing, execution and financial systems. Vendor master data, pricing information and contract line-item details populate without requiring duplicate data entry across platforms, establishing a single version of truth for contract data.

When sourcing events transition into contract execution, all relevant information transfers seamlessly, maintaining continuity throughout the lifecycle. Execution activities automatically update contract status and performance metrics, providing real-time visibility into utilization, budget consumption and milestones.

This integrated environment proves valuable for complex Federal acquisitions involving multiple stakeholders and extended timelines. Project command centers automatically populate with relevant documents, team members and milestone tracking based on acquisition type and requirements. Comprehensive audit trails and proactive management of contract modifications, amendments and closeout procedures support effective oversight and decision-making across large contract portfolios.

Federal Compliance and Risk Mitigation

Icertis, AI Powered Contract Writing, blog, embedded image, 2025

Compliance with Federal acquisition regulations has grown increasingly complex as oversight requirements intensify and regulatory frameworks evolve. AI-powered contract systems address these challenges through automated compliance checking that ensures appropriate clauses, terms and conditions are consistently applied across all contract types. Clause libraries remain current by syncing with acquisition.gov, incorporating regulatory updates and agency-specific supplements automatically.

The system recognizes compliance requirements based on contract characteristics and dollar thresholds. For example, small business set-asides trigger inclusion of socioeconomic clauses and certification requirements, while construction contracts incorporate relevant safety and environmental provisions. This automation reduces the risk of protests and disputes while ensuring consistent compliance across an agency’s entire contract portfolio.

Risk mitigation capabilities include proactive monitoring and automated alerts for critical milestones. The system identifies potential supply chain vulnerabilities, flag contracts approaching funding limits and recommends amendments or modifications before performance is impacted. This approach helps agencies address issues early to maintain operational continuity and comply with Federal oversight.

Mission Readiness and Supply Chain Resilience

Modern Federal operations demand the ability to respond rapidly to evolving mission requirements and supply chain disruptions. AI-powered contract intelligence equips acquisition professionals with dashboards offering both macro and micro perspectives on contract portfolios. This visibility enables rapid identification of alternative sources when primary suppliers face disruptions or surge contracting requirements emerge.

During crisis response, contracting officers can quickly assess contracts offering similar solutions or services, explore modification options and evaluate supply chain pivots. The system also highlights relevant clauses affected by changing requirements and what alternative sourcing strategies are available within existing vehicles. Instead of relying on institutional knowledge or manual searches, acquisition professionals can access real-time analytics on contract performance, vendor capabilities and available vehicles. This capability is essential when scaling operations or pivoting to address emerging threats while maintaining compliance.

End-to-End Contract Lifecycle Management

Comprehensive contract lifecycle management spans every phase, from requisition through closeout, maintaining continuity and institutional knowledge. Modern platforms support the full Federal contract framework, including all sections of the Uniform Contract Format (UCF) and management of complex parent-child relationships between base contracts and amendments. This ensures modifications maintain proper documentation and approval workflows while preserving historical context essential for audit and oversight.

Amendment processing is a particular strength: Standard Form (SF)-30 modifications can be generated automatically while retaining all original contract information and maintaining version control. Contracting officers can modify delivery schedules, quantities or performance requirements as needed—essential for managing long-term contracts that evolve over time.

AI capabilities also extend to contract analysis and summarization, enabling rapid comprehension of complex documents. Contracting officers can query contracts in natural language to locate specific clauses, assess risk or understand approval workflows. This proves valuable during reviews, protest responses or when new team members need to quickly understand contract structures and requirements.

Federal acquisition operations continue evolving as agencies balance increasing mission demands with the need for transparency, efficiency and compliance. AI-powered contract writing offers a transformative opportunity to modernize acquisition processes while maintaining the rigor and oversight Federal operations require. The convergence of AI, enterprise integration and comprehensive lifecycle management equips acquisition professionals with the tools to meet today’s challenges and prepare for future success.

Discover how AI-powered contract writing can transform your agency’s acquisition operations by watching the full webinar, “Advancing Mission Readiness with AI-Powered Contract Writing.”

