Category Archives: Partners

Smart Guarding: How AI can be Used to Enhance Vacant Building Security

Posted on by
Reply

After 2020, the landscape of corporate real estate changed dramatically. Companies across multiple sectors, including technology, transitioned from working in office to either hybrid or totally remote models. Vacancy rates on corporate campuses increased to 15-20%, opening companies up to a multitude of liabilities and operational challenges. Artificial intelligence (AI) has brought a new edge to vacant building security. Smart guarding and solar guards elevate the security posture of vacant buildings, defend corporate assets and subsequently deliver a Return on Investment (ROI) through effective security measures.

Risks of Vacant Building Stewardship

Vacant buildings come with a series of unique risks to the company that either owns or leases the building. These locations are particularly attractive for criminal activity, especially trespassing and vandalism. Companies also face other risks such as copper theft and squatting that result in higher insurance claims, causing rising premiums. Further challenges come from the range in potential responses from law enforcement. The crime rate in the area will greatly affect how quickly police respond to the call, or whether they will respond at all if there is not an active incident.

Traditional security models for vacant buildings rely heavily on human patrols and come with their own operational drawbacks. A commonly used term in security, “warm bodyguards,” describes guards that are physically present but only do the bare minimum required to complete the job; in other words, these guards are just a warm body whose physical presence alone is deemed to be enough to deter criminal activity. Depending on the size and scope of the campus, these security measures can cost up to $25,000 per month. The ROI is negligible at best, and companies are often left with an expensive yet ineffective security protocol.

With property vacancy on the rise, companies need a solution that is cost effective but does not sacrifice protection or increase their risk profile. That solution lies in the integration of cutting-edge technology with human security.

The Modern Security Guard: Smart Guarding and Solar Guard

Prior to the existence of AI, the Silicon Valley Model sought to enhance building security by combining electronic access control in a building with a fleshed out in-person security protocol. This gives companies the opportunity to employ security guards with relevant prior experience, such as ex-law enforcement and ex-military members, who have effective communication and customer support skills. The key to success is a combination of the right people on site and the proper technological processes in place.

Sentry AI’s Smart Guarding takes this approach a step further by integrating AI agents into the security protocols. A various range of sensors are installed across the building. These can include:

  • Cameras
  • Microphones
  • Motion sensors
  • Turnstiles
  • Fire detection (smoke detectors, heat detectors, etc.)

With the number of sensors that exist in a singular building, a Security Operations Center (SOC) analyst can get easily overwhelmed by the sheer volume of alerts. An AI agent established at the core of this alert system can absorb the information, interpret the incoming data and pass on the relevant security alerts to the SOC analysts.

The AI agent itself can also be proactive and mitigate ongoing security risks. The AI can impersonate a human guard, using any language, tone of voice or even slang if required. By voicing details such as the intruder’s clothing or appearance, the agent creates the impression of an on-site security guard without actually engaging physically with the intruder. After announcing a security presence, the agent will tell the intruder to leave and threaten police intervention if they do not. The agent can also activate sirens and lights to trigger a flight response from the intruder. This is all managed without human intervention.

Periodically, companies need to install a security solution that does not rely on the network, property owner or landlord. Sentry AI has the Solar Guard solution for these exact situations. The Solar Guard is a self-contained mobile unit with a tall mast and several solar panels. Energy collected throughout the day is stored in batteries contained within the unit to power it throughout the night or in adverse weather conditions. At the top of the mast, the Solar Guard has lights, speakers, a cellular modem and dual lens cameras that give a 360-degree field of vision.

As vacancy rates in corporate buildings continue to climb, companies continue to search for new impactful and cost-effective ways to improve their security posture in their buildings. AI-powered security protocols such as Solar Guard and Smart Guarding decrease the risk to personnel and cut through alert fatigue. By combining modern technological advancements with knowledgeable SOC analysts, companies gain ROI and protect their assets when personnel are not present.

To discover how Smart Guarding can elevate security in your vacant facilities, watch Sentry AI’s webinar, “Using AI to Protect Vacant Facilities.”

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Sentry AI, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Securing AI Adoption in Government: From Mandates to Implementation

Posted on by
Reply

One of today’s top trends is artificial intelligence (AI), specifically how the Public Sector can adopt it while maintaining the security, governance and oversight essential for mission-critical operations. With AI jumping from number three to one on Federal Chief Information Officers’ (CIO) priority lists and 80% of CIOs under explicit cost savings mandates, the question is no longer whether to deploy AI but how to do so securely at scale.

The recent overhaul of the Federal Acquisition Regulation (FAR) marks the most significant rewrite in over 40 years, fundamentally shifting how Federal agencies operate and procure technology. As generative AI (GenAI) deployments move into mission-critical environments, agencies need practical frameworks that balance speed with verification.

Moving From Speed to Velocity

As The Public Sector enters the age of AI, with $4 trillion in Private Sector investment in data centers, agencies face a fundamental design challenge: design AI systems that adapt to human workflows rather than forcing humans to adapt to systems. This distinction matters most in Government and defense contexts where lives depend on maintaining human oversight for deliberate decisions.

The Department of War’s (DoW) Acquisition Transformation Strategy (ATS) offers a proven model of buying outcomes in increments. Instead of funding calendar time through traditional program structures, agencies should fund missions through portfolios that deliver outcomes in weeks or months. This approach structures procurement in modular increments that integrate with evolving architecture while funding capability and delivery, not timelines.

