TechNet Cyber 2025: Top 5 Insights on Zero Trust, Interoperability and More

Posted on by Mike McCalip

Technology is a vital part of the United States Department of Defense (DoD)’s capabilities, making security and enhancements essential to the nation’s stability and growth. AFCEA International’s flagship event, TechNet Cyber, emphasizes the role of cybersecurity and IT within the DoD. Alongside its partners, such as such as Amazon Web Services (AWS), Everfox and Ciena, Carahsoft attended TechNet Cyber to support DoD mission objectives. Carahsoft maintains a unique position in the defense industry with the ability to connect DoD and intelligence community (IC) personnel, Government IT decision-makers, thought leaders and industry and vendor partners. At this year’s conference, leaders and operators in the IT and Defense Department joined to network, facilitate problem solving and explore ways to expedite and secure the procurement process.

1. Expanding Zero Trust: “Flank Speed” is Ready to Scale

To safeguard against potential cybersecurity attacks, the DoD is working to secure its networks with Zero Trust, a security strategy focused on identity, credential and access management. In the session “DoD Zero Trust Success Stories,” David Voelker, Zero Trust Architecture Lead for the Department of the Navy, discussed recent initiatives to bolster Zero Trust within Flank Speed, the Navy’s single enterprise Microsoft 365 solution that provides productivity tools, collaboration tools and OneDrive storage. The Navy plans to implement autonomous penetration testing to identify which of its 152 Zero Trust capabilities are applicable to baseline, as well as bolstering the many programs within the Navy, with the goal of purchasing and deploying these capabilities by the end of the 2027 fiscal year.

Another speaker, Ian Leatherman, the Zero Trust Strategy Lead for Microsoft U.S. Federal, discussed key takeaways from Microsoft’s work with Flank Speed. Visibility into agency networks is critical to emboldening existing Zero Trust strategies. Mr. Leatherman stated, “When in doubt, collect the telemetry: you never know what new or novel adversary techniques you may find.” Knowing exactly how many endpoints, applications and users are on the network at any given time positions the DoD to swiftly deal with incoming threats.

Leatherman also discussed recent initiatives to involve all Navy personnel in a cybersecurity strategy; security is more than a technology solution, but a way to ensure safety within the agency. David Voelker, Zero Trust Architecture Lead at the Department of the Navy echoes this statement. While the Zero Trust Portfolio Office set their DoD-wide Zero Trust adoption target as the end of fiscal year 2027, Flank Speed is already operational. Voelker notes that the Flank Speed configuration could be lifted and shifted to other customers in the DoD, with a quick deployment time of under 24 hours. Mr. Voelker also recommends automating this shift.

Carahsoft and our vendor partners offer several cybersecurity solutions to help Government agencies implement Zero Trust architectures that protect critical information and reduce national security risk. Our offerings align with Public Sector Zero Trust maturity models developed by NIST, the DoD and CISA.

Carahsoft, TechNet, blog, embedded image, 2025

2. How Mission Objectives Drive Acquisition

Acquiring powerful, up-to-date technology enables the DoD to protect against persistent and increasingly sophisticated cyber-attacks. The DoD aims to streamline its procurement process to maintain pace and safeguard against attacks. In the session “DoD Software Modernization Senior Steering Group,” speaker Sean Brady, Senior Lead for Software Acquisition Enablers at the Office of the Undersecretary of Defense (Acquisition and Sustainment), explained that there are two key drivers to this transformation. The first is mission objectives; software should be tailored to allow the DoD to adapt its systems to rapidly changing threats. The second is access to commercial innovation, which allows the DoD to access products in weeks or months rather than years.

3. Digital Transformation for Operational Effectiveness

Digital transformation in the DoD is crucial for maintaining pace with an increasingly technology-driven security environment. Thomas W. Simms, Principal Deputy Executive Director for Systems Engineering and Architecture at the Office of the Under Secretary of Defense for Research and Engineering, discussed the major digital transformation efforts within the DoD.