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Icertis, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

The End of Manual Inspections? How AI and Dashcam Imagery Are Redefining Roadway Management

Posted on by
Reply

Years ago, as I waited at a traffic light, I wondered why infrastructure maintenance still leaned so heavily on manual inspections and reporting. That question sparked an idea: What if roads could tell us when something was wrong?

Today, that vision has become a reality. Dashcam imagery—passively captured from vehicles already on the road—is now powering automated AI models that detect issues like fading lane paint, damaged signs, and debris. Looking ahead, the integration of expansive imagery sources, such as Google Street View, promises to further enhance this capability, offering broader and more detailed coverage. It’s a shift from scheduled inspections to constant awareness, from sending crews out to bringing insight in.

Automation with Real Impact

Traditional inspections are resource intensive. They usually involve deploying extra staff and specialized equipment, and scheduling work during off-hours to avoid disrupting traffic. AI-driven visual intelligence of dashcam footage can reduce the number of manual surveys required by more than 90%, saving considerable time and money.

Take Fort Worth. Dashcam imagery gave the city a fresh look at lane striping and sign visibility, but from the driver’s perspective, not an aerial map. It’s how people experience the road daily, and it’s the same view automated vehicles rely on to safely navigate.

Instead of waiting months for a full inspection cycle, cities can spot and act on issues within days. Enabling faster response and more strategic use of limited resources.

Smarter Operations. Less Fieldwork.

While field checks are still common for most agencies, the model is shifting. With dashcam footage collected by vehicles already in motion and analyzed automatically, teams can now monitor more of the network without constantly dispatching field crews.

In Alaska, for example, dashcam data is used to monitor remote routes that are difficult and sometimes dangerous for crews to inspect in person. This kind of visibility can be a game changer for regions with tough geography or tight budgets.

Instead of following a fixed schedule or responding to complaints, agencies can now rely on AI-driven alerts to flag when conditions change. It’s a shift from routine patrols to focused action, and it means fewer trips to the field, less fuel, and better outcomes with the same (or smaller) team.

Compliance without the Complexity

Staying compliant with FHWA, MUTCD, and other federal standards typically requires a lot of paperwork. However, with AI-based monitoring, those checks can happen automatically in the background. Retroreflectivity, sign placement, and line clarity are continuously reviewed and documented.

Each data point is visual, time-stamped, and ready for audits, grant applications, or internal reviews. Even better, it’s easy to share. Operations, maintenance, and planning teams can stay aligned without sifting through emails or outdated spreadsheets.

A New Model for Infrastructure

The future of road operations isn’t about more inspections. It’s about smarter ones. Or, in many cases, none at all. When roads can essentially report their condition using dashcam footage and AI, agencies don’t have to guess or wait. They already know what’s happening.

And this is only the beginning. As capabilities such as historical imagery access and visual change detection over time emerge with Google Street View and become integrated, transportation teams will gain even deeper insight into how their infrastructure evolves. These images will empower agencies to identify long-term patterns, track degradation over time, and intervene before minor issues escalate into costly repairs.

For public teams expected to cover more ground with fewer resources, this isn’t just about saving time. It’s about working in a more intelligent, sustainable way, built for the demands of today’s infrastructure and ready for tomorrow’s.

Ready to stop checking and start knowing?

F5 AI Assistant Expands with iRules Code Generation for BIG-IP Programmability

Posted on by
Reply

Over the last several months, F5 has rolled out purpose-built AI assistants for F5 Distributed Cloud Services and F5 NGINX One. In February at AppWorld 2025 in Las Vegas, we also offered a preview of F5-powered AI assistant functionality specifically designed for F5 BIG-IP customers, centered on iRules code generation. Today, we’re thrilled to share two exciting milestones: we’re bringing together our AI assistants across the F5 Application Delivery and Security Platform, and availability of iRules code generation.

Managing application delivery and security often feels like solving a puzzle with missing pieces. From writing configurations to searching for answers in scattered documentation, these tasks consume time and energy while leaving teams vulnerable to errors and delays. Repetitive processes like debugging and policy tuning sap creativity, and even the most skilled teams inevitably encounter gaps in expertise that slow progress. These challenges are common, but they don’t have to define your workflows. With purpose-built AI-powered intelligence, teams can simplify these complexities with insights and automation designed to supercharge application delivery and security deployments.