Velocity differs from speed in its directional precision. Agencies can accelerate procurement through fast-lane processes while maintaining governance through evidence gates that verify operational performance, user adoption, cyber risk posture and sustainment realities. This framework preserves ethical obligations while delivering measurable results.

Prerequisites for Secure AI Implementation

Before deploying AI tools in production environments, agencies need foundational elements in place:

GitLab, Securing AI Adoption in Government blog, embedded image, 2026

Policy frameworks that define where AI can be a part of the process and establish clear boundaries for all personnel. Training and enablement programs ensure teams understand governance requirements and security policies. Several Federal agencies have already created AI centers of excellence to help establish standards and create processes around how they are implementing AI.

End-to-end visibility across the entire software delivery process enables agencies to track where AI agents operate and what actions they perform. Without comprehensive visibility, governance becomes theoretical rather than operational.

Contextual accuracy determines output quality, AI systems deliver accurate, usable results only when provided with the right context, making data quality and integration critical prerequisites.

Built-in guardrails must exist before AI implementation. Security scans on every code change and controls preventing critical vulnerabilities from merging into production branches become essential as agencies move into the agentic AI era.

Practical AI Use Cases That Deliver Value

GitLab’s most recent DevSecOps survey reports that AI currently handles about 25% of the work in Public Sector organizations, with leadership targeting 50% automation. The most successful implementations focus on code generation, testing and documentation, areas where AI delivers immediate, measurable impacts.

Federal customers using GitLab’s AI capabilities report significant efficiency gains in code review processes. AI-powered first-pass reviews reduce time while maintaining quality standards. Test generation and legacy code modernization have proven particularly effective.

Compliance automation represents an emerging high-value use case. GitLab teams are developing compliance agents that access code repositories, Continuous Integration/Continuous Deployment (CI/CD) pipelines and security vulnerability data to automatically populate Security Technical Implementation Guide (STIG) checklists. Security team leaders review and adjust outputs as necessary, reducing administrative burden while allowing teams to focus on strengthening application security posture.

Prioritizing AI Governance Frameworks

With 35% of Public Sector professionals using unofficial AI tools at work, agencies governance frameworks that address shadow IT risks without stifling innovation. A risk-based approach identifies high-impact systems within critical infrastructure and implements controls that prevent systemic failures.

Effective governance prioritizes AI adoption around innovation while maintaining public trust. Agencies must identify high-impact areas and understand system interdependencies, as more systems connect, understanding how one system impacts another becomes essential for appropriate segmentation and risk management.

Building on Secure Foundations

Agencies cannot build on a shaky foundation. Federal AI and cybersecurity strategies must align around building responsibility into the process from the start. This requires shifting from governing static systems to engineering systems that can evolve safely, integrating assurances, accountability and human judgment as foundational design constraints instead of downstream checks.

Before deploying advanced AI capabilities, agencies should strengthen foundational practices, standardizing workflows, implementing security by design and ensuring basic guardrails are in place. AI cannot compensate for weak foundations in the software development lifecycle. The path forward requires doubling down on fundamentals while strategically adopting AI where it delivers clear value.

To learn more about implementing secure AI solutions, watch GitLab’s full webinar, “Cyber in the AI Era: Building Foundations for Secure Adoption.”

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including GitLab, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Endpoint Detection and Response (EDR) and Federal Cybersecurity Mandates

Posted on by
Reply

Federal cybersecurity mandates are constantly evolving to keep pace with a rapidly changing technological ecosystem, focusing primarily on visibility and record-keeping within software architecture. Endpoint Detection and Response (EDR) remains a steadfast and reliable investigative tool, tracking, alerting to and aiding resolution of suspicious endpoint activity across an agency’s siloed infrastructure.

“Never Trust, Always Verify” With EDR

As malicious actors’ methods and priorities shift the Federal Government’s must evolve as well. Current cybersecurity mandates emphasize a Zero Trust approach, focusing on verifying all end users and devices in near real-time. These mandates should be considered the minimum requirement for an agency’s cybersecurity posture. Agencies should deploy multiple verification and prevention technologies to secure those endpoints.

An effective EDR solution can quickly distinguish between normal and anomalous activity in Federal endpoints. Its continuous monitoring is critical for rapidly assessing a threat before sensitive information can be stolen and leaked. Cyber attackers use sophisticated techniques, including artificial intelligence (AI) to gain an advantage. With EDR, Security Operations Center (SOC) analysts can forensically examine the chain of events and not only resolve an issue but proactively set up safeguards to prevent future incidents.

As the threat landscape evolves, it is important not to get caught up in buzzwords such as “modern” EDR. Typically “modern” means that the solution requires cloud connectivity, which can leave crucial blind spots in areas including air-gapped, limited connectivity or other disadvantaged environments. While new EDR capabilities are always being developed, the fundamental aspects have always remained the same. Visibility, as always, is the most crucial of all. An effective EDR solution is feature-rich, mature and can monitor in diverse environments.

Carbon Black EDR: Visibility on All Fronts

Regarding Public Sector cybersecurity, the primary objective is to protect the entire environment, from air-gapped and cloud environments to end-of-life operating systems. As the founders of EDR, Carbon Black offers a mature solution that can be configured to alert SOC teams to previously unknown, potentially interesting activity. By using open Application Programming Interfaces (APIs), agencies can retain total data sovereignty and pass it off to Security Information and Event Management (SIEM) systems.

