The Hidden Threat: Why Ignoring Non-Human and Third-Party Identities is a Risk You Cannot Afford

Posted on by Frank Briguglio

I had the opportunity to present and discuss the threat of Non-Human and Third-party Identities at AFCEA TechNet Cyber with the Department of Defense (DoD) community. It is obvious that the maturity of Identity, Credential and Access Management (ICAM) and all identities is top of mind. The Industry, the National Institute of Standards and Technology (NIST), Department of Homeland Security – Cybersecurity and Infrastructure Security Agency (DHS CISA) and the DoD are all starting to focus on the problem, as it is recognized that identity is no longer just an IT problem—it is the front line of defense. We have been deep in digital transformation and the adoption of Zero Trust frameworks and have discovered an inconvenient truth: most organizations are flying blind when it comes to managing the very identities that power their operations—non-human and third-party users.

And that is a problem.

The New Cyber Perimeter: Identity

The old perimeter—firewalls and virtual private networks (VPNs)—is dead. What stands between you and the next breach is your ability to govern who or what has access to your systems. Yet many agencies remain fixated on credentials and authentication, while ignoring vast swaths of non-human actors (bots, robotic process automations (RPAs), service accounts) and external partners (vendors, contractors, mission partners).

This is not just a gap. It is a canyon.

According to Deloitte, 63% of organizations lack visibility into third-party access. Even more troubling, most have no way to list or audit all machine identities operating in the background. These invisible accounts often have persistent, high-level access and no formal governance, making them prime targets for threat actors.

Real-World Breaches, Real-World Consequences

Look no further than the SolarWinds and Okta breaches. In both cases, attackers exploited unmanaged service accounts or contractor credentials to move laterally and escalate privileges. These were not arcane zero-days—they were lapses in identity governance. And they cost credibility, customer trust and in some cases, national security.

The lesson? You cannot protect what you cannot see. And you definitely cannot secure what you do not control.

Why Automation and Governance Are Non-Negotiable

In a Zero Trust architecture, access is no longer assumed—it is continuously verified. But that verification breaks down when service accounts are created ad hoc, with no expiration dates, no ownership and no audit trail. The same goes for third-party users who are onboarded through spreadsheets or informal emails, then forgotten once their project ends—yet their access lives on.

This is how breaches happen.

Governance gaps like these leave organizations exposed to avoidable risks: policy drift, compliance violations, excessive access rights and a lack of accountability. Without automation and lifecycle management, identities multiply faster than security teams can manage them—leading to sprawl, privilege creep and ultimately attack surface expansion.

The Case for Identity-Centric Security

Modern enterprises need identity security platforms that extend beyond the traditional workforce. That means treating machine and third-party identities with the same level of scrutiny, controls and lifecycle management as full-time employees.

SailPoint’s approach offers a compelling blueprint:

Non-Employee Risk Management (NERM): Centralized, auditable workflows for third-party access, including onboarding, offboarding and access reviews.
Machine Identity Security (MIS): AI-driven discovery, classification, ownership assignment and access certification for bots, RPAs and service accounts.

Together, these capabilities provide visibility and governance across all identities, regardless of origin. They also support Zero Trust mandates like least privilege, just-in-time access and continuous verification.

Business Benefits Beyond Security

This is not just about reducing risk. It is about enabling speed and scale without sacrificing control.

With strong identity governance:

Mission partners and contractors get the access they need faster—without creating long-term exposure.
Audit preparation becomes easier, with clear logs of who had access to what, when and why.
Compliance improves, especially in regulated industries, based on NIST and other frameworks.
Security teams can shift from reactive firefighting to proactive risk management.

And perhaps most importantly: organizations become more resilient in the face of evolving threats.

The Bottom Line

Cybersecurity is no longer just about protecting data—it is about protecting trust. And trust starts with visibility and control over every identity that touches your systems.

If your organization is still relying on outdated processes to manage non-human and third-party users, now is the time to act. Inaction is not neutral—it is a strategic liability. As attack surfaces expand and adversaries grow more sophisticated, unmanaged identities will remain the soft underbelly of your defenses.

Zero Trust is not just a framework—it is a mindset. And in that mindset, every identity matters.

It is time to see what has been hiding in plain sight.

Ready to reinforce your identity perimeter? Discover how SailPoint’s ICAM solutions empower organizations to manage digital identities with precision. Explore Now.

The Top 10 OSINT Events for Government in 2025

Posted on by Michael Shrader and Marty Gryski

Open Source Intelligence (OSINT) is no longer a niche capability—it is a core component of modern intelligence work. Carahsoft and our partners have spent years attending and supporting the top OSINT events. We have seen firsthand how AI, automation and smarter data strategies are reshaping the way Government teams gather, analyze and act on intelligence.

This list of the top OSINT events for 2025 and beyond highlights the best places to learn, connect and bring new ideas back to your mission.

OSMOSIS: DC

August 6-7 | Reston, VA | In-Person Event

OSMOSIS:DC is a two-day conference held by OSMOSIS, an Association for OSINT Professionals. The theme for this year is “Technology, Trends, and Transformations.” The expo-style event offers participants direct access to leading vendors, hands on experience with the latest tools and expert-led workshops. Attendees will have the opportunity to connect with industry leaders and build career advancement strategies to help stay ahead of emerging OSINT trends. OSMOSIS:DC is a great opportunity to gain transformative insights from the OSINT industry!

Take a look at some of last year’s top themes in preparation for the 2025 event:

Harnessing Location Intelligence: Advanced OSINT Techniques for Cyber Intelligence Investigations

Linguistic Fingerprints: Using Language to Profile Subjects in OSINT Investigation

Digging for Digital Dirt: Unearthing Bad Actors with Open-Source Intelligence

Carahsoft invites our partners to exhibit at OSMOSIS:DC, hosted at our Conference & Collaboration Center in Reston. Whether you are looking to sponsor, speak, exhibit or just attend, reach out to osintverticalmarketing@carahsoft.com to get involved in this intimate networking event!

Billington Annual Cybersecurity Summit

September 9-12 | Washington, D.C. | In-Person Event

The Billington Annual Cybersecurity Summit is the leading forum for cybersecurity professionals, Government leaders and industry executives to discuss emerging threats, best practices and the latest trends. With over 200 expert speakers, 100+ cyber-focused vendors and more than 40 sessions, attendees will have the chance to engage with top specialists, explore state-of-the-art technologies and participate in thought-provoking discussions. The Summit’s strong focus on collaboration between the Public and Private Sectors provides insights that address real-world security challenges. Learn about cybersecurity strategies, AI-driven threat detection and the latest advancements in national defense at this crucial event!

Carahsoft is looking forward to sponsoring and exhibiting at this year’s event. We’re excited to engage with attendees throughout the week. We will also be hosting a large partner pavilion and encourage attendees to stop by and learn more about our partners and their technology solutions! Check out the events tab on our website  for more details closer to the event!

Intelligence & National Security Summit

September 18-19 | National Harbor, MD | In-Person Event

The Intelligence and National Security Summit (INSS), held by AFCEA International and the Intelligence and National Security Alliance (INSA), gathers thought leaders, policymakers and industry experts dedicated to advancing solutions for shaping the future of intelligence and national security. The two-day event will feature five plenaries, and six breakout sessions focused on AI and emerging technologies, critical infrastructure security, space acquisition and more. Attendees will gain hands on experience with innovative technologies in the Intelligence Community (IC), insights from experts in the field, as well as networking opportunities with Government leaders, technical professionals and leading researchers. Expert-led panels and interactive discussions will cover critical national security challenges and provide actionable strategies for navigating the complex world of intelligence. Join this premier forum to explore the emerging threats, intelligence operations and technological advancements that are redefining the security landscape!

Carahsoft supports INSS by enabling our vendor partners to participate as sponsors and exhibitors, ensuring a strong industry presence at the event.

IACP

October 18-21 | Denver, CO | In-Person Event

The International Association of Chiefs of Police (IACP) is an annual event that brings together public safety professionals from around the world to explore new techniques, share expertise and prepare their departments for future success. The conference features an exposition hall showcasing products from more than 600 vendors, education workshops and networking opportunities with fellow law enforcement professionals. Spanning four days, attendees will have the chance to engage in policy discussions on the latest challenges in policing, leadership and public safety innovation. As one of the largest law enforcement events, IACP 2025 is an essential gathering for agencies looking to enhance their strategies and stay ahead in an evolving security landscape.

Attendees should expect sessions surrounding how to leverage OSINT for criminal investigations, OSINT for threat assessment and risk mitigation, as well as Dark Web and Deep Web investigations.

Carahsoft will have a booth at IACP where several of our vendor partners will demonstrate their solutions and share educational content. We will also be hosting a networking reception with several of our vendor partners, welcoming conference attendees for food, drinks, networking and more! 