Unification across the platform

To deliver exceptional customer experiences across the F5 Application Delivery and Security Platform, we are bringing our AI assistants into a single F5 AI Assistant. With a consistent user experience, SecOps and NetOps teams can better understand their security posture and exploit the wealth of information at their disposal across the entire platform, reducing the operational complexities of their hybrid multicloud environments.

F5 AI Assistant leverages the F5 AI Data Fabric to deliver intelligence powered by proprietary, purpose-built AI models. Unlike general AI tools, the AI Assistant provides domain-specific expertise, offering precise guidance and actionable insights. From generating iRules to optimizing configurations and improving security postures, it drives enterprise-grade accuracy and contextual relevance while reducing complexity. As part of the F5 Application Delivery and Security Platform, the AI Assistant empowers faster decision-making and measurable outcomes for teams managing modern application and security challenges.

F5 AI Assistant provides a single natural language interface across all three product families of BIG-IP, NGINX One, and Distributed Cloud Services within the F5 Application Delivery and Security Platform.

iRules code generation is now available

F5 iRules are the backbone of customization within the BIG-IP ecosystem, empowering teams to tailor their application delivery and security environments to meet unique needs with unmatched precision and flexibility. Over 85% of BIG-IP customers rely on iRules, which power 70% of all BIG-IP instances globally. These dynamic scripts enable deep interaction with traffic, modifying behavior, optimizing routing, and solving challenges beyond standard configurations. However, iRules can be complex, time-intensive, and, in many cases, persist long after their authors have moved on from the company for which they were written. This level of control requires a tool that can match their importance, a tool designed to enhance their creation, use, and management for today’s scaling enterprises.

We’re excited to announce the availability of iRules code generation within the AI Assistant for our BIG-IP customers. This groundbreaking functionality leverages advanced automation with natural language processing, reshaping how teams build and manage iRules. With models trained using F5’s own expertise, including from our engineering and professional services teams, the AI Assistant simplifies the most complex aspects of iRules management by improving accuracy, reducing effort, and enabling faster security and application decisions. From streamlining workflows to eliminating manual processes, it empowers teams to achieve goals with efficiency, scalability, and innovation.

Explore F5 AI Assistant in action supporting the explanation, generation, and optimization of F5 iRules.

Functionality is categorized into three areas—explain, generate, and optimize:

  • Explain: Gain a deeper understanding of iRules with clear, natural language explanations that break down components, logic, and functionality. This capability bridges knowledge gaps, making iRules accessible to users of all expertise levels while providing actionable insights for better decision-making.
  • Generate: Instantly create secure, validated iRules by describing your needs in natural language. The AI Assistant translates your input into tailored scripts, saving valuable time, reducing errors, and accelerating deployments.
  • Optimize: Debug, troubleshoot, and fine-tune iRules with precision and efficiency. The AI Assistant streamlines complex processes, eliminates manual guesswork, and ensures enhanced performance, reliability, and scalability for your BIG-IP environments.
F5 AI Assistant explains, generates, and optimizes iRules, eliminating the manual guesswork.

The introduction of iRules code generation reinforces AI Assistant as your trusted partner for simplifying, innovating, and scaling BIG-IP environments. By eliminating guesswork, it ensures that teams can address vulnerabilities, maintain consistency, and manage traffic configurations swiftly and effectively.

Begin using F5 AI Assistant

To explore F5 AI Assistant for your organization, refer to our press release and the solution overview detailing iRules code generation and the strategic time-saving value the AI Assistant provides.

Also, be sure to catch all the latest F5 AI news on our Accelerate AI webpage.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including F5 we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

This post originally appeared on F5.com, and is re-published with permission.

Breaking Down Barriers: How SAS and Carahsoft Are Making Trustworthy AI More Accessible to Government Agencies

Posted on by
Reply

Government agencies face a unique challenge when it comes to adopting new technologies: they need cutting-edge capabilities, but they also need absolute certainty that those tools meet the highest security and compliance standards. For AI and analytics, this balance has historically been difficult to achieve—until now.