Carbon Black EDR offers a full lifecycle cybersecurity solution. The solution proactively and continuously monitors all endpoints and is compatible with multiple integrations. Through watchlists, threat intelligence and other methods, Carbon Black EDR detects anomalous or malicious activity and helps SOC analysts respond through various means. SOC teams can also visualize the progression of the attack through diagrams or timelines. This customizable threat intelligence allows Carbon Black EDR to be a well-rounded solution for any agency looking to align with Federal cybersecurity mandates.

A mature, effective EDR solution always has endpoint activity awareness at the forefront, giving SOC analysts unparalleled visibility into their environment. This focus is crucial, as Federal mandates continue to focus on a Zero Trust approach to cyber security. Increasing your endpoint visibility through EDR not only improves reaction time during a crisis incident but allows SOC teams to proactively prevent future cyberattacks.

Want to learn more about how Carbon Black EDR enhances your endpoint visibility? Contact our Broadcom team at Broadcom@carahsoft.com or visit our website.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Broadcom, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

From Chaos to Confidence: Building Modern Data Strategy for Government Agencies

Posted on by
Reply

Government agencies hold vast amounts of data but struggle to extract value from it. Historically, agencies prioritized completeness over usefulness, resulting in years of manual efforts to organize data without surfacing valuable insights. Information remained trapped in siloed systems and inaccessible formats. As artificial intelligence (AI) transforms Government operations, its success depends not on new technology but on organized, accessible and secure data. Moving from reactive data management to a proactive strategy requires rethinking how data is classified, shared and protected.

The Evolution from Data Chaos to Strategic Data Organization

Agencies have long battled data disorganization, often with approaches that created more problems. Mandating perfect data organization before system development proved counterproductive. Projects stalled as teams pursued an impossible standard of completeness through governance structures that prioritized control over utility.

Rather than starting with comprehensive inventories, agencies should ask: What do I need to know that I cannot answer today? This question identifies the data that actually matters, assigns ownership and establishes automated processes to keep information current. Focusing on real business questions, not theoretical perfection, revealing the most-used data and delivering immediate value.

This shift reframes data as a strategic asset rather than a compliance burden. Modern data organization requires data domains that map to major key functions, establishing governance that enables access and early wins. The goal is speed and relevance over exhaustive documentation.

The Complexity and Criticality of Unstructured Data

Unstructured data, including Office documents, PDFs, imagery, drone footage, building blueprints, redlined contracts and multimedia recordings, poses a great challenge as it continues to grow dramatically. Construction agencies hold scanned blueprints from the 1950s alongside modern Computer-Aided Design (CAD) files. Legal teams generate years of contract negotiations with intelligence hidden in redlines and clause changes. Contact centers produce customer feedback that defies easy categorization yet contains critical insights. Emerging technologies like drones for monitoring or automated transcription continually introduce new data formats.

Extracting value requires technologies that classify, tag and analyze at scale. Optical Character Recognition (OCR) must identify Social Security numbers in images; classification engines need to distinguish between Controlled Unstructured Information (CUI) and Federal Contract Information (FCI) for Cybersecurity Maturity Model Certification (CMMC); multimodal tools must process audio, video and geospatial content. The challenge is organizing today’s data while preparing for tomorrow’s formats and making legacy information accessible and actionable.

Security, Access Control and Zero Trust in Modern Data Environments

As data moves into cloud, mobile and collaborative platforms, agencies face heightened security concerns. Traditional perimeter-based models, designed to secure from the outside in, no longer fit work patterns where employees access sensitive information from multiple devices and locations.

Egnyte, Building Modern Data Strategy for Government blog, embedded image, 2026

Zero Trust Architecture (ZTA) reframes security by treating trust as a vulnerability. Every access request requires continuous verification. Field-level encryption at rest and in transit becomes essential. Authentication must balance robust security with usability to avoid workarounds. Agencies must evaluate whether solutions meet FedRAMP requirements, CMMC standards and other frameworks while implementing least-privilege access and continuous monitoring.

Effective security requires a layered design across three dimensions:

  • Storage – encryption and data handling
  • Systems – secure communications between platforms
  • Access – authentication and authorization

Agencies that succeed build security into workflows rather than adding it afterward, enabling legitimate access while preventing exposure.

Trust, Governance and the Fear of Sharing

Agencies hesitate to share data because they distrust its accuracy, currency or interpretation. Data owners understand nuances and limitations, but this context rarely transfers to others, leading to misinterpretation and errors. These issues stem from inconsistent definitions across systems, incomplete or outdated records and uncertainty about whether data reflects current operations.

Fear and misuse leads to data hoarding, which protects teams but limits organizational intelligence. Breaking this cycle requires comprehensive governance that enables rather than restricts. Effective approaches include:

  • Automating processes to ensure information is current
  • Assigning clear data ownership and accountability for quality
  • Creating data guilds for sharing best practices across organizational silos

Training, both technical and contextual, is essential. Early wins establish reliability, building trust and confidence.

AI Readiness and the Data Foundation Imperative

AI offers significant promise but depends entirely on data quality. AI cannot grant access to sensitive data, cleanse disorganized datasets or prevent hallucinations when trained on incomplete or contradictory information. AI amplifies existing data conditions: strong organization enables powerful AI applications; chaotic data yields unreliable outputs.