OSINT Foundation Awards

November 7 | VA | In-Person Event

The OSINT Foundation Awards recognize individuals and organizations that have made significant contributions to the field of OSINT. Attendees will explore the latest OSINT methodologies, data analysis techniques and the critical role of open source information (OSIF) in national security and risk assessment. This prestigious event highlights major achievements, facilitates professional networking and demonstrates OSINT’s impact on intelligence operations. Join industry experts as they honor innovation, dedication and the future of OSINT!

Awards honored at last year’s ceremony included:

Innovation of the Year

Volunteer of the Year

Practitioner of the Year

Unit of the Year

Catalyst of the Year

Product of the Year

View a more in-depth explanation of the selection criteria here.

Carahsoft is a proud partner of the OSINT Foundation, supporting them annually by hosting the OSINT Foundation Tech Expo. We encourage our partners to get involved with this event by nominating individuals who they believe exemplify excellent service to the nation and contribute to the OSINT discipline.

Global Security Exchange

Sept 29 – Oct 1, 2025 | New Orleans, LA | In-person Event

Global Security Exchange (GSX) 2025 is the premier event for security professionals across the public and private sectors, offering a comprehensive forum to explore the evolving threats and innovations shaping today’s global risk landscape. With immersive education sessions, insightful keynotes and cross-industry networking, GSX brings together leaders and practitioners from around the world to exchange ideas, strategies and best practices. Attendees will gain firsthand insight into the tools and technologies driving the future of physical and cyber security.

Carahsoft is proud to exhibit at GSX 2025 at Booth #2907. Stop by to connect with our OSINT experts and discover the latest open source intelligence technologies designed to help you stay ahead of emerging threats. We look forward to engaging with the security community and sharing how our partners are equipping organizations to be the first line of defense in today’s complex environment.

OSINT Foundation Tech Expo

April 30 – May 1, 2026 | Reston, VA | In-Person Event

The OSINT Foundation Tech Expo is an annual event that brings together professionals and experts in the field, showcasing the latest advancements in OSINT technologies and related services. Attendees can expect a variety of presentations, workshops and networking opportunities designed to enhance knowledge and skills in gathering and analyzing publicly available information. The event aims to foster collaboration and innovation within the OSINT community, making it a must-attend for anyone involved in intelligence and cybersecurity!

Carahsoft is proud to host the OSINT Foundation Tech Expo at the Carahsoft Conference & Collaboration Center in Reston, a space dedicated to ensuring collaboration and support across the technology industry and Government. Carahsoft invites our partners to join the 50 OSINT vendors and agencies already lined up to showcase their own tabletop exhibits. Carahsoft has also collaborated with FedGovToday’s Francis Rose to interview our partners for their Innovation in Government and Video Insights!

GEOINT 2026

May 3-6, 2026 | Aurora, CO | In-Person Event

The Geospatial Intelligence (GEOINT) Symposium is the nation’s largest gathering of industry professionals and Government leaders and will be held at the America’s Center Convention Complex in St. Louis. This year’s theme, “Building a Secure Tomorrow Together,” highlights the collaborative efforts and cutting-edge innovations shaping the future of geospatial intelligence. The symposium will feature industry-leading keynote speakers, main stage panels and hands on training sessions on topics such as mission planning, precision timing and navigation. Attendees will be able to engage with geospatial intelligence experts to deepen their understanding, foster connections and stay at the forefront of innovative technologies. Attend GEOINT 2026 to explore the critical role geospatial intelligence will play in building a secure future!

Carahsoft intends to showcase a Partner Pavilion with our vendors again in 2026. We look forward to attending GEOINT 2026 and join our OSINT customers to learn more about the latest in geospatial open source intelligence.

SOF Week 2026

May 3-8, 2026| Tampa, FL | In-Person Event

SOF Week 2026 is the annual gathering for the international Special Operations Forces (SOF) community. Jointly sponsored by U.S. Special Operations Command (USSOCOM) and the Global SOF Foundation, the event serves as a platform for fostering collaboration, innovation and excellence in modern special operations. SOF Week will feature keynote addresses from senior leaders, professional development workshops, chances to network and sessions focused on non-profit initiatives. Do not miss this key event shaping the future of SOF operations!

Carahsoft and more than 45 partners will attend and showcase solutions in AI, DevSecOps, cybersecurity, cloud technologies and open source intelligence.

TechNet Cyber 2026

June 2-4, 2026 | Baltimore, MD | In-Person Event

TechNet Cyber 2026, hosted by the Armed Forces Communications and Electronics Association (AFCEA), is a flagship cybersecurity event bringing together U.S. Cyber Command, the Defense Information Systems Agency (DISA), Joint Force Headquarters-Department of Defense (DoD) Information Network and DoD Chief Information Office (CIO), as well as a mix of military, Government, industry and academic leaders. This conference serves as a platform for collaboration, uniting policy, strategic architecture, operations and command and control to address global security challenges in the digital domain. Attendees can expect a comprehensive program featuring expert panels on cybersecurity advancements, technology demonstrations and networking events aimed at enhancing national cybersecurity efforts. Join us in Baltimore to connect with top decision-makers and help drive solutions for this vital mission!

The event will feature a range of exhibitors, including Carahsoft’s leading cyber technology providers. Carahsoft looks forward to joining our open source intelligence customers at TechNet Cyber in 2026.

Join us at one of our 2025 OSINT events to connect with intelligence leaders and professionals dedicated to advancing OSINT. Do not miss this opportunity to explore innovative OSINT techniques and tools, data analysis, cybersecurity and more!

To learn more or get involved in any of the above events please contact us at OSINTVerticalMarketing@Carahsoft.com. For more information on Carahsoft and our industry leading OSINT technology partners’ events, visit our OSINT solutions portfolio.

The Top 6 Insights from GEOINT 2025

Posted on by Lacey Wean

Geospatial intelligence (GEOINT) stands at the forefront of national security innovation, where cutting-edge technologies are rapidly transforming how decision-makers understand and respond to global threats.

At GEOINT Symposium 2025, industry experts, Government officials and thought leaders joined to discuss the latest technology innovations. This year’s conference saw discussion centering around several topics, such as the integration of artificial intelligence (AI), workforce development and new innovations.

Carahsoft and over fifty of our technology partners attended to showcase solutions in AI, cybersecurity and more to support GEOINT mission objectives. Watch all GEOINT sessions to discover how emerging technologies, policy shifts and mission priorities intersect across the Public Sector.

Here are my top six takeaways.

Global Intelligence Coordination and Artificial Intelligence Integration

In the session “Global Intelligence, Local Impact: Source and Analysis at the Speed of Mission,” speakers Gary Dunow, the Executive Vice President at USGIF, Tracy Maloney, the Deputy Director of Source Operations at National Geospatial-Intelligence Agency and Shelby Pierson, the Director of Analysis at National Geospatial-Intelligence Agency discussed tools that maximize efficiency to help fulfill mission objectives. The National Geospatial-Intelligence Agency (NGA) aims to form efficient partnerships that enhance operational effectiveness across all Combatant Commands (COCOMs), and help with the development of streamlined tools that support current DOD intelligence needs. Change detection capabilities, large language models (LLMs) and other AI models are becoming increasingly valuable, with NGA focusing on building confidence in these technologies while curating essential content. The intelligence community is prioritizing geolocated open-source reporting through two active opportunities: metadata tagging to address imagery gaps regardless of source, and cross-domain solutions enabling seamless integration of varied intelligence sources from both domestic and foreign origins. Tulsi Gabbard, the Director of National Intelligence (DNI), emphasized the importance of proactive information sharing rather than waiting for agency requests, while simultaneously building workforce trust in AI through mechanisms for expressing concerns, understanding risks, acknowledging early adoption already underway and cultivating confidence in these emerging technologies.

Rapid Space-Related Intelligence Sharing

The U.S. Space Force and NGA signed a memorandum of agreement at GEOINT, which was discussed at the keynote hosted by General Chance Saltzman, the Chief of Space Operation at U.S. Space Force, Vice Admiral Frank Whitworth, Director at the NGA, and Dan Smoot, the Chief Executive Officer at Maxar Intelligence.

This memorandum comes from the demand for faster access to space-based intelligence for military missions. The agreement enhances intelligence sharing by streamlining coordination between the National Reconnaissance Office (NRO)’s collected commercial satellite imagery, the NGA ‘s data analytics that produce comprehensive intelligence products and the Space Force, who then delivers space-related intelligence to military commanders through its Tactical Surveillance, Reconnaissance and Tracking (TacSRT) program. Through this memorandum, the military gains rapid situational awareness and heightened synergy across Federal agencies. This collaboration streamlines intelligence sharing, enabling faster and more efficient coordination between

GEOINT Initiatives

In her keynote address, Tulsi Gabbard, the Director of National Intelligence of the United States, outlined the Federal approach to GEOINT initiatives, which emphasizes peace maintenance and military readiness. According to Gabbard, to maintain excellence, the Federal Sector must maintain pace with trending technology. Gabbard addressed procurement challenges facing small businesses and stressed the administration’s commitment to technology advancement, geospatial funding priorities and cross-agency partnerships. One such technology, AI, represents both a challenge and opportunity to transform geospatial professional roles without replacing human expertise. The Intelligence Community’s primary focus is conflict prevention rather than winning conflicts, with the GEOINT discipline building crucial trust.