A Major Milestone for Government AI Access

Data and AI leader SAS has achieved FedRAMP® and GovRAMP (formerly StateRAMP®) authorization for SAS® AI and Analytics for Government. Alongside its partner Carahsoft, SAS empowers Government agencies to improve efficiency, reduce risk and enhance data security with SAS® Viya®, its cloud-native data and AI platform.

Enhanced Access to Dependable AI in the Cloud

FedRAMP is a Government-wide program that establishes a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services to ensure the protection of Federal information. GovRAMP, a nationally recognized risk authorization management program, provides a standardized approach to assessing cloud products. With these authorizations, even more Government agencies can use SAS Viya in the cloud operationalize predictive analytics and AI regardless of whether code is developed in SAS or open source. SAS has served as a trusted Government technology provider for nearly five decades and is used in all 15 executive departments of the US Federal Government and all 50 states.

Trust and Transparency at the Core

SAS Viya incorporates trustworthy AI capabilities such as bias detection, explainability, decision auditability and model monitoring, governance and accountability, boosting confidence in Government agencies’ responsible AI initiatives.

This accomplishment demonstrates SAS’ steadfast commitment to providing a secure and reliable solution that Government agencies can rely on to safeguard their data and operations.

“SAS understands that security is table stakes for being a government partner. Security and trust always come first, followed closely by value, innovation and the ability to solve the most pressing problems. That’s what SAS has helped governments with for nearly 50 years” said Ben Stuart, Vice President, US Public Sector at SAS. “These certifications are further evidence of this commitment, and we’re looking forward to bringing SAS Viya to even more Government customers to help them reach their goals and make an impact.”

SAS and Carahsoft’s Partnership Delivers Advanced Software to Government Agencies

The strategic agreement between the two technology leaders designates Carahsoft as a SAS Public Sector distributor, making SAS’ data and AI solutions accessible to US Government agencies through Carahsoft’s reseller partners and various contract vehicles and Government schedules. Through this partnership, Government customers can efficiently acquire SAS products and solutions, including cutting-edge, AI-optimized analytics tools for proactive response to evolving Public Sector challenges. 

With a legacy in Government dating back to the company’s founding in 1976, SAS software is used in more than 1,600 Public Sector departments, ministries and agencies in more than 130 countries worldwide. Recognized as a leading software distributor in the market, Carahsoft provides expanded scale and reach to SAS’s products and solutions, including SAS Viya, across the Public Sector.

Looking Ahead: Empowering Data-Driven Government

SAS, in partnership with Carahsoft, is dedicated to empowering Government agencies with data and AI solutions. SAS and Carahsoft help Government agencies to make informed decisions, optimize operations and enhance public services. SAS and Carahsoft are committed to driving positive change and delivering measurable results for the Public Sector.

Ready to explore how SAS can support your agency’s data and AI initiatives? Learn more about SAS public sector analytics, including FedRAMP and GovRAMP certifications.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including SAS we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Transforming Public Sector Fleet Safety: How AI-Powered Solutions Drive Results and Build Employee Trust

Posted on by
Reply

Despite advancements in vehicle safety technology, fatal vehicle crashes continue to rise. Notably, 87% of commercial vehicle crashes are caused by avoidable risky driving or driver error. For Public Sector fleet managers—whether overseeing school buses, emergency response vehicles or other municipal fleets—these trends jeopardize public safety, strain budgets and put essential services at risk.

Recent research shows the Public Sector is leading the way in addressing these challenges. While 32% of organizations globally have adopted artificial intelligence (AI), 58% of Public Sector organizations in the U.S. have done so, and 95% plan to increase their AI investments in the coming year.

The Critical Need for AI-Powered Fleet Safety Solutions

The Public Sector’s strong AI adoption reflects its commitment to smarter, more reliable service delivery. Solutions like Samsara’s Connected Operations Platform are transforming fleet management by integrating data from vehicles, assets and operations to enhance safety, efficiency and sustainability. Rather than solely relying on reactive measures, AI-powered tools enable drivers to self-correct in real time and give fleet managers predictive insights to prevent incidents before they occur.