AI readiness intensifies longstanding challenges. Classification becomes non-negotiable when AI can process millions of documents but needs rules for handling personally identifiable information (PII), CUI and regulated data. Permissions must prevent accidental exposure or improper data combinations. Data cleansing, which includes identifying duplicates, correcting inconsistencies and validating accuracy, becomes a prerequisite for responsible AI deployment.

Because AI technologies evolve quickly, agencies must remain tool agnostic and focus on outcomes. Architecture can support multiple AI platforms and multimodal processing of text, audio, video and geospatial data. Agencies must assess current data maturity and invest in classification, cleansing and cultural alignment to ensure AI success.

Building Your Agency’s Data Strategy

Government agencies stand at a crossroads where old approaches to data management no longer suffice, yet the path forward remains challenging to navigate. Key steps include:

  • Start with the questions that matter, not perfect organization
  • Treat unstructured data as a high-value intelligence source
  • Implement security that enables legitimate access
  • Build trust through governance and early wins
  • Recognize that AI readiness begins with solid data fundamentals

Success does not require a sudden overhaul; it requires strategic focus, incremental progress and organizational commitment to treating data as the strategic asset it represents.

To dive deeper into practical strategies for organizing, securing and leveraging your agency’s data, watch the full webinar “Make Your Data Work for Your – Solutions for Securing and Sharing Data Correctly” hosted by Egnyte and Carahsoft.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Egnyte, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

How Endpoint Detection and Response (EDR) Creates a Successful Cybersecurity Posture

Posted on by
Reply

Stringent cybersecurity measures are crucial to secure Public Sector operations, and Endpoint Detection and Response (EDR) is a critical tool in that belt. Malicious adversaries range from rogue actors to nation-state-sponsored attacks, and all frequently target specific organizations that deal with highly sensitive data. By itself, EDR can quickly identify abnormal behaviors or code and help the SOC analyst team respond accordingly. When paired with other Security Operations Center (SOC) tools, EDR further broadens SOC visibility and increases operational efficiency. Federal agencies can use that intelligence to not only resolve security breaches, but also proactively adjust their security measures to prevent further incidents.

All Eyes on the Data: EDR and Data Visibility

Visibility is a fundamental tenet of EDR. When SOC teams have access to data that is current and actionable, they can make calculated, proactive decisions and respond appropriately in crisis scenarios. An effective EDR tool will monitor existing data, detect anomalous behavior and respond to threats in real time.

Data from across multiple sources is recorded and compared against watch lists that SOC analysts can use to search for anomalous activities. Additionally, known threat vectors are continuously monitored in near real-time, and analysts are automatically alerted to suspicious behavior. EDR looks at all endpoint activity, not just individual data silos, and presents that raw data to SOC analysts in a usable, searchable manner.

Efficiency and Data Quality: Two Sides of the Same Coin

It is not just the quantity of data SOC teams can access that matters; the quality of the data is just as crucial. Chief Information Security Officers (CISOs) and SOC teams need to make fast, defensible decisions in both routine and crisis scenarios. Analysts do not have the time to sift through all alert activity and determine those that need immediate response. An effective EDR solution allows for tuning of watchlists to prioritize alerts. By receiving higher fidelity alerts, SOC analysts optimize time spent investigating and providing real-time response by isolating endpoints or acting directly to terminate suspicious processes.

It is not enough for security alerts to be prioritized; if the information is unreliable or incomplete, any analyses or flags extrapolated from that data are virtually worthless. A data-based EDR solution allows SOC analysts to resolve issues quickly, reducing the risk of faulty decisions.

Carbon Black EDR: The Premier Option

After observing the need for security and visibility in endpoints, Carbon Black was founded and pioneered EDR. Its open architecture with Application Programming Interfaces (APIs) makes it possible to correlate the data with other SOC tools, such as network, identity, endpoint protection and data protection tools. Additionally, Carbon Black EDR can integrate with different security products, including Security Information and Event Management Systems (SIEMS). This holistic vision allows SOC teams to understand the entire lifecycle of potential attacks, and accurate data ensures that analysts know exactly what, where and how an incident occurred.

This layered approach to cybersecurity is especially valuable to the Public Sector. Many Federal teams work in multiple siloed or air-gapped networks, and each of these networks have different functions. Carbon Black EDR has the flexibility to be deployed in multiple environments and tailored to their individual operations.

Want to learn more about how Carbon Black EDR can elevate your cybersecurity posture? Contact our Broadcom team at Broadcom@carahsoft.com or visit our website.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Broadcom, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

How Microsoft’s OneGov Agreement Brings Affordable AI-Enhanced Productivity to the Federal Government

Posted on by
Reply

Federal agencies have a need to advance artificial intelligence (AI) adoption and transform Government by modernizing legacy IT systems. Microsoft’s OneGov Portfolio delivers AI-powered collaboration capabilities through pre-negotiated discounts, giving agencies a simple and predictive way to obtain Microsoft Solutions at significant cost savings.

Aligned with the General Services Administration’s (GSA) OneGov strategy to unify agencies and reduce technology silos, the program provides Federal agencies with streamlined access to Microsoft 365 Copilot, cybersecurity and monitoring tools, as well as tools to assist with citizen engagement and streamlining operations. This approach simplifies procurement, accelerates deployment and delivers measurable productivity gains across mission-critical operations.

Enhanced Productivity and Secure Collaboration

The Microsoft OneGov offer provides the AI-powered productivity capabilities of Microsoft Copilot with applications agencies are using today like Word, Outlook and Teams. The platform enables users to draft content, analyze complex datasets and automate repetitive processes without switching between systems or learning new interfaces.