NATO Priorities in Intelligence and Defense

The North Atlantic Treaty Organization (NATO) is actively investing in cutting-edge technologies across the space and sea. During Major General Paul Lynch, the Deputy Assistant Secretary General of Intelligence and NATO International Military Staff’s keynote address, he discussed Federal priorities to integrate AI to stay ahead of emerging threats. In response to these evolving threats, NATO has launched ambitious military exercises, including STEADFAST Defender 2024. One of NATO’s largest military exercises, STEADFAST Defender 2024 is actively pursuing digital transformation and intelligence sharing across while developing closer partnerships with industry experts. NATO’s recent initiatives with the private sector have launched underwater vehicles to aid in mission objectives of remaining at the forefront of defense.

Education and Workforce Development in Geospatial Intelligence

During her keynote address, Tulsi Gabbard emphasized that the geospatial field faces a critical shortage of young talent. Government programs that provide opportunities for new generations are important to inspiring growth. One such program is the United States Geospatial Intelligence Foundation (USGIF)’s “GEOINT Symposium Young Professionals Golden Ticket”, which provides mentoring sessions with GEOINT professionals and opportunities at USGIF events. Carahsoft’s Geospatial Internship Program is another opportunity for incoming professionals. Pathways for further educational curriculum development were discussed at the session “Keynote: Digital Twins and GEOINT – Transforming Intelligence with 3D Analytics.” This keynote offered encouraging developments that will allow the incoming workforce to get involved. The field is becoming increasingly accessible, with open-source data platforms, such as GitHub, significantly lowering entry barriers for newcomers. New opportunities in low-code and no-code environments have been created. While the speakers acknowledged a current pause in Government hiring, the democratization of geospatial technology allows students with creative mindsets to leverage open-source data to enter geospatial careers.

A Hub for Geospatial Capabilities

St. Louis is establishing itself as the epicenter of GEOINT and geospatial efforts. At his keynote session, Senator Eric Schmidt discussed the coordinated statewide university initiative to train the next generation of professionals and anchored with the T-Rex innovation center. This transformation is further enhanced by the new geospatial employment pilot program headquartered at the NGA West, recognizing GEOINT’s critical role in providing commanders with clearer operational pictures. As military leaders increasingly demand more ISR (Intelligence, Surveillance, and Reconnaissance) and GEOINT capabilities, strategic investments in people, partnerships and platforms continue to provide the United States with its competitive edge in the intelligence domain.

Through developments for the future workforce, marine technology and defense initiatives, the GEOINT community maintains the nation’s security. As industry, Government and academia come together, these efforts ensure the United States remains prepared to meet global challenges with agility, innovation and intelligence-driven precision.

To learn more about the innovative technologies featured at GEOINT, visit Carahsoft’s Geospatial portfolio.  For additional research into the key takeaways that industry and Government leaders presented at GEOINT, view Carahsoft’s full recap.

SOF Week 2025: Top 5 Insights on Interoperability, Artificial Intelligence and More

Posted on by Michael Shrader

Effective defense often relies on operations that are agile, adaptable and focused. Special Operations Forces (SOF) Week 2025 is an international conference for thought leaders, Government representatives and key military decision-makers involved in the Department of Defense (DoD). Jointly hosted by the United States Special Operations Command (SOCOM) and Global SOF, the conference platformed discussions surrounding the improvement of cybersecurity and technology within SOF.

This year, Carahsoft and over fifty of our technology partners attended to showcase solutions in artificial intelligence (AI), cybersecurity and much more, supporting SOCOM and DoD mission objectives.

The SOF Week conference featured five key themes for attendees to learn about.

Leveraging Artificial Intelligence to Achieve SOF Objectives

One of SOCOM’s innovation priorities is to onboard products that have AI integrations, uncrewed and autonomous systems, power computing and quantum capabilities. In the session “Keynote Address: U.S. Special Operations Command Team,” speakers General Bryan P. Fenton, Commander of USSOCOM and the Command Sergeant Major Shane Shorter, Senior Enlisted Leader of the USSOCOM, discussed optimizing the computing power of adapted technology to maintain pace with adversaries. By providing the needed tools, SOCOM can help reduce the cognitive load placed on personnel.

In the session “PEO Overview: Tactical Information Systems,” speaker Chad Skiendsiel, the PM for Transport Systems, PEO TiS, requested multiple AI capabilities that would be useful to SOCOM operations. These are:

Automation of data and containerization
Software infrastructure that enables more containerization of data and configuration.
Commercial solutions that can enable classified data computing as well as compute power out to the edge
Embedded computing that can be attached to the warfighter to achieve better situational awareness

In the session “Fireside Chat: AI Innovation and Integration in National Security,” speaker Akash Jain, CTO of Palantir discussed SOF’s efforts to implement AI into SOCOM operations. One key area that requires special attention is AI integration into legacy systems, many of which have existed for years and cannot easily have AI added to enhance the work SOF does. This is why vendors with solutions, such as Hewlett Packard Enterprise, can be utilized to integrate AI into existing infrastructure.

Bolstering Cybersecurity in SOCOM Operations

One of the key themes present in SOCOM’s evolving cybersecurity efforts is the adoption of a Zero Trust architecture, particularly within the Enterprise Information Systems directorate. It is referenced across multiple capability areas as essential to aligning with broader DoD cybersecurity mandates. To advance this strategy, SOCOM is actively engaging with industry and conducting assessments to define mission-driven requirements. Technology experts such as Dell Technologies, Red Hat and VMware are constantly working to be at the forefront of Zero Trust efforts.

Following this focus, the Professional Employer Organizations (PEO) is implementing cybersecurity initiatives in its contracting services. All solicitations will include cyber discipline and hygiene requirements, supply chain risk management and cybersecurity risk management requirements. Across the portfolio within SOCOM, post-quantum encryption is being looked at as the future strategy for cyber and will continue to develop as time goes on. The PEO SOF Digital Applications (SDA) also notes that CISA’s Software Bill of Materials (SBOMs) will continue to be added to its cybersecurity pipeline to ensure software is open and honest. These initiatives work to fortify existing and future cyber structures to protect the effectiveness of missions and the safety of personnel.

As supply chains, SOF and the Defense Industrial Base (DIB) continue to be under threat from adversarial cyber-attacks, PEO Services continue working to fully implement CMMC guidelines in their procedures. For unclassified solicitations, SOCOM will implement CMMC Level One, while any classified solicitations will be level two or higher.

Industry Partnerships to Meet Demand

In the session “Keynote Address: U.S. Special Operations Command Team,” Major General Bryan P. Fenton heavily emphasized that partnerships are key to meeting industry needs. While SOF is maintaining pace with current requirements, to stay ahead in the future, SOCOM must look to industry partners for their specialty and assistance.

One such category of offerings is autonomous, unmanned systems promote efficiency by saving time on menial, repetitive tasks. SOCOM is looking to implement dual-usage, capable autonomous products, such as self-driving cars, drones and robots. Modeled after the Private Sector’s success with unmanned systems, SOCOM agencies aim to evolve at the same speed. To enact this, all onboarded unmanned systems must be interchangeable, adaptable and successful within any region of the world to meet mission requirements.

The Importance of a Modular Open Systems Approach (MOSA)

For the military, multi-domain connectivity is the way forward. Military agencies are focusing on modular open-mission systems that can be interoperable, as they are the key to staying ahead of future conflicts. Depending on industry trends and the latest in cybersecurity, equipment may need to be changed on the fly. Some technologies will need to be found preemptively; in these scenarios, industry experts can provide assistance.

In the session “PEO Overview: SOF Digital Applications session,” Modular Open Systems Approach (MOSA) was noted by every program manager as a solution. This approach is desired as it allows systems and products to remain agile when new software is added.

MOSA consists of three main components:

Infrastructure and Deployment: Hybrid deployment of cloud, multi-vendor capabilities, Open-source technologies and COTS integration
Data Centricity & Interoperability: Messaging & EDA, Black Box interfaces, Ontology Support, preferences on containerization and VMs
AI Implementation & Sustainment: Low-cost and remotely maintainable solutions, lifecycle management and updates, AI support for LLMs and at the edge and adaptability on mission needs

By enabling agencies within SOCOM to implement software updates, MOSA promotes interoperability and the speedy onboarding of key technologies.

Humans Over Hardware

While technology is vital to SOCOM Operations, humans are the backbone of the agency. In the session “Keynote Address: US Secretary of Defense,” Secretary of Defense Pete Hegseth spoke on the three pillars for success within the DoD and how SOCOM can reiterate and emphasize them. Among these three, the warrior ethos is targeted with the slogan, “humans are more important than hardware.” Secretary of Defense Pete Hegseth, USSOCOM Commander General Fenton, and the Chairman of the JCOS Dan Caine all echoed this point that warfighters are the most important aspect within SOF. Any person that meets warfighter standards can serve, and all purchases and developments should center the safety and wellbeing of the warfighter in mind.