The main four are:

Modular Open Systems Approach (MOSA), a congressional requirement that integrates technical and business strategies to promote acquisition and drives modular designs

The DoD’s Digital Engineering Instruction, which requires programs to use digital engineering in their design process

Application Program Interfaces (APIs), a ruleset that allows communication between software applications and is driven by the DoD’s API guidebook, which enables the DoD to become more data-centric

The DoD’s System Engineering Guidebook, which is currently undergoing an update to incorporate guidance from the Secretary of Defense’s latest memos

By modernizing legacy systems and enabling the DoD to acquire the newest and greatest in IT, these initiatives enhance operational effectiveness and improve decision-making speed.

4. Fast-Tracking Authority to Operate (ATO)

In the defense industry, technology must be approved to mitigate security risks. The Software Fast Track (SWFT), a process that expedites software verification within the U.S. Government, is changing the way the DoD manages risks and conducts Authority to Operate (ATO). Contractors can get involved with the latest software acquisition and risk management changes by participating in the three recently released requests for information (RFIs).

These RFIs, which close May 20^th, are:

RFI – Software Fast Track (SWFT) Tools

RFI – Software Fast Track (SWFT) External Assessment Methodologies

RFI – Software Fast Track (SWFT) Automation & Artificial Intelligence (AI)

Katie Arrington, the Acting DoD Chief Information Officer (CIO), also discussed the Software Fast Track (SWFT) set to launch on June 1^st of this year. The initiative will replace the traditional Authority to Operate (ATO) structure and add a few requirements, such as third-party Software Bill of Materials (SBOM), third-party risk assessments and the population of Enterprise Mission Assurance Support Service (eMASS) with artifacts. Once these guidelines are in place, contractors will gain a Provisional ATO.

Ms. Arrington attests that these changes will revolutionize the Risk Management Framework (RMF) by allowing industry experts to provide feedback to the DoD. Paper compliance isn’t enough anymore, Ms. Arrington says. The DoD is looking for “continuous monitoring, red-teaming and people to continually evaluate their capability.”

She also added that the DoD will be sunsetting the Approved Products List (APL). Additional sponsor additions are no longer being accepted. Instead, the SWFT initiative will take over, establishing a “trust, but verify” procedure, promoting both security and swift ATO action.

5. Using Interoperability to Pitch to DoD

As operations increasingly move online, interoperability becomes increasingly important to efficiency and accessibility. Venice Goodwin, the outgoing CIO for the Department of the Air Force, offered advice to industry professionals on navigating changes within DoD. Goodwin recommends that the industry practice “extreme teaming;” rather than service each department individually: vendors should focus on servicing the DoD as a whole. As the DoD prioritizes capabilities that have cross-departmental benefits, industry experts should demonstrate the effectiveness of their capabilities and solutions in every domain across land, sea, air and space. With this collaboration, both the Private and Public Sector can get the results they need.

The digital transformation journey within the Department of Defense represents not just an evolution of systems, but a commitment to defending interests at home and abroad. Acquisition, ATO and Zero Trust are all valuable assets to maintaining pace with the current, constantly evolving technological climate, ensuring the United States carries out its mission of protecting the nation.

To learn more about mission-critical technology, visit Carahsoft’s defense portfolio to explore solutions showcased at TechNet Cyber. For additional research into the key takeaways that industry and Government leaders presented at TechNet Cyber, view Carahsoft’s full synopsis of key sessions from the tradeshow. 

The Switch to Proactive Network Resilience Management to Maintain Operational Continuity

Posted on by Matt Malarkey

Due to the threat of modern ransomware gangs and Advanced Persistent Threats (APTs), critical infrastructure organizations face unprecedented challenges from sophisticated adversaries. These gangs and APT groups, such as Volt and Salt Typhoons, seek to compromise and disrupt the operations of critical national infrastructure (CNI) for financial gain or to cause economic and societal harm. Luckily, organizations can combat these attacks by shifting from traditional defensive approaches to a comprehensive network resilience strategy that ensures operational continuity through proactive management.