Government‑tailored versions of the Microsoft 365 applications operate within Microsoft’s U.S. sovereign cloud environment, giving agencies secure channels for cross-agency communication. Agencies also receive cloud storage through Microsoft OneDrive for secure, real-time collaboration and AI capabilities through Microsoft Copilot that accelerate daily workflows, including:

  • Content generation: MicrosoftCopilot generates first-draft documents in Word, reducing time spent on routine writing tasks and enabling staff to focus on substantive review and refinement.
  • Accelerated communication: Microsoft Copilot summarizes lengthy email threads and drafts responses in Outlook, streamlining correspondence management across complex organizational structures.
  • Process automation: Users build agents in Microsoft Copilot to orchestrate multi-step processes, reducing manual effort and minimizing errors in repetitive workflows.

Entra ID, Microsoft’s Identity Management Platform, provides identity management capabilities that support secure collaboration across agencies. Administrators gain automated access policies, conditional access controls and enforcement of least-privilege principles, ensuring users access only content explicitly authorized for their roles.

The offer includes built-in automation and bulk-assignment tools that streamline license deployment and management for agencies of all sizes. Once licenses are deployed, they are readily available to users, expediting the onboarding process.

Meeting Federal Security and Compliance Requirements

Solutions deployed through Microsoft’s Government Community Cloud (GCC) and Government Community Cloud High (GCC‑High) operate in U.S. sovereign cloud environments designed to meet Federal compliance standards. The offer supports FedRAMP High authorization and Department of Defense (DoD) Impact Level 4 (IL4) requirements through comprehensive security controls:

  • Encrypted data handling protects information in transit and at rest.
  • Role‑based access control and continuous monitoring provide layered security.
  • Data residency guarantees ensure information remains within authorized geographic boundaries.
  • Zero Trust Architecture (ZTA) enforces identity‑based access, least‑privilege permissions and robust conditional access policies across all services.

Simplified Procurement for Federal Buyers

Microsoft’s OneGov offer provides Federal agencies with pre-negotiated, standardized pricing up to 70% compared to standard GSA rates. The program supports agency-wide purchasing, reduces duplicative contracting and provides multi‑year discounts on solutions such as Microsoft 365 G5 and Copilot.

All purchases remain within the GSA Multiple Award Schedule (MAS), streamlining administrative tasks and simplifying budget planning. This structure enables agencies to act quickly on modernization initiatives while maintaining compliance with Federal procurement regulations.

Deployment and Adoption

Microsoft has end customer development funds available through the OneGov Portfolio offer to assist customers with rapid deployment, implementation and adoption of these tools.

The Power of Strategic Partnerships

As The Trusted Government IT Solutions Provider®, Carahsoft worked closely with Microsoft to add OneGov offers to Carahsoft’s GSA MAS, making pricing widely accessible and offering standardized discounts ranging from 50-100% to Federal agencies. This partnership delivers pricing advantages on Azure Services, Microsoft 365, Copilot and Dynamics 365.

Microsoft and Carahsoft provide comprehensive support for environment qualification, anniversary alignment, suite conversions and deployment across GCC, GCC-High and DoD environments. By combining OneGov incentives with existing enterprise agreements, agencies gain simplified procurement, predictable pricing and meaningful cost savings that accelerate modernization timelines.

Explore Microsoft’s OneGov portfolio to discover available solutions aligned with the needs of Federal agencies.

Contact the Microsoft Team at (844) 673-8468 or Microsoft@carahsoft.com to receive pricing details or schedule an overview of OneGov offerings for your agency.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Microsoft, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Removing Complexity from Compliance: Buoyant and TestifySec

Posted on by
Reply

Traditionally, achieving an Authorization to Operate (ATO) has been a grueling marathon. It often demands expensive consulting fees, lengthy manual documentation and no clear visibility into where your architecture actually stands against NIST 800-53 requirements. For organizations running cloud-native architectures on Kubernetes, this complexity is magnified. You aren’t just securing a perimeter; you’re securing hundreds of microservices communicating in real-time.

Buoyant and TestifySec are changing that narrative. By combining FIPS-validated service mesh technology with pipeline-native compliance automation, we are helping organizations and agencies shrink compliance timelines with cryptographic proof at every step.

How to meet NIST 800-53 requirements?

To sell to Government agencies or to operate within them, you need a secure product and proof of that security. Compliance frameworks like FedRAMP and FISMA both rely on the NIST 800-53 control catalog. They require both the technical implementation of security controls and verifiable evidence that validates them.

The partnership between Buoyant and TestifySec helps alleviate the resources needed to implement these controls through:

  • The Technical Foundation (Buoyant): Buoyant Enterprise for Linkerd provides automatic mutual TLS (mTLS) encryption for all service-to-service communication. Additionally, it uses FIPS 140-2/140-3 validated cryptographic modules, satisfying strict Federal requirements for data in transit, and provides a FIPS dashboard to simplify the auditing process.
  • The Compliance Automation Layer (TestifySec): Even with encryption in place, proving it to auditors can take months. TestifySec automates this by capturing cryptographically-signed attestations directly from CI/CD pipelines—including evidence of Linkerd’s encryption configurations. These attestations map to NIST 800-53 controls and generate System Security Plans (SSPs) in OSCAL format, replacing manual screenshots and developer surveys with tamper-evident proof.

Why are Buoyant and TestifySec better together?