Through the collaboration between people and technology, SOF is able to work securely, quickly and smoothly. With top cybersecurity, automation integrations and industry partnerships, SOCOM continues to fulfill DoD mission objectives and keep personnel safe.

To learn more about technologies featured at SOF Week, visit Carahsoft’s defense portfolio.

TechNet Cyber 2025: Top 5 Insights on Zero Trust, Interoperability and More

Posted on by Mike McCalip

Technology is a vital part of the United States Department of Defense (DoD)’s capabilities, making security and enhancements essential to the nation’s stability and growth. AFCEA International’s flagship event, TechNet Cyber, emphasizes the role of cybersecurity and IT within the DoD. Alongside its partners, such as such as Amazon Web Services (AWS), Everfox and Ciena, Carahsoft attended TechNet Cyber to support DoD mission objectives. Carahsoft maintains a unique position in the defense industry with the ability to connect DoD and intelligence community (IC) personnel, Government IT decision-makers, thought leaders and industry and vendor partners. At this year’s conference, leaders and operators in the IT and Defense Department joined to network, facilitate problem solving and explore ways to expedite and secure the procurement process.

Expanding Zero Trust: “Flank Speed” is Ready to Scale

To safeguard against potential cybersecurity attacks, the DoD is working to secure its networks with Zero Trust, a security strategy focused on identity, credential and access management. In the session “DoD Zero Trust Success Stories,” David Voelker, Zero Trust Architecture Lead for the Department of the Navy, discussed recent initiatives to bolster Zero Trust within Flank Speed, the Navy’s single enterprise Microsoft 365 solution that provides productivity tools, collaboration tools and OneDrive storage. The Department of the Navy is planning to conduct autonomous penetration testing to determine the quality of Zero Trust capability implementation. Last year Flank Speed met 151 of 152 Zero Trust activities, meeting target far ahead of schedule. Flank Speed is the Navy’s single enterprise Microsoft 365 solution that provides productivity tools, collaboration tools and OneDrive storage.

Another speaker, Ian Leatherman, the Zero Trust Strategy Lead for Microsoft U.S. Federal, discussed key takeaways from Microsoft’s work with Flank Speed. Visibility into agency networks is critical to emboldening existing Zero Trust strategies. Mr. Leatherman stated, “When in doubt, collect the telemetry: you never know what new or novel adversary techniques you may find.” Knowing exactly how many endpoints, applications and users are on the network at any given time positions the DoD to swiftly deal with incoming threats.

Leatherman also discussed recent initiatives to involve all Navy personnel in a cybersecurity strategy; security is more than a technology solution, but a way to ensure safety within the agency. David Voelker, Zero Trust Architecture Lead at the Department of the Navy echoes this statement. While the Zero Trust Portfolio Office set their DoD-wide Zero Trust adoption target as the end of fiscal year 2027, Flank Speed is already operational. Voelker notes that the Flank Speed configuration could be lifted and shifted to other customers in the DoD, with a quick deployment time of under 24 hours. Mr. Voelker also recommends automating this shift.

Carahsoft and our vendor partners offer several cybersecurity solutions to help Government agencies implement Zero Trust architectures that protect critical information and reduce national security risk. Our offerings align with Public Sector Zero Trust maturity models developed by NIST, the DoD and CISA.

Carahsoft, TechNet, blog, embedded image, 2025

How Mission Objectives Drive Acquisition

Acquiring powerful, up-to-date technology enables the DoD to protect against persistent and increasingly sophisticated cyber-attacks. The DoD aims to streamline its procurement process to maintain pace and safeguard against attacks. In the session “DoD Software Modernization Senior Steering Group,” speaker Sean Brady, Senior Lead for Software Acquisition Enablers at the Office of the Undersecretary of Defense (Acquisition and Sustainment), explained that there are two key drivers to this transformation. The first is mission objectives; software should be tailored to allow the DoD to adapt its systems to rapidly changing threats. The second is access to commercial innovation, which allows the DoD to access products in weeks or months rather than years.

Digital Transformation for Operational Effectiveness

Digital transformation in the DoD is crucial for maintaining pace with an increasingly technology-driven security environment. Thomas W. Simms, Principal Deputy Executive Director for Systems Engineering and Architecture at the Office of the Under Secretary of Defense for Research and Engineering, discussed the major digital transformation efforts within the DoD.

The main four are:

Modular Open Systems Approach (MOSA), a congressional requirement that integrates technical and business strategies to promote acquisition and drives modular designs

The DoD’s Digital Engineering Instruction, which requires programs to use digital engineering in their design process

Application Program Interfaces (APIs), a ruleset that allows communication between software applications and is driven by the DoD’s API guidebook, which enables the DoD to become more data-centric

The DoD’s System Engineering Guidebook, which is currently undergoing an update to incorporate guidance from the Secretary of Defense’s latest memos

By modernizing legacy systems and enabling the DoD to acquire the newest and greatest in IT, these initiatives enhance operational effectiveness and improve decision-making speed.

Fast-Tracking Authority to Operate (ATO)

In the defense industry, technology must be approved to mitigate security risks. The Software Fast Track (SWFT), a process that expedites software verification within the U.S. Government, is changing the way the DoD manages risks and conducts Authority to Operate (ATO). Contractors can get involved with the latest software acquisition and risk management changes by participating in the three recently released requests for information (RFIs).

These RFIs, which close May 20^th, are:

RFI – Software Fast Track (SWFT) Tools

RFI – Software Fast Track (SWFT) External Assessment Methodologies

RFI – Software Fast Track (SWFT) Automation & Artificial Intelligence (AI)

Katie Arrington, the Acting DoD Chief Information Officer (CIO), also discussed the Software Fast Track (SWFT) set to launch on June 1^st of this year. The initiative will replace the traditional Authority to Operate (ATO) structure and add a few requirements, such as third-party Software Bill of Materials (SBOM), third-party risk assessments and the population of Enterprise Mission Assurance Support Service (eMASS) with artifacts. Once these guidelines are in place, contractors will gain a Provisional ATO.

Ms. Arrington attests that these changes will revolutionize the Risk Management Framework (RMF) by allowing industry experts to provide feedback to the DoD. Paper compliance isn’t enough anymore, Ms. Arrington says. The DoD is looking for “continuous monitoring, red-teaming and people to continually evaluate their capability.”

She also added that the DoD will be sunsetting the Approved Products List (APL). Additional sponsor additions are no longer being accepted. Instead, the SWFT initiative will take over, establishing a “trust, but verify” procedure, promoting both security and swift ATO action.

Using Interoperability to Pitch to DoD

As operations increasingly move online, interoperability becomes increasingly important to efficiency and accessibility. Venice Goodwin, the outgoing CIO for the Department of the Air Force, offered advice to industry professionals on navigating changes within DoD. Goodwin recommends that the industry practice “extreme teaming;” rather than service each department individually: vendors should focus on servicing the DoD as a whole. As the DoD prioritizes capabilities that have cross-departmental benefits, industry experts should demonstrate the effectiveness of their capabilities and solutions in every domain across land, sea, air and space. With this collaboration, both the Private and Public Sector can get the results they need.

The digital transformation journey within the Department of Defense represents not just an evolution of systems, but a commitment to defending interests at home and abroad. Acquisition, ATO and Zero Trust are all valuable assets to maintaining pace with the current, constantly evolving technological climate, ensuring the United States carries out its mission of protecting the nation.

To learn more about mission-critical technology, visit Carahsoft’s defense portfolio to explore solutions showcased at TechNet Cyber. For additional research into the key takeaways that industry and Government leaders presented at TechNet Cyber, view Carahsoft’s full synopsis of key sessions from the tradeshow. 

The Top CMMC Events for Government and the DIB in 2025

Posted on by Alex Whitworth

With the release of the Cybersecurity Maturity Model Certification (CMMC) 2.0 framework, 2025 marks a pivotal year for education, collaboration and implementation across the Defense Industrial Base (DIB). As compliance standards evolve, this year’s lineup of CMMC-centric events offers defense contractors, cybersecurity professionals and Government stakeholders unparalleled opportunities to deepen their understanding, explore new solutions and engage directly with policy leaders and technology providers. Below is a preview of the key events shaping the CMMC landscape in 2025—and how Carahsoft and our partners are helping to drive the conversation forward.

CEIC West

May 21-23 | Las Vegas, NV | In-Person Event

CEIC West 2025, the official conference of The Cyber AB, is the premier event for defense contractors and cybersecurity professionals focused on implementing the CMMC 2.0 framework. Hosted by Forum Makers, this conference offers practical strategies to help organizations achieve compliance and secure their place in the DIB. Attendees will benefit from expert-led sessions, hands-on workshops and networking opportunities with key figures from the DoD and The Cyber AB. Additional highlights include pre-conference training, the Women of CMMC Dinner and the Tech for Troops Golf Tournament. Learn how to close security gaps, manage costs and tackle the real-world challenges of CMMC compliance at CEIC West 2025.