AI is increasingly being applied across several key areas that directly impact public safety. Early implementations focus on driver behavior detection, predictive maintenance and fleet health monitoring to reduce downtime and ensure vehicle readiness. In parallel, AI-powered tools support route optimization and dispatch efforts, helping agencies respond faster and operate more efficiently. This shift from basic automation to proactive operations management marks a significant evolution in fleet safety.

Addressing Road Safety Challenges and Rising Costs

Public Sector fleets are facing growing road safety challenges that carry significant financial consequences. With crashes costing an estimated $340 billion annually, and insurance premiums rising 40% over the past decade, the impact on taxpayer-funded operations is substantial. The U.S. Chamber of Commerce Institute for Legal Reform reports that litigation costs have grown over 7% annually from 2016 to 2022, adding financial pressure on State and Local Government budgets. Every crash related cost diverts funding away from essential services like education, infrastructure and public health.

Samsara, Fleet Safety, blog, embedded image, 2025

Traditional safety measures alone are no longer sufficient. Distractions from mobile devices have surged—those who text and drive are 23 times more likely to crash. Speeding contributed to 29% of crash fatalities in 2022, and even a one- to two-hour sleep deficit can double crash risk. These preventable behaviors create challenges for Public Sector drivers who often work long shifts to meet community needs.

Technology like Samsara’s Connected Operations Platform offer a proactive solution to today’s fleet challenges. By providing real-time fleet visibility, driver coaching and predictive analytics, agencies can identify risky behaviors before they lead to incidents. Fleets that implement safety solutions often see a return on investment (ROI) within the first year through reduced collision costs, lower insurance premiums, decreased vehicle downtime and improved operational efficiency. For example:

Safety Technology Proves Effective and Resonates with Drivers

Driver buy-in is key for successful safety technology implementation. Research shows that 70% of drivers feel dash cams make driving safer, and 93% report becoming more aware of distracted driving after reviewing footage. Most notably, 90% of drivers prefer to stay with organizations that actively support safe driving habits.

When paired with real-time coaching, dash cams can reduce safety-related events by 52%. Samsara’s Connected Operations Platform enables drivers to self-correct through in-cab feedback. For example, Gwinnett County Public Schools reduced incident investigation times by 50% and harsh braking events by 60% in just three months, saving 400 administrative hours weekly and improving safety for 180,000 students with Samsara.

Strategies for Gaining Union Buy-In for Safety Technology

In unionized environments, successful technology implementation requires collaboration and transparency. The first step is establishing shared safety goals with input from fleet managers, drivers, union representatives, risk managers and administrators. Research shows that 100% of Public Sector leaders using or planning to use AI report positive employee perceptions when communication is clear and involvement is meaningful.

Unions often express concerns that dash cams could be used punitively. To address this, organizations should involve union representatives in shaping policies around data access, privacy safeguards and usage protocols. This collaboration builds trust and ensures policies reflect both operational needs and union priorities.

Transparency is critical: organizations must clearly document data access, usage guidelines and privacy protections, providing view-only administrative access to key union representatives and sharing audit logs of system changes maintains accountability and reassures unions that the technology is used fairly and appropriately.

Real-world exoneration stories highlight technology’s protective value. For instance, the City of Boynton Beach, used dashcam footage to exonerate a driver initially cited for rear-ending another vehicle; the evidence revealed the other driver was at fault, resulting in dismissal of the citation, legal claims being dropped and preventing unwarranted disciplinary action. Such cases show that safety technology protects drivers from false accusations and costly legal proceedings.

Public Sector organizations are uniquely positioned to leverage AI-powered fleet safety solutions that transform operations, build employee trust and deliver measurable ROI. With proven safety technology and collaborative implementation, agencies can achieve meaningful improvements in safety, cost control and operational efficiency—all while prioritizing transparency, employee engagement and shared safety goals.

Learn more about workforce technology trends transforming the Public Sector by exploring Samsara’s comprehensive research report.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Samsara, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

How Public Sector Agencies Can Operationalize CISA’s SIEM and SOAR Guidance

Posted on by
Reply

In May 2025, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Australian Cyber Security Centre (ACSC), released new executive guidance to help Public Sector leaders effectively leverage Security Information and Event Management (SIEM) and Security Orchestration, Automation and Response (SOAR) platforms. This guidance aims to strengthen agencies’ cybersecurity by enhancing threat detection, response times and operational efficiencies.