Whether you are a software vendor seeking FedRAMP authorization or a Federal agency modernizing under FISMA guidelines, this partnership offers three distinct advantages:

  1. Velocity Without Friction: Linkerd provides automatic mTLS for all in-cluster traffic, covering both the control plane and data plane without requiring changes to application code. TestifySec captures attestations for these configurations automatically—no screenshots or developer surveys required.
  2. Continuous Compliance: Compliance isn’t a “one and done” event. TestifySec provides ongoing validation and automated reporting alongside Linkerd’s FIPS dashboard that offers real-time proof of encryption and readily available CMVP numbers for auditors.
  3. Simplified Procurement: Both Buoyant and TestifySec are available through Carahsoft, making it easier to leverage existing contract vehicles to acquire the full solution and removing red tape from the purchasing process.

 

The shift to Kubernetes shouldn’t be a compliance hurdle. By combining the world’s fastest, lightest FIPS-validated service mesh with pipeline-native compliance automation, Buoyant and TestifySec are making the Federal market accessible to the next generation of innovators and helping agencies secure their missions faster.

Learn more about FIPS-validated encryption with Buoyant and the partnership with TestifySec.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Buoyant, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Revolutionizing Road Safety: How Blyncsy Uses AI To Leverage Dashcam Footage

Posted on by
Reply

By accessing over a million commercial dashcams, Blyncsy, a part of Bentley Systems, uses movement intelligence to improve mobility and transportation, uses artificial intelligence (AI) vision to pinpoint roadway issues, extrapolate pain points and alert local officials with the most efficient solution to the problem.

Infrastructure Pain Points

State and Local Governments rely on manual inspections to maintain roadways. These are incredibly expensive, as Light Detection and Ranging (LiDAR) systems cost 200 dollars or more per mile to operate. These fact-finding missions are both labor-intensive and time-consuming.

Information collected to make informed decisions on roadway maintenance is often coming from multiple sources. Fragmented and sometimes outdated data makes informed analysis difficult to obtain. Government officials need to be able to take these data points and interpret their value to suit modern needs, such as the wear of heavier electric vehicles and extreme weather on roadways, the use of autonomous vehicles and population increase in urban areas.

How AI-Vision Works

Blyncsy’s AI-Vision collects images from commercial dashcams currently on roadways around the country. The journey from raw footage to data analysis takes place in three steps:

  1. Upload and Validate: Images are collected and validated by examining meta details such as direction information, date and time stamps and heading information.
  2. Segment: AI-Vision breaks down the image and groups like objects together.
  3. Mask: Blyncsy highlights the segments that are valuable to the relative Government agency and provides near real-time insights.

Bentley Systems purchases the footage from partnering dashcam providers and makes the data available to State and Local officials that allow them to make informed and cost-effective decisions to improve their infrastructure. Proactive maintenance applications allow agencies to combine disparate data points to demonstrate how they interact with each other. For example, Blyncsy’s AI-Vision can identify a crosswalk in an image, then analyze the condition of the crosswalk paint and surrounding streetlights. This comprehensive analysis can help agencies quickly determine which intersections are not safe for pedestrians, and subsequently where they should be focusing maintenance efforts.

Blyncsy’s Capabilities

With the dashcams passively capturing and uploading every detail of the roads their drivers travel, Blyncsy’s practical applications are as numerous as the elements they capture.

  1. Safety Critical Assets: From guardrail detection and damage to paint line degradation, the AI-Vision can capture and evaluate the extent of the damage, determine whether the damage is severe enough to require immediate repair. Hawaii is the first to utilize this technology state-wide to detect vegetation encroachment and guardrail damage. As a result, the Hawaii Department of Transportation (HIDOT) can prioritize resolving the most critical safety issues.
  2. Roadway Detection: Similarly, AI-Vision can detect roadway conditions, including recognizing potholes and pavement cracking and issuing a Pavement Surface Evaluation and Rating (PASER) score, where ratings can indicate good or poor pavement condition.
  3. Sign Inventory: Blyncsy can identify how each sign it captures is categorized according to their Manual on Uniform Traffic Control Devices (MUTCD) Classification. From there, it can assess damage and even recognize whether a sign is missing. They can also perform Optical Character Recognition (OCR) on signs to read the text.

These are only a few of the numerous ways Blyncsy’s AI-Vision technology can make roadway and infrastructure maintenance more efficient and cost-effective.

 Watch Blyncsy CEO Mark Pittman discuss the capabilities of AI-Vision and how it can help optimize your infrastructure maintenance systems.

To learn more about Blyncsy (a Bentley company) or Bentley, or to schedule a demo, contact Bentley@carahsoft.com or call (703) 673-3570.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Blyncsy, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Securing Air-Gapped and Classified Environments: The Importance of Customized Endpoint Protection

Posted on by
Reply

Military and intelligence agencies manage extremely sensitive information, and their missions often require them to operate in high-risk environments where even the slightest breach of security or sensitive data exposure means disastrous results to the mission and to national security. Their most vital networks are air-gapped—disconnected from the internet—so cloud-native security tools cannot secure these sensitive assets.

There is a myriad of reasons organizations choose to air-gap their systems. To effectively secure classified networks, weapons systems, tactical field systems and critical infrastructure, agencies are faced with the challenge of building and maintaining a security strategy involving endpoint, network and data security defenses that can deliver strong cyber command and control without relying on internet connectivity.