Sessions to look out for:

Keynote: “Protecting CUI, Federal Contractors and the Future of CMMC” feat. Katie Arrington, CIO, DoD

“CMMC Beyond the DoD: Preparing for a Broader Compliance Landscape”

Carahsoft will present a Solutions Showcase spotlighting a group of partners that provide CMMC compliance tools tailored for the DIB. Numerous resources and solutions providers —including those in Carahsoft’s “Solutions Showcase” such as Cyturus, Lifeline Data Centers, Axonius Federal Systems, ISI Defense and Paramify— will be available for attendees seeking to learn more about CMMC and Carahsoft’s role in the program. Join us at the pre-conference golf tournament as Carahsoft is proud to be the Beverage Sponsor of this charitable event!

Carahsoft CMMC Webinar Series

July 29-31 | Virtual Event

Carahsoft upcoming webinar series offers a comprehensive look at the latest updates to the CMMC program, providing DIB stakeholders with the insights needed to achieve and maintain compliance. Through a series of expert-led sessions, participants gain a clear understanding of the CMMC framework and learn how to implement effective cybersecurity practices aligned with Federal requirements. Whether you are just beginning your compliance journey or looking to strengthen your existing posture, this series delivers actionable guidance for all levels of the CMMC compliance journey.

The Carahsoft CMMC Webinar Series will feature a number of partners to share insights and offer practical solutions for achieving compliance. Check out our website for more information and to register as we get closer to the event date.

National Cyber Summit

September 23-25 | Huntsville, AL | In-Person Event

The National Cyber Summit 2025 is the nation’s most innovative cybersecurity technology event, offering unique opportunities for education, collaboration and workforce development. Hosted by the North Alabama Chapter of the Information Systems Security Association (NAC-ISSA), Cyber Huntsville Corporation (CHC), Auburn University Research and the University of Alabama in Huntsville, the summit brings together participants from Government, industry and academia. Attendees can expect a comprehensive agenda featuring expert-led sessions, hands-on training and valuable networking designed to foster collaboration and innovation across the cybersecurity landscape. With its strong emphasis on advancing best practices and protecting national interests, the National Cyber Summit remains a must-attend event for the cybersecurity community.

Carahsoft will host a Partner Pavilion highlighting trusted technology providers focused on CMMC compliance solutions for the DIB. This space will serve as a hub for attendees to explore Carahsoft’s extensive lineup of solutions providers and educational resources, offering access to experts and compliance tools.

CEIC East

November TBD | Location TBD | In-Person Event

CEIC East, presented by the CMMC Implementation Conference (CIC) in partnership with The Cyber AB, is designed to immerse attendees in the defense supply chain cybersecurity ecosystem. This conference brings together industry experts, defense contractors and IT leaders to provide comprehensive guidance on achieving compliance with CMMC 2.0, NIST 800-171 and DFARS regulations. Featuring expert-led sessions, real-world case studies and technical breakouts, CEIC East offers valuable insights into securing CUI and FCI. The event also includes networking opportunities and an exhibitor hall showcasing the latest cybersecurity technologies and solutions

Carahsoft will have a Solutions Showcase for partners that provide CMMC compliance solutions to the DIB. This showcase will provide attendees with a hands-on opportunity to explore Carahsoft’s expansive network of compliance-focused technologies and gain insights into the tools, services and support available to guide them through every phase of their CMMC journey.

DoDIIS

December 7-10 | Fort Lauderdale, FL | In-Person Event

The 2025 Department of Defense Intelligence Information System (DoDIIS) Worldwide Conference is a premier event that brings together senior decision-makers, technical experts and innovators from the DoD, Intelligence Community (IC), industry, academia and Five Eyes (FVEY) partners. This immersive conference offers a unique platform for collaboration and knowledge sharing, focusing on the integration across the IC and the rapid development and deployment of mission-focused solutions. Attendees will have the opportunity to engage with a comprehensive selection of sessions, interact with a broad range of leaders and showcase solutions addressing issues impacting mission users. The event also features dynamic speakers, innovative technologies and networking socials, providing an invaluable experience for all participants.

Carahsoft, Top CMMC Events, blog, embedded image, 2025

Carahsoft will host an expansive Partner Pavilion highlighting cutting-edge technologies that support defense and intelligence missions. Within this space, our Cyber booth—located in the Vertical Alley”—will feature a demo station from our CMMC team.

CMMC Day

May 5, 2026 | College Park, MD | In-Person Event

Join industry leaders at the 6^th annual CMMC Day 2026, where the Defense Industrial Base (DIB) will come together to navigate the shift from compliance to competitiveness under CMMC 2.0. With over 300,000 U.S. Government subcontractors soon to be impacted, this one-day conference offers essential insights into the CMMC framework’s wide-reaching implications for Federal supply chain security. CMMC Day delivers expert-led sessions from the National Institute of Standards and Technology (NIST), the National Information Assurance Partnership (NIAP), the National Security Agency (NSA) and other key players, guiding attendees through NIST 800-171, foundational cybersecurity standards and the maturity model’s evolving requirements.

Whether you are a product vendor, integrator, testing lab or Government official, you will gain actionable knowledge, connect with the full industry value chain and leave better equipped to assess, prepare and certify under the new framework.

Carahsoft is looking forward to showcasing our partners who deliver innovative CMMC compliance solutions for the Defense Industrial Base at CMMC Day 2026. The event will spotlight Carahsoft’s broad portfolio of resources and solution providers, making it a must-attend opportunity for those preparing for or advancing their role in the CMMC ecosystem.

CS2 Reston

May 6-7 | Reston, VA | In-Person Event

The Cloud Security and Compliance Series (CS2) Reston, hosted by Summit 7, brings together defense contractors and IT leaders to learn about Federal cybersecurity requirements. With the CMMC rule now published, the CS2 Reston delivers critical guidance on achieving compliance with CMMC 2.0, NIST 800-171, Defense Federal Acquisition Regulation Supplement (DFARS) 70 Series—7012, 7019, 7020—and International Traffic in Arms Regulations (ITAR), as well as securing Controlled Unclassified Information (CUI) and Federal Contract Information (FCI). Featuring expert-led sessions, real-world case studies and technical breakouts, the agenda includes speakers from The Cybersecurity Assessor and Certification Body (Cyber AB), Microsoft, Summit 7 and others. CS2 Reston is a must-attend event for Chief Information Security Officers (CISOs), IT administrators and compliance professionals seeking practical insights and peer connections in the evolving defense cybersecurity landscape.

Carahsoft will exhibit at CS2 Reston, engaging with attendees interested in learning more about our cybersecurity solutions portfolio and educational resources. Look out for our 2026 involvement on our website.

SOF Week

May 5-8 | Tampa, FL | In-Person Event

SOF Week is the premier global gathering for the Special Operations Forces (SOF) community. Jointly hosted by U.S. Special Operations Command (USSOCOM) and the Global SOF Foundation, this annual event brings together over 19,000 attendees—including SOF operators, defense industry leaders, policymakers and international partners—to collaborate on advancing the future of special operations. Attendees can expect a dynamic agenda featuring senior keynotes, breakout sessions, live demonstrations and a multi-venue exhibition showcasing cutting-edge technologies. SOF Week offers unparalleled opportunities to network, learn and contribute to the global SOF mission.

Carahsoft will host a large Partner Pavilion at SOF Week 2026, where attendees can explore a wide range of mission-focused technologies from our partners. Look out for more information about our involvement in 2026 on our website.

TechNet Cyber

May 6-8 | Baltimore, MD | In-Person Event

TechNet Cyber 2026, hosted by the Armed Forces Communications and Electronics Association (AFCEA) International, is a premier event uniting military, Government, industry and academic leaders to tackle the ever-evolving challenges in cyberspace. The conference emphasizes collaborative strategies to strengthen cyber resilience and outpace adversaries. Attendees will gain valuable insights from top officials at United States Cyber Command (USCYBERCOM), the Defense Information Systems Agency (DISA), the Department of Defense Chief Information Officer (DoD CIO) office and other key agencies. Sessions will cover zero trust architecture, artificial intelligence (AI) integration and cyber workforce development. Featuring a robust exhibit hall and targeted networking opportunities, TechNet Cyber offers a comprehensive platform for driving cybersecurity innovation across the Public and Private Sectors.

Carahsoft will host a Partner Pavilion showcasing cybersecurity solutions from our leading technology partners such as Cyturus. Check out our website as we look forward to our 2026 involvement.

Looking Ahead:

Whether you are just beginning your CMMC journey or looking to enhance your existing compliance strategy, these 2025 events provide a critical forum for insight, innovation and connection. With each event tailored to address the most pressing challenges facing the DIB, participants can expect actionable takeaways, hands-on demos and valuable discussions with experts across Government and industry. Carahsoft is proud to support these initiatives through our presence at each event, along with our robust ecosystem of CMMC-focused partners and resources.