The Critical Shift from Defense to Resilience

With mission-critical systems increasingly dependent on network availability, cybersecurity is a top priority. Traditional security approaches have primarily focused on hardening defenses against external threats. However, this strategy has proven insufficient as sophisticated attackers continue to infiltrate networks and are increasingly exploiting weakly configured or vulnerable network devices to carry out their attacks. The consequences of such breaches extend beyond security concerns to operational, financial and reputational damage that can undermine an organization’s core mission.

Network devices are particularly attractive targets because they serve as the connective tissue for all organizational IT operations. When compromised, these devices provide attackers with persistence, lateral movement capabilities and access to sensitive data flows. Additionally, misconfigurations and unplanned changes to these devices—whether malicious or accidental—can result in disruptive outages at precisely the wrong moment.

To address these challenges, organizations need a tailored network resilience strategy built on the four pillars of operational resilience:

Business Continuity: Maintaining critical business functions and mitigating interruptions to mission-critical services
Risk Management: Assessing proactively to identify and address potential failure points before they impact operations
Cybersecurity: Utilizing trusted hardening guides and security frameworks, such as those provided by the US National Institute of Standards and Technology (NIST) and the UK National Cyber Security Centre (NCSC), to monitor, detect and respond to cyber attacks and insider threats
Disaster Recovery: Regaining access to and use of critical systems and restoring services as soon as possible following an outage

This approach recognizes that network security must be redefined as the proactive protection and assurance of business services, applications and data. This strategy shifts the goal from merely defending the perimeter to ensuring systems remain available and recoverable, and therefore trustworthy.

Titania, Network Resilience, blog, embedded image

Implementing Continuous Network Resilience Management

Organizations must switch to viewing their network security as something that must be continuously and proactively protected. By focusing on network readiness, resilience and recoverability, organizations can quickly detect problems within their network and reduce risk to their business, all which aligns with the latest compliance and security mandates. While shifting to continuous network resilience may seem daunting, Titania, a world-leader in network configuration analysis for routers, switches and firewalls, can help.

Here are five ways that Titania enables organizations to shift from risk-based vulnerability management to continuous network resilience management:

Offers full network visibility, equipping organizations to swiftly identify anomalies. Titania’s platform establishes a configuration baseline that identifies all changes, differentiating between planned and unauthorized ones, enabling teams to automatically identify anomalies and potential indicators of compromise (IOCs). This includes identifying macro-segmentation violations, such as changes to or presence of unauthorized internet protocols (IPs), ports and users that could signal an active threat.
Assesses network segmentation to contain breaches. Network segmentation prevents or delays bad actors from moving laterally within a business, which would allow them to access more of the network than otherwise possible. By hardening and effectively segmenting all routers, switches and firewalls, Titania helps reduce risk to a business’ mission-critical objectives.
Analyzes and remediates network exposure. Titania helps organizations assess misconfigurations and software vulnerabilities based on the specific tactics, techniques and procedures (TTPs) that threat actors use. To minimize exposure to APTs and ransomware, Titania automatically prioritizes remediation workflows to address the most critical and likely TTP risks.
Maintains accurate configuration management database (CMDB) to aid business continuity and disaster recovery. By tracking all configuration changes, whether planned or unauthorized, Titania enables businesses to swiftly recover from any potential breaches. Titania also enables network operations center (NOC) teams to manage configurations-as-code, ensuring potential disruptions are identified and addressed during pre-deployment configuration testing.
Assures networks comply with both internal and external mandates. Titania cross-checks network configurations to determine adherence to mandated requirements, automatically reporting pass/fail compliance with US, EU and international hardening standards and risk management frameworks (RMFs).