No Single Strategy is 100% Attack Proof

Physically or logically isolating networks into air-gapped networks is a sound security strategy that defense, intelligence and civilian agencies employ to prevent access to sensitive or classified systems and operations. Yet their isolation alone is not enough to ensure air-tight security.

While air-gapping does reduce remote risk, it is not exactly immune to cyber risk. Air-gapped environments are designed to block external adversaries by isolating networks from the internet or a broader enterprise. But that isolation inevitably shifts risk toward the people who do have access—admins, operators, contractors, maintenance staff and trusted vendors. By eliminating one problem, there is often an unintended consequence of risk—by blocking outsiders, threat likelihood from insiders becomes concentrated.

In most air-gapped environments, a small set of users has elevated access. Patching and updates are slow, and monitoring is limited or entirely local to the air-gapped network. Due to the isolation of the systems, physical presence is required, increasing insider impact. This makes insiders the most capable attack vector—whether through malicious or simply negligent behavior. 

Air-gapped environments make heavy use of Universal Serial Bus (USB), compact disks (CDs), digital versatile disks (DVDs), portable Solid-State Drives (SSDs) and sneakernet to move data from system to system, and to apply updates and patches. This offers the opportunity for tampering, and these environments often lack the continuous monitoring needed to spot and stop these risks, resulting in threat detection gaps and delays.  A mature data protection strategy is vital in air-gapped environments to thwart insider threats.

Because air gapped systems rely entirely on local security measures, organizations must build layered, robust defenses to secure classified and sensitive assets. Local protection is everything, and for high-risk agencies that means monitoring and securing every single endpoint.

How Endpoint Protection Fills the Gaps

Endpoint protection is a broad term describing technology and strategies used to secure end-user devices, such as laptops, computers and mobile devices. Since these devices get the most direct human interaction while housing vital data, they are exceptionally vulnerable to cyberattacks, even in air-gapped networks. To avoid critical breaches, security operators must be able to detect, prevent and respond to threats on each endpoint device in any given environment, especially when they interact with classified data.

Many organizations are turning to cloud-native endpoint security solutions that depend upon cloud-based machine learning for anomaly detection. While these endpoint security tools may be suitable for some systems and some environments, they depend on the cloud to function so they cannot operate in disconnected or air-gapped environments. This opens security gaps, leaving devices vulnerable to cyberattacks and insider threats. Security teams can solve this problem by investing in endpoint protection approaches that are well-suited to air-gapped environments, enabling the visibility and control necessary to safeguard these critical systems.

The Benefits of Customizable Endpoint Protection

The ability to tailor security for nuanced policy control and security monitoring—including specific configurations for user roles, device types or classification levels—is crucial to ensure a strong security posture. Endpoint security solutions must also be established independently from the cloud, to run behavioral analytics even in fully isolated network enclaves.

When a threat occurs, detailed information is vital to protecting high-value assets, and robust air-gapped endpoint security systems enable rapid identification and threat mitigation while providing analysts with forensic data for investigation. This critical context also informs refinements to tailor and optimize the security approach for the environment’s unique mission.

Implementing a Zero Trust approach is still vital to reducing threats to air-gapped environments, just as it is in internet-facing networks. Hardening systems by ensuring only trusted software can execute enables the mission but not an attacker.

Safeguarding the data from insider threats is another important element of a mature air-gapped security operation. Data Loss Prevention (DLP) offers an important countermeasure against cybersecurity risk in air-gapped environments and allows security teams the ability to ensure that organizational data is appropriately controlled. 

Two Industry Leaders, One Unbreakable Line of Defense

Defense and intelligence agencies cannot afford to leave gaps from security tooling that is unsuitable to defend disconnected networks and endpoints. They need an endpoint security suite built for their world—one that delivers advanced security capabilities to offline, high-stakes and mission critical IT systems. Symantec and Carbon Black deliver exactly that: proven protection designed for Federal environments.

Both solutions are purpose-built for Government, but each brings its own strengths to the field:

  • Symantec delivers powerful static and dynamic malware analysis, plus built-in USB device management to automatically flag and quarantine malicious media. Symantec also offers an industry-leading DLP solution well-suited to air-gapped environments where ensuring data is properly safeguarded is mission-critical.
  • Carbon Black provides deep behavioral detection and advanced Endpoint Detection and Response (EDR), capturing forensic logs, watchlists tuned to the unique environment and analytics to support detailed investigations. Carbon Black also enables organizations to establish a positive security model with policy-based governance to ensure their systems only execute trusted software and use only allowed removable media devices.

Joined together, renowned brands Symantec and Carbon Black offer proven, mature solutions to safeguard air-gapped environments and data by providing visibility to identify threats and streamline investigations and protection policies to neutralize threats. Their combined detection and granular visibility close the gaps left by cloud-reliant platforms—especially necessary in disconnected air-gapped and bandwidth-constrained environments—giving agencies the command and control they need to stop threats before they compromise the mission.

Watch the expert webinar to hear how Department of War guest speakers are addressing their endpoint security gaps.

Can’t get enough? Download NextGov/FCW’s latest article for deeper insights on the fight to secure air-gapped environments.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Broadcom, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Cybersecurity Automation: Strengthening Defense in a Resource-Strapped Environment

Posted on by
Reply

If you work in Government agencies or as a contractor, you feel the pressure to do more with less every day. Security teams in particular have to reduce response times despite limited staff and resources.