Explore Carahsoft’s full CMMC solutions portfolio and learn how we can help support your compliance efforts.

Nutanix AHV and Rubrik’s Layered Security – The Key to System Resilience and Efficiency

Posted on by Tom Bisbee, Gabriel Flores and Brett Atha

Protecting critical infrastructure from cyber threats and ensuring business continuity in the face of disasters is a top priority for organizations today. Luckily, Nutanix AHV, a modern, secure virtualization platform that powers and enhances virtual machines (VMs), can help. Rubrik’s integrated solutions fortify AHV environments against ransomware attacks and enable efficient disaster recovery. By leveraging features like immutable backups, anomaly detection and on-demand cloud-based disaster recovery, organizations can enhance their cyber resilience and minimize the impact of disruptive incidents.

A Simple and Secure Path to VM Management

Nutanix AHV is simple to use and secure by design. The platform works through a centralized control plane, where AHV is integrated into a single application programming interface (API). This eradicates a complicated setup on the customer side. By maintaining constant management and a virtualization layer, Nutanix AHV allows organizations to fulfill mission objectives.

Nutanix AHV features several built-in security features, such as micro-segmentation, data insights, audit trails, ransomware protection and data age analytics.

Nutanix features:

Built-in, self-healing abilities protect against disk failure, node failure and more
A vulnerability patch summary automatically alerts users about susceptibility risks and anomalies that need to be addressed
A life cycle manager provides readmittance testing and deployment testing
More than one copy of backup data, ensuring that users do not lose valuable information
Multi-site replication including to and from the public cloud.

Securing data in Nutanix AHV requires more than just the basic perimeter defenses, but a multi-layered strategy. With Rubrik’s data protection abilities, which include immutable backups, automatic encryption and logical air-gapping, agencies and organizations can recover information within minutes and resume mission objectives in the event of a breach.

Securing Data with Rubrik’s Rapid Recovery Abilities

Rubrik, a security cloud solution provider that keeps your data resilient, enables the near-instant recovery of virtual machines and data within the Nutanix AHV environment. Rubrik provides multiple recovery options within AHV, such as file-level recovery, live mount, export, mount virtual disks and downloadable virtual disk files. Through Rubrik, businesses can recover files from older hypervisors into newer AHV environments without having older hypervisors online. Once granted access to the AHV environment, Rubrik automatically discovers and integrates protocols and base level policies for VMs. Rubrik’s recovery process restores data in minutes, regardless of VM size. As VMs get larger and larger, frequently hitting 50 terabytes, this speedy and precise response empowers organization’s incident response plans to be swift and efficient. After scanning the meta data, users are granted file level recovery after anomaly detection, allowing users oversight on affected data.

As the data that organizations manage grows exponentially, data security becomes critical to business functions. Rubrik offers comprehensive data security, continuously monitoring and remediating data risks within the network.

Through Rubrik, businesses can recover files from older hypervisors into newer AHV environments without having older hypervisors online. Once granted access to the AHV environment, Rubrik automatically discovers and integrates protocols and base level policies for VMs.Rubrik’s recovery process restores data in minutes, regardless of VM size. As VMs get larger and larger, frequently hitting 50 terabytes, this speedy and precise response empowers organization’s incident response plans to be swift and efficient.After scanning the meta data, users are granted file level recovery after anomaly detection, allowing users oversight on affected data.

Rubrik also provides constant monitoring for backups. Typically, businesses do not regulate data backlogs, which increases the likelihood that they miss attackers that sit in the system environment for a few days before collecting data. With Rubrik’s threat monitoring and hunting, organizations can search through backups and detect when an anomaly entered the environment. Through Nutanix and Rubrik’s integration, IT teams can reduce complexity, gain oversight, cut down on operational costs and improve resiliency and efficiency.

Automation: The Key to a Proactive Incident Response

Modern cyber threats require a proactive approach to incident response. With automation and orchestration, facilitated by the combined capabilities of Nutanix and Rubrik, organizations can detect, respond to and recover from cyber incidents more efficiently.

Rubrik has a built-in anomaly detection, which searches protected data for strange behavior, such as mass deletion or encryption. As the volume of data on a network increases, organizations often have sensitive data they are not actively monitoring or even know sensitive data maybe exposed. Rubrik clusters are always scanning protected data for anomalies, sensitive data, and known IOC’s allowing customers to select resolution options, such as isolating compromised VMs, or the ability to restore product systems from last known good copies.

Readiness impacts recovery time, and recovery time impacts organization operations. Nutanix AHV’s recovery organization authorizes IT teams to organize VMs into a set of templates, which can be used to create blueprints and launch application recovery. Nutanix also provides organizations with the flexibility to apply policy to each workload, taking control of network security and BC/DR policy with VM level granularity. By allowing organizations to map out their application owners, Nutanix AHV enables businesses to move from a reactive to a proactive security posture, minimizing the impact of attacks and ensuring swift recovery.

Nutanix and Rubrik’s integration creates a powerful security and operational synergy, empowering organizations with the tools they need for network safety and, if necessary, a swift and comprehensive restoration of critical systems, empowering organizations to resume business missions. Nutanix AHV enables organizations to reduce complexity, improve security and achieve a higher level of resilience and operational efficiency.

To learn more about how Nutanix AHV and Rubrik’s integration delivers streamlined data protection, rapid recovery and robust incident response capabilities, watch our webinar, Fortifying AHV: Cyber Recovery and Incident Response with Nutanix and Rubrik.

The Top Geospatial and Space Tech Events for Government in 2025 and Beyond

Posted on by Lacey Wean

Geospatial and space technologies are revolutionizing how Government agencies leverage location-based data, modern mapping platforms and advanced analytics to drive mission-critical decisions. From enhancing national security to improving infrastructure and environmental monitoring, these tools empower agencies to innovate and collaborate. In 2025 and beyond, Carahsoft and our vendor partners are excited to support Government professionals at premier events showcasing the latest advancements in geospatial and space tech. Join senior leaders, policymakers and IT experts to explore cutting-edge solutions and forge strategic partnerships. Below, we highlight top upcoming events.

SOF Week

May 5-8, 2025 | Tampa, FL | In-Person Event

SOF Week is the premier annual gathering for the international Special Operations Forces (SOF) community, jointly sponsored by U.S. Special Operations Command (USSOCOM) and the Global SOF Foundation. The event serves as a critical platform for fostering collaboration, innovation and excellence in modern special operations. Attendees will gain unique insights into the latest advancements in SOF capabilities, tactics and technology. The event attracts over 19,000 participants drawing SOF professionals, industry leaders and Government stakeholders from around the world.

Keep an eye out for the USSOCOM Annual Awards Ceremony. A highlight of the week, this awards dinner honors outstanding contributions to the SOF community and celebrates its achievements.

Join Carahsoft at its SOF Week exclusive pavilion alongside our technology partners, and do not miss our networking reception on Wednesday, May 7, 2025, from 6:00pm – 9:00pm at The Florida Aquarium.

GEOINT Symposium

May 18-21, 2025 | St. Louis, MO | In-Person Event

Hosted annually by the United States Geospatial Intelligence Foundation (USGIF), the GEOINT Symposium is the nation’s largest gathering of geospatial intelligence professionals, drawing over 4,000 attendees. Attendees will explore the intersection of technology and security, addressing challenges and opportunities in today’s complex geopolitical landscape. The event features industry-leading keynote speakers, main stage panels and hands on training workshops covering topics such as mission planning, precision timing and navigation, enhancing your practical skills and knowledge in geospatial intelligence applications.

This year’s theme, “Building a Secure Tomorrow Together,” will feature prominent keynote speakers, including The Honorable Tulsi Gabbard, Director of National Intelligence (DNI), VADM Frank “Trey” Whitworth, Director of the National Geospatial-Intelligence Agency, and General B. Chance Stalzman, Chief of Space Operations, US Space Force.

Carahsoft will have a significant presence at GEOINT 2025, featuring a pavilion with partner demos throughout the show. Connect with industry professionals at Carahsoft’s networking reception on Tuesday, May 20, at The Post Building, which will feature food and music.

GeoGov Summit

September 8-10, 2025 | Herndon, VA | In-Person Event

The GeoGov Summit is an annual forum that brings together leaders and experts from Government, industry, organizations and academia to advance the national geospatial strategy. The summit focuses on the evolving role of geospatial technologies in Governance, national security, infrastructure and public services. It serves as a platform for policymakers, technology providers and geospatial professionals to collaborate on improving data-driven decision making, enhancing interoperability and strengthening the National Spatial Data Infrastructure (NSDI).

Carahsoft is looking forward to attending and sponsoring the GeoGov Summit, along with our geospatial partners.

FOSS4G NA

November 3-5, 2025 | Reston, VA | In-Person Event

Free and Open Source Software for Geospatial North America (FOSS4G NA) is the premier open geospatial technology and business conference, offering a vibrant and welcoming atmosphere for technologists, end-users, academics and decision-makers. Attendees can look forward to a diverse program featuring presentations, workshops and networking opportunities that highlight the latest advancements in open source geospatial software and applications.