As threats continue to evolve and mission objectives become intertwined with network infrastructure, the ability to ensure operational continuity through comprehensive network resilience management will become a defining characteristic of successful cybersecurity programs. By implementing solutions that address the full spectrum of network security challenges, Government agencies and commercial organizations can protect their mission-critical services and maintain the trust of those who depend on them.

To learn more about implementing a comprehensive network resilience strategy for your organization, visit Titania’s Nipper Resilience product page.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Titania we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Unlocking Productivity: How the Latest Creative Tech Innovations Support Government Teams

Posted on by Gary Reburn

The pace of technological advancement continues to accelerate, and creative tools are no exception. For Government teams tasked with producing clear communication, detailed documentation or visually compelling reports, these innovations are more than just upgrades — they represent opportunities for greater efficiency, accessibility and impact.

Recent updates announced during major creative technology conferences in late 2024 introduce a new generation of features specifically suited to the evolving needs of Public Sector organizations. Here’s a look at how these enhancements can deliver real value.

Streamlining Collaboration Across Agencies

In the Government space, collaboration is often complex. Projects frequently involve multiple departments, external partners and strict compliance requirements. New cloud-based workflows offer:

Real-time co-editing: Teams can work simultaneously on documents, presentations or multimedia projects, reducing bottlenecks.
Version history and tracking: Enhanced tools help manage approvals and ensure compliance with audit-ready records.
Role-based permissions: Simplified access controls allow teams to securely share content without risking data integrity.

These features are crucial for agencies seeking to enhance teamwork while maintaining accountability and transparency.

Boosting Accessibility and Inclusivity

Accessibility is a fundamental priority for government organizations. New creative platform updates now integrate accessibility tools directly into content creation processes, offering:

Automated alt-text suggestions for images to meet WCAG standards.
Built-in accessibility checks to catch issues early in the design stage.
Simplified document tagging to ensure content is screen-reader friendly.

These innovations support Government mandates for inclusive communication, making it easier to serve all constituents.

Enhancing Visual Storytelling

Government messaging often demands clarity and impact. Recent creative updates deliver more powerful storytelling tools without requiring specialized design expertise:

Adobe, Creative Cloud, blog, embedded image, 2025

AI-assisted layout and design recommendations: Automatically suggest polished layouts for reports, social media posts and outreach campaigns.
One-click video editing: Tools that allow users to quickly trim, subtitle and brand videos for public service announcements or training sessions.
Customizable templates: Pre-built templates tailored to common Public Sector needs like policy briefs, public notices and infographics.

These capabilities empower Government communicators to produce professional-grade materials quickly and cost-effectively.

Strengthening Data Security and Compliance

Security remains paramount in Government operations. New creative technology offerings emphasize robust protections:

Enterprise-grade encryption for all files stored or transmitted via the cloud.
Secure identity management to control user access based on agency credentials.
Data residency options to comply with Local or Federal storage regulations.

By embedding these features natively into creative workflows, teams can innovate confidently without sacrificing security.

Embracing Sustainable Practices

Sustainability goals are becoming a priority across Government sectors. Updated creative tools now include eco-conscious features such as:

Optimized file formats that reduce storage needs and energy consumption.
Remote collaboration capabilities that minimize travel requirements.
Digital-first design options to support paperless initiatives.

These enhancements align with broader efforts to lower carbon footprints and demonstrate environmental stewardship.

Ready to Explore the Full Potential?

To learn how Adobe Creative Cloud’s newest updates can help your Government team improve collaboration, accessibility, security and impact, connect with us today.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Adobe we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

The Top 10 DevSecOps Events for Government in 2025

Posted on by Rich Savage

In the modern digital age, security practices must keep pace with the rapid speed of software development. DevSecOps revolutionizes this by embedding security into every phase of the development lifecycle, ensuring that security is a shared responsibility from the very start. This approach is particularly crucial for the Public Sector, where agencies build and deploy software that must meet continuously evolving security standards.

Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®, features numerous solutions for Government IT decision-makers, industry and vendor partners and technology thought leaders, including those in DevOps and DevSecOps Solutions and Services. At several key events Carahsoft is participating at this year, attendees will learn about security best practices, discuss emerging trends, take part in hands-on workshops and much more, ensuring agencies stay up to date with the latest developments in DevSecOps and cybersecurity. Here are the top events to watch for in 2025.

RSA Conference 2025

April 28-May 1 | San Francisco, CA | In-Person Event

Through technical sessions, hands-on labs and connecting with top professionals, attendees will discover unparalleled opportunities for networking, as well as insights into cutting-edge cybersecurity technologies, best practices and strategies to protect against evolving threats. Attendees should look for sessions that cover data protection, Zero Trust initiatives and AI applications in cybersecurity.

As a proud key participant in the RSA Conference, Carahsoft partners with leading cybersecurity vendors to offer tailored solutions that address the unique needs of Federal, State and Local agencies. Carahsoft is also excited to host the 12th Annual RSA Public Sector Day at RSA Conference on Monday, April 28. This year’s program will examine key areas such as developing a strong cybersecurity workforce, understanding the impact of AI on both offensive and defensive cyber operations and improving the exchange of information among government entities. Following RSA Conference on Tuesday, April 29 Carahsoft is hosting our Public Sector Reception from 6:00 pm – 9:00 pm at The Conservatory at One Sansome.

Offset Symposium 2025 by Second Front Systems

May 15 | Washington, D.C. | In-Person Event

This symposium features cutting-edge solutions in areas such as AI, cybersecurity and advanced software systems, giving Government, defense and industry leaders the opportunity to explore the latest innovations in national security and defense technology. Attendees will gain insights from thought leaders, participate in hands-on demonstrations and engage in high-level discussions aimed at driving defense capabilities forward.

Sessions to look out for:

The Future of Strategic Offsets – Bridging Technology and Defense

AI-Powered Defense Solutions

Cyber Resiliency in Modern Warfare

The Role of Open Source in Defense Innovation

As a Platinum Sponsor, Carahsoft will showcase its expertise in defense solutions through an interactive booth, speaking engagements and a VIP networking session. Be sure to stop by our booth and speak with one of our team members!

AWS Public Sector Summit

June 10-11 | Washington, D.C. | In-Person Event

Carahsoft Top DevSecOps Events Blog Embedded Image 2025

To meet the unique challenges of the Public Sector, this summit brings together Government, education and nonprofit leaders to explore the latest cloud innovations and solutions. Attendees will gain insights from industry experts, participate in hands-on workshops and learn how AWS enables organizations to accelerate their digital transformation, enhance security, integrate cloud security solutions into DevSecOps and improve mission outcomes.

Join Carahsoft, a leading distributor of cloud solutions to the Public Sector and a trusted AWS partner, in DC and stop by our Carahsoft Pavilion, featuring our vendors Anchore, Hashicorp, Hyland, Rackspace, Second Front and more. Join us after the first day of the summit on June 10 for a networking event just a short walk away at Planet Word Museum!

Carahsoft’s DevSecOps Conference

July 29 | Reston, VA | In-Person Event

Our premier event will explore the integration of security into the development lifecycle, leveraging automation, compliance frameworks and modern tools to enhance operational efficiency. Attendees gain actionable insights into trends, challenges and best practices for secure application delivery, legacy system modernization and meeting compliance mandates, fostering collaboration and innovation across the Government technology landscape.

This Carahsoft-hosted conference features fireside chats, presentations and technology demonstrations from Government leaders and industry experts. For an idea of what to expect at our 2025 event, check out last year’s videos and resources at our resource hub. If you are a vendor interested in sponsorship opportunities, please reach out to us at DevSecOpsMarketing@Carahsoft.com.

DevSecOps World