Key Challenges in SIEM and SOAR Implementation

SIEM platforms aggregate and analyze telemetry data from multiple sources, including: endpoints, applications, network devices and cloud environments.

SOAR platforms complement SIEM by automating security workflows, significantly speeding up incident response and reducing alert fatigue. When effectively integrated, these tools enable agencies to centralize security monitoring, automate routine response tasks and improve compliance with cybersecurity mandates.

For all organizations, especially Public Sector organizations, SIEM and SOAR are not just technical tools; they are foundational to building a proactive and time-sensitive cybersecurity posture. These platforms can help agencies increase operational efficiency, reduce alert fatigue and drive compliance with Federal and State cybersecurity mandates.

CISA guidance highlights several common challenges that agencies often encounter when implementing SIEM and SOAR platforms. These include the difficulty of normalizing diverse log data across multiple systems, minimizing false positives that overwhelm analysts and managing the high costs associated with implementation. Agencies also struggle to ensure effective executive oversight of security operations and face ongoing challenges in attracting and retaining qualified cybersecurity talent.

Addressing Challenges with Torq Hyperautomation

Torq Hyperautomation™ directly addresses the implementation challenges faced by Public Sector cybersecurity teams by delivering strategic advantages that legacy SOAR platforms cannot. Unlike traditional solutions, Torq integrates seamlessly with existing SIEM tools to normalize and enrich log data, reduce alert noise and improve the clarity of actionable insights. It leverages AI-driven decision-making to automate dynamic incident response workflows, allowing security teams to respond faster and more precisely.

By combining AI-powered decision logic with adaptive response runbooks, Torq enables organizations to overcome the limitations of legacy SOAR, dramatically improving Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR). This empowers analysts to focus on critical, high-impact threats rather than getting bogged down by repetitive, routine tasks.

Cost-Effective Automation for Resource-Constrained Agencies

Public Sector agencies struggle with resource constraints, and Torq also delivers cost-effective automation. Instead of requiring deep engineering expertise or lengthy integration cycles, Torq offers:

  • Intuitive, no-code and low-code automation capabilities
  • Seamless integrations with existing Federal, State and Local cybersecurity toolsets (endpoint, identity, cloud, firewall)
  • Rapid implementation timelines, ensuring immediate value and reduced costs

Enhanced Executive Visibility and Compliance

From an executive perspective, Torq addresses a crucial component of the CISA guidance: visibility and oversight. Executive dashboards within the platform provide real-time insights into SOC effectiveness, incident trends and automation impact. This visibility enables better budgeting decisions, more effective KPIs and compliance reporting aligned with key security and compliance frameworks.

Real-World Impact

Torq is already delivering substantial results within Public Sector environments.  Torq has enabled SOC teams to automate ransomware response, consolidate multi-environment telemetry and auto-generate compliance artifacts. Whether an agency is modernizing its cybersecurity stack, preparing for audits or trying to do more with fewer analysts, Torq is built to support their journey.

Agencies leveraging Torq have achieved the following:

  • Up to 90% reduction in investigation time
  • 3-5x increase in alert handling capacity with no added headcount
  • 95% of Tier-1 security cases auto-remediated

Taking the Next Step

CISA’s SIEM and SOAR guidance represents a critical shift from reactive cybersecurity practices toward proactive, integrated and automated security operations. As a trusted partner of Carahsoft, Torq is uniquely positioned to help Public Sector agencies rapidly operationalize this guidance. Torq’s scalable, secure and measurable automation platform ensures agencies not only comply with evolving standards but also stay ahead of modern threats.

To learn how Torq can empower your agency’s cybersecurity strategy, request a demo or explore a tailored pilot use case today.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Torq we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Federation Needs a Backbone

Posted on by
Reply

Identity Security has become the engine behind seamless access. It connects users from different domains, agencies or organizations and lets them move between systems with a single set of credentials. That’s powerful—but it’s also risky when left ungoverned.

Let’s get one thing straight: federation is about access. It answers the question, “Can this person log in?” But it stops short of answering what really matters: “Should they still have access?” “To what?” “For how long?” That’s where governance steps in—and why it must be the foundation under every federated architecture.