This event will feature:

Insights from leading experts in the geospatial field, who will discuss current trends and the future direction of open source geospatial technology.
Hands on workshops where attendees will have the opportunity to engage directly with open source geospatial tools and applications, enhancing their technical skills and knowledge.

Carahsoft is proud to sponsor FOSS4G NA 2025, supporting the growth of open geospatial technologies. With deep expertise in open source technologies, Carahsoft partners with top providers to deliver secure, scalable solutions that enhance operational efficiency and situational awareness.

CyberSat

November 17-20, 2025 | Reston, VA | In-Person Event

The CyberSat Summit is a key gathering dedicated to addressing cybersecurity threats and defenses in the satellite and space sectors. Since its inception in 2017, it has brought together satellite, space and cybersecurity professionals alongside Government, military and intelligence officials to discuss emerging technologies like artificial intelligence (AI) security, Zero Trust frameworks and quantum encryption. The SpaceInformation Sharing and Analysis Center (Space ISAC) will host a live tabletop exercise, testing incident response skills in a crisis simulation. Attendees can expect technical tracks on securing satellite networks, mitigating AI-driven threats and enhancing cyber resilience. Join the policy makers, threat analysts and engineers shaping the future of space security at this must-attend event!

Sessions to Look Out for:

Unclassified Program (November 17-18): Two tracks focused on real-world case studies, system-level security challenges and in-depth technical approaches to combat emerging cyber risks
Classified Program (November 19-20): This segment, held at the Aerospace Corporation’s Sensitive Compartmented Information Facility (SCIF) in Chantilly, VA, will cover a range of topics, including counterspace cyber applications of AI, threats to the supply chain, improving cyber resiliency in space and directed energy detection for satellite sensors.

Carahsoft is looking forward to exhibiting at the CyberSat Summit, along with our geospatial, space, AI and cyber partners.

Geography 2050

November 20-21, 2025 | New York City | In-Person Event

Geography 2050 is the American Geographical Society’s annual symposium, held in partnership with the Columbia Climate School. The 2025 theme, “The Future of GeoAI and the Planet,” will explore the convergence of geospatial technologies and artificial intelligence (GeoAI) and their transformative impact on understanding and addressing global challenges. Attendees will engage with experts from Government, industry, academia and non-profits to discuss how GeoAI can enhance our ability to monitor, predict and respond to environmental and societal changes. The symposium aims to foster a strategic dialogue on leveraging GeoAI for sustainable development and planetary stewardship.

This event will feature:

“GeoAI Foundation Models,” a session that delves into the development of comprehensive GeoAI foundation models that are capable of processing vast amounts of geospatial data to provide actionable insights.
“GeoAI and Glimpsing into the Future,” a session where experts will discuss how GeoAI enhances predictive modeling to anticipate future environmental and societal changes, aiding in proactive decision-making.
“Plenary Session” with Jack Dangermond, where Esri’s founder and president will discuss the latest trends in Geographic Information System (GIS), advancements in GeoAI and the future of location intelligence.
Technical workshops, where attendees will gain hands-on experience with Esri’s newest tools, including ArcGIS, AI-powered GIS workflows and spatial data science applications.
User presentations, where attendees will learn how Government agencies and enterprises are leveraging GIS to solve real-world challenges in disaster response, national security and smart city planning.

Carahsoft is proud to support the geospatial community by partnering with leading vendors to provide innovative solutions in GeoAI and geospatial technologies. We look forward to participating in Geography 2025 this year!

Geo Week

February 16-18, 2026 | Denver, CO | In-Person Event

Geo Week is a premier conference focused on the integration of geospatial technologies, the built environment and 3D innovations. This annual conference brings together professionals from geospatial, architecture, engineering, construction (AEC) and related industries to explore advancements in technologies like Light Detection and Ranging (LiDAR), photogrammetry, remote sensing, reality capture and AI.

The event features over 200 speakers and 50+ sessions, including keynote presentations, educational workshops and product previews.

Carahsoft is excited to sponsor and exhibit alongside our geospatial partners and network with attendees across the industry.

SATELLITE 2026

March 23-26, 2026 | Washington, D.C. | In-Person Event

For more than 40 years, the SATELLITE Conference & Exhibition serves as a major gathering for the satellite, space and defense industries, bringing together professionals from around the globe to discuss the latest advancements, challenges and trends in the field. The conference features a comprehensive program that includes keynote addresses from expert speakers, engaging panel discussions and networking opportunities with industry leaders and peers, fostering collaboration and innovation.

We look forward to sponsoring and having a booth at Satellite 2026 to showcase how Carahsoft is supporting the industry in the space, satellite and defense industries.

FedGeoDay

April 2026 | Washington, D.C. | In-Person Event

FedGeoDay is the premier event dedicated to Open Geospatial Ecosystems within the U.S. Federal Government. This event provides attendees the opportunity to engage with Federal program managers, technology leaders, industry partners and organizations to share ideas, learn and network. The event includes presentations, workshops and networking sessions aimed at fostering collaboration and innovation in the geospatial community.

Carahsoft is proud to be a sponsor of FedGeoDay, reinforcing our commitment to advancing open geospatial technologies across the Public Sector. Look out for updates on our presence in 2026 on Carahsoft’s website.

Space Symposium

April 13-16, 2026 | Colorado Springs, CO | In-Person Event

2026 will mark the 41^st Space Symposium! Over 10,000 space professionals and decision makers from commercial, Government and military sectors will gather to discuss critical issues, policy updates, innovative solutions and industry trends across the space community. The event will include expert panels, keynote addresses and networking opportunities with the top minds in the field. The Space Symposium is the number one international space event that is shaping the future of space exploration and technology.

Carahsoft is looking forward to sponsoring and exhibiting at the 41^st Space Symposium.

Sea-Air-Space

April 19-22, 2026 | National Harbor, MD | In-Person Event

The Navy League of the United States (NLUS) Sea-Air-Space is the largest annual maritime exposition in North America. Attendees across Government and industry gather for innovative and educational discussions on advancements in maritime, naval and security technologies that will strengthen the future of the sea services. The event features informative sessions, policy discussions and 400+ exhibitors—from startups to Fortune 500 companies—showcasing the latest tech in the maritime field.

Carahsoft is looking forward to showcasing our Aerospace and Maritime technology solutions and partner ecosystem as part of the Carahsoft Partner Pavillion.

Looking Ahead:

The geospatial and space tech landscape is evolving rapidly, with GeoAI, precision navigation and cybersecurity at the forefront. As the industry continues to evolve, these events will continue to build momentum. These exciting gatherings will further integrate innovative technologies to address Government needs. Join Carahsoft at these events to explore innovative solutions and connect with industry leaders.

To learn more or get involved in any of the above events, please contact us at Geospatial@Carahsoft.com. For more information on Carahsoft and our industry leading Geospatial and Space Tech technology partners’ events, visit our Geospatial solutions portfolio.  

Sea-Air-Space 2025: Top 6 Insights on AI, Readiness and More

Posted on by Mike McCalip

Sea-Air-Space, the premier maritime exposition of the United States, is an educational hub for defense industry leaders, Government leaders and top military decision-makers to network and discuss the latest insights and advancements in the maritime and space domains. 

Joined by over 40 of our technology partners, Carahsoft showcased solutions on cybersecurity, cloud computing, artificial intelligence (AI) and more at Sea-Air-Space 2025, providing customers the opportunity to engage with and explore technologies designed to enhance the efficiency of mission objectives. 

This year’s conference featured six key themes for attendees to explore.

1. Integrating Artificial Intelligence into Maritime Missions

The efficiency of AI enhances the speed and accuracy of decision-making, providing real-time insights for Sea Service personnel. Integrating AI and other autonomous systems into military operations can satisfy the critical need for close collaboration between the technology industry and the defense sector. Speakers at Sea-Air-Space discussed the importance of finding practical applications of AI, machine learning (ML) and automation across warfighting, business processes, logistics and readiness. 

Major General of the United States Marine Corps, Matthew Glavy, spoke about the Marine Corps’ strategic use of AI. Presently, there is a “campaign of learning” aimed at aligning training and acquisition with AI capabilities. One goal is integrating algorithm management and scalability into AI training. Another is finding AI that functions in harsh maritime environments to improve warfighter’s abilities. Speakers stressed that AI is not just a tool for the future, but a present-day necessity that enables the Sea Services to significantly enhance the effectiveness, precision and longevity of their platforms and operations. With AI’s ability to detect and respond to cyber threats, the nation can better maintain its strategic defense edge.  

2. Preparing Data for Mission Readiness 

Currently available technology, assets and resources can be used to prepare data for future missions. As data can be used to enhance awareness amongst combat environments, sourcing data from diverse sources is vital to developing logistics systems for operations. 