Cybersecurity automation gives a practical way to manage these tasks without relying on constant hiring. Two core compliance frameworks that shape this work for you are the National Institute of Standards and Technology (NIST) Cybersecurity Framework and the Cybersecurity Maturity Model Certification (CMMC).

NIST organizes cybersecurity activities into five functions: Identify, Protect, Detect, Respond and Recover. Meanwhile, CMMC defines maturity levels and specific practices across domains, such as access control, auditing and incident response. Let’s explore three cybersecurity automation strategies that help organizations strengthen their defense.

Why Cybersecurity Automation Is Important

For security teams, a typical day revolves around manual triage, status chasing and spreadsheet maintenance. Cybersecurity automation changes it by pulling live data from your systems to maintain current asset and risk inventories. This happens without asking people to update information by hand.

Under NIST’s Identify function, this means you can see where your critical assets live and how they change over time. On the other hand, the Protect function benefits from automated patching, network segmentation and access monitoring that do not depend on someone remembering to run a script.

Cybersecurity automation also strengthens access control. It enables security professionals to manage who joins, moves and leaves networks and critical systems. At the same time, it keeps user privileges aligned with each user’s role.

This automation handles all your repeatable tasks, allowing you and your teams to spend more time on strategic risk decisions instead of routine checks. You can easily keep pace with security requirements even when the headcount is tight.

Three Ways Cybersecurity Automation Reduces Risks

The main purpose of automating cybersecurity is to minimize threats and speed up recovery and incident response times. Below are three cybersecurity automation strategies that help achieve that:

Smarter Threat Detection

Staff shortages directly or indirectly impact almost every step of your security process. This also includes your ability to watch for threats around the clock. With manual scans and periodic log reviews, your team is more likely to leave gaps that adversaries can take advantage of.

Cybersecurity automation closes those gaps by running continuous monitoring and correlating logs across your security operations center. It also surfaces patterns, such as unusual data transfers or login behaviors, that deserve a closer look. This lines up directly with the Detect function of the NIST Cybersecurity Framework, which emphasizes the timely discovery of cybersecurity events.

Automated anomaly detection can learn what “normal” looks like in your environment and instantly flag deviations for investigation. Your analysts don’t have to stare at dashboards all day. This way, you give your security operations greater depth without adding more people to the roster.

Additionally, CMMC strengthens this need through the AU (Audit and Accountability) domain. It expects systematic collection, protection and review of audit logs. Automation can collect and timestamp events, retain them according to policy and perform first-level analysis to find suspicious sequences. If you work in Government services, this type of threat detection raises your confidence that your team won’t miss any meaningful events.

Faster Incident Response and Recovery

Security teams feel the need for more staff members, especially when something goes wrong. A strong incident response plan only helps if you can execute it quickly and consistently.

Cybersecurity automation brings that plan into action by triggering playbooks as soon as a qualifying event occurs. The automated system instantly isolates affected systems, blocks malicious IP addresses and starts forensics workflows without waiting for someone to manually coordinate the steps.

NIST’s Respond and Recover functions call for well-defined processes that you can rely on during stressful situations. With automation in place, regular backups can be created and tested according to schedule. It also makes sure recovery takes place before systems return to production and that every step is logged for later review.

CMMC’s IR (Incident Response) domain expects this level of definition and documentation. This is much easier to achieve via automation than phone calls or ad hoc emails.

Compliance Made More Manageable

Agencies and contractors working in regulated environments must show that they consistently follow their stated controls. NIST SP 800-53 includes controls that can be supported through cybersecurity automation, such as CA-7 for continuous monitoring. It runs assessments on a defined cadence and produces standardized reports for reviewers.

For security teams, this means they can rely on their automation solutions to maintain an up-to-date record of control performance.

CMMC evaluates maturity across Risk Assessment (RA) and Security Assessment (CA) domains. Automation can help you bring together threat, vulnerability and asset information to support cybersecurity activities without adding new layers of manual work. These include objective risk scoring, tracking remediation activities and monitoring third-party risks.

This automates the flow of information and helps security teams, auditors and compliance leaders easily interpret the results. You still own the decisions, but security automation makes it much easier to show how your program aligns with compliance requirements.

Choosing the Right Cybersecurity Automation Platform

If you’ve already started planning to put these strategies into practice, you may still be wondering which security automation platform to choose. As a general rule of thumb, look for a solution that:

  • Connects to your existing cybersecurity technology, tools and processes
  • Supports a range of users, from CISOs and risk officers to analysts and auditors
  • Offers no-code or low-code options, as they allow security teams to design and adjust workflows without requiring many development resources
  • Aligns with your long-term Governance, Risk and Compliance (GRC) strategy while giving you quick wins in log review, alert triage, incident response and control testing
  • Ties with NIST and CMMC requirements
  • Comes with strong reporting and user experiences

Onspring offers all these features to security teams. Their no-code GRC platform connects risk, compliance and audit data so you can manage policies, assessments and issues in one place.

The platform has strong social proof. Their customers report saving up to 70% of the time they once spent managing policies, consolidating 12% of their applications and improving overall business efficiency by 33%.

Onspring also automates repetitive tasks and displays everything on spreadsheets and dashboards for easy collaboration. It also has GovCloud support for Government environments, which enables CISOs, auditors and security teams to manage security-related functions on autopilot.

Connect with Onspring’s team to understand how their cybersecurity automation capabilities can reduce risks in diverse environments.

Discover How Automation Reduces Cybersecurity Risks

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Onspring, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.