The Upside of Federation

Federation simplifies identity. It creates a trust bridge between Identity Providers (IdPs) and Service Providers (SPs). Users authenticate once—via their home IdP like Azure AD or Okta—and access multiple applications without managing new credentials for each.

Benefits include:

  • Single Sign-On (SSO) across domains
  • Centralized control of user authentication
  • Protocol interoperability via standards like SAML, OIDC and WS-Fed

And federation hubs—broker trust between many IdPs and SPs—make it scalable. Instead of dozens of custom integrations, each system plugs into the hub. Clean, efficient and fast. But fast access can become fast failure if you don’t govern it!

Access Governance: The Difference Between Access and Control

Federation gets someone in the door. Governance makes sure they belong there—and ensures they leave when they’re supposed to.

Identity Governance manages the full identity lifecycle: onboarding, role changes, access reviews and deprovisioning. It enforces least privilege, flags risky combinations of access (SoD conflicts) and supports audits and compliance frameworks like NIST, SOX or RMF.

Federation can tell you who authenticated. Governance can tell you:

  • Whether that person should have access
  • What access they have across systems
  • Whether that access aligns with policy
  • How that access changes over time

Together, federation and governance form a complete identity security model. Separately, one is fast—and one is safe.

What Happens Without Governance?

An ungoverned federation hub is a highway with no speed limits, no offramps and no cameras. You’re enabling access at scale without oversight.

Here are the risks:

  • Overprovisioned access – Federation alone doesn’t enforce least privilege.
  • Access creep – Users retain access after job changes or departures.
  • Orphaned accounts – No lifecycle hooks to clean up stale identities.
  • Lack of visibility – No way to see what users can do after logging in.
  • No audit trail – Makes compliance reporting a nightmare.
  • Increased insider threat – Privileged access can persist unchecked.
  • Policy misalignment – SAML or OIDC assertions may carry outdated or unverified attributes.

These risks aren’t theoretical. In Federal and defense sectors, unmanaged federation could mean exposing sensitive systems to users who are no longer cleared, or who’ve quietly shifted roles without access being reviewed.

Governance in Action: SailPoint’s Role

SailPoint is not a federation provider. It’s a governance platform that sits on top of your federation layer, giving you full control over identity lifecycles, policies and risk.

SailPoint integrates with both upstream IdPs and downstream apps accessed via the federation hub. It handles:

  • Identity aggregation and normalization
  • Automated provisioning/deprovisioning
  • Policy enforcement (least privilege, SoD, etc.)
  • Access reviews and certifications
  • Risk scoring and contextual enforcement
  • Audit trails and compliance reporting

This governance layer makes sure your federated access is secure, justified and auditable. It aligns your identity strategy with Zero Trust principles—not just who gets in, but why, how and for how long.

Why Governance Must Come First

It’s tempting to view governance as a bolt-on. Something to “get to later” once federation is up and running. That’s dangerous thinking.

Governance is not optional. It’s the foundation.

Without it, every benefit of federation can turn into a vulnerability. That seamless access? Now it’s frictionless exposure. That fast onboarding? Now it’s risky overreach. And every shortcut you take early on becomes technical debt—if not a breach—down the road.

Real-World Example: Federation in Federal Environments

Take the U.S. Department of Defense. Their Enterprise Federation Hub allows identity brokering across agencies, contractors and civilian orgs. It’s fast and powerful—but governance is what makes it secure.

SailPoint is used alongside this hub to:

  • Enforce ABAC using enriched attributes
  • Automate provisioning to systems like ServiceNow and SAP
  • Conduct quarterly access certifications
  • Supply audit logs for compliance frameworks like FIAR and RMF

Without this layer, the Federation Hub would be a sprawling access point with no brakes, no logs and no cleanup.

Bottom Line

Federation gives you the scale. Governance gives you the safety.

One gets people in. The other makes sure they belong.

If you’re building a federated identity ecosystem—whether in the enterprise or in a multi-agency Government context—start with governance. Don’t wait for audit findings or security incidents to add it later. By then, it’s already too late.

Federation needs a backbone. Governance is it.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including SailPoint we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.