Autonomous systems can be used to collect and translate data into actionable insights, enabling the Sea Services to improve operational readiness, extend lethality and respond swiftly at the tactical edge. The usability of data is just as important as having a diverse source. 

Technology with visualization tools, such as user-friendly dashboards, make data more accessible and predictive. This readability enables forces to anticipate failures, identify vulnerabilities and make data-driven decisions that impact mission readiness, ensuring personnel are equipped to outpace evolving threats.  

3. Maintenance for Operational Readiness 

Readiness is critical to maintaining a competitive edge. The United States Navy’s aims to achieve and sustain 80 percent combat surge ready posture for ships, submarines and aircraft by 2027. To accomplish this, platforms must be maintained and enhanced with the newest technology to ensure they are up-to-date and at their best capacity. Novel approaches to training, manning, and sustainment can all improve force readiness.  

In the session “Ready Our Platforms,” panelists discussed tips on the path to maintain pace with this goal. 

Sea Service personnel should: 

Engage with maintenance initiatives to strengthen planning, execution and partnerships to improve on-time delivery

Take boats out of public shipyards in a timely fashion to ensure combat readiness

Invest in original equipment manufacturing for maintenance work and quality assurance

Review and update the Navy’s acquisition strategy to better acquire services for systems with diminishing subject matter expertise

Increase the number of structural engineers embedded with maintenance teams to enable faster technical resolution of issues

Create a dedicated force to focus on material ordering and provisioning for major maintenance efforts

By embracing a proactive approach to training, manning, modernization and sustainment, the U.S. Navy can ready and bolster its force to improve combat readiness. 

4. Enhancing Security Through Space Systems 

To maintain its competitive edge, the Sea Services must strategically utilize all available assets, including space. In the session “The Critical Role of Industrial Space Assets in Maritime Security,” speaker John Hill, the assistant Secretary of Defense for Space Policy and the Deputy Assistant Secretary of Defense for Space and Missile Defense (PTDO) at the Department of Defense (DoD), discussed the five foundational space mission areas: generating, processing, storing, transporting and protecting data. By aligning mission objectives across the Space Force, Space Command and other relevant forces, the Sea Services can maintain pace with industry goals. Affordable, proliferated space systems and high-value technology can enhance maritime security by providing resilience and durability against emerging threats. By taking a proactive approach to innovation, the defense sector can leverage industry momentum and accelerate capability development.  

5. Innovation With Enterprise Solutions

To support innovation and experimentation, the Sea Services aim to move from traditional procurement models towards modern, iterative approaches that empower operational commands and developers to co-create solutions in real time. 

The key strategies in this shift include: 

Using agile methodologies and continuous delivery pipelines

Giving operational teams authority to drive mission-specific solutions

Building open, modular systems with interoperability standards that allow for adaptable integration that maintains pace with threats and mission priorities

Involving end users throughout the process, ensuring that the burden of integration at scale does not fall to combatants

Providing consistent funding that supports innovation and experimentation

Fostering a culture that accepts measured risk and supports transformation

By decentralizing development and giving operational teams the authority to drive mission-specific solutions, the Navy aims to collapse development timelines, remove bureaucratic friction and deliver high-impact capabilities faster. The initiative provides persistent, mission-aligned funding streams that support innovation and experimentation without excessive risk aversion, creating pathways for scalable solutions at the pace of technological advancement. 

6. A Dive into Maritime Initiatives with Francis Rose

A special Sea-Air-Space 2025 edition of Francis Rose’s Fed Gov Today explores the critical convergence of maritime security, technology and strategy in today’s evolving global environment. An interview with Vice Admiral Andrew Tiongson, Commander of the U.S. Coast Guard Pacific Area, discussed how the Sea Services have increased presence and coordination along the West Coast to counter maritime border incursions. Melissa Carson, Vice President and General Manager at Iron Mountain Government Solutions, highlights the critical need for structured data governance to enable effective AI-driven defense operations. Dr. Abbie Tingstad, Research Professor at the U.S. Coast Guard Academy, underscores the strategic importance of maintaining multi-domain presence in the Arctic through international partnerships, as environmental shifts and great power competition reshape polar governance. These insights collectively demonstrate how technological modernization, AI literacy, data readiness and strategic partnerships are essential for securing maritime domains against complex threats.

Reliable, adaptable and verifiable technology enables the Sea Services to fulfill mission objectives. By leveraging today’s technologies to meet resource needs, extend the lifecycle of critical assets and enhance mission readiness, the Sea Services continue to outpace evolving threats and uphold its promise to protect the nation. 

To learn more about innovations amongst the Sea Services, visit Carahsoft’s defense portfolio to explore solutions showcased at Sea-Air-Space. For additional research into the key takeaways that industry and Government leaders presented at Sea-Air-Space, view Carahsoft’s full synopsis of key sessions from the tradeshow.

Modernizing the Department of Defense’s Authorization to Operate Process For Agility

Posted on by Danielle Metz

What is the National Defense Authorization Act?

Since 1961, the National Defense Authorization Act (NDAA) has authorized funding levels and provided authorities for the U.S. military and other critical defense priorities, ensuring America’s forces have the resources they need to carry out their missions.

Authority to Operate

A barrier that exists for technology companies is obtaining an Authorization to Operate (ATO) for their software applications, services, and or platform capabilities. The ATO process can be challenging, tedious, and unpredictable, with varying costs and timelines. This process is particularly cumbersome and incongruent with the dynamic nature of software deployment. Once the ATO hurdle is cleared, technology companies face their next challenge: continuous monitoring and associated updates. Every major software update must be run through a compliance process. This poses significant challenges for both the software company and the government end-user. It prohibits the timely and continuous resolution of issues and prevents the government from leveraging the latest and most cutting-edge version of an application.

“Presumptive reciprocity” in the context of the National Defense Authorization Act (NDAA) refers to a provision mandating that if one Department of Defense (DoD) authorizing official has approved a cloud-based platform or service as secure, then other DoD officials should automatically accept that assessment without needing to conduct a separate review. Presumptive reciprocity helps lighten the ATO burden and was recently reinforced in Section 1522 of the FY25 NDAA. Enabling another DoD organization to take an ATO for their software application, services, and or platforms from the Air Force Authorizing Official, for example, and having it accepted by the Navy’s Authorizing Official, greatly reduces the burden on both government accrediting officials and the technology company. Most importantly, the DoD warfighter wins by gaining access to best-in-class capabilities delivered at the speed of relevance, ensuring they can execute their missions effectively.

Second Front Systems DoD Authorization to Operate Blog Chart Image 2025

FY2025 NATIONAL DEFENSE AUTHORIZATION ACT (NDAA) SEC. 1522.

What does the language in Sec. 1522 of the FY25 NDAA on DoD Presumptive Reciprocity entail?

Tasks the DoD Chief Information Officer (CIO) to work with Military Department CIOs to develop and regularly maintain a digital directory of all Authorizing Officials (AOs) across the DoD. Specifically, this database will contain current contact information of the AOs AND list training requirements that must be completed to be certified and perform the duties of an AO.
Identifies the need to establish a policy for “Presumption of Reciprocal Software Accrediting Standards.” The DoD CIO is tasked with creating and implementing a policy for DoD that would require AOs to adopt security analysis and supporting documentation of cloud-hosted platforms, services, or applications that have been approved by another AO in the DoD.
- This policy change will allow for more rapid adoption of cloud-hosted platforms, services, or applications at the corresponding classification level (e.g., CUI, Secret, Top Secret) with the existing approval conditions and no further authorization or approval reviews required.
- The policy will include the following:
  - Standardization of security, accreditation, performance, and operational capabilities of the cloud-hosted platforms, services, and applications;
  - A digital workflow to document acceptance by/among the mission owners and system owners to use the operational capabilities from the cloud-hosted platforms, services, and applications; and
  - Define an adjudication process with associated timelines that would allow AOs that disagree with using this policy to present their rationale to the DoD CIO or designated entity for reconciliation.
- The policy applies to the following:
  - ALL AOs in the DoD (Military Department, Defense Agency and Field Activity, and Component).
  - ALL operational capabilities of cloud-hosted platforms, services, and applications that are on public cloud infrastructure and authorized through FedRAMP and DISA AND capabilities in private cloud landing zones managed by the DoD that have been approved by DoD AOs.

The big take away here is that the FY25 NDAA language marks a significant step forward in reducing bureaucratic hurdles for both technology companies and the DoD. By implementing “presumptive reciprocity,” the NDAA streamlines the ATO process, enabling faster adoption of cloud-hosted platforms and services while maintaining rigorous security standards. This policy helps ensure that the DoD can access cutting-edge technology more efficiently, empowering warfighters with the tools they need to execute their missions with speed and precision. As the DoD continues to modernize and adapt to rapidly evolving technologies, these changes pave the way for a more agile, secure, and effective defense ecosystem.

To learn more about Second Front Systems and the National Defense Authorization Act, visit our website and keep up with our latest efforts with the DoD.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Second Front Systems, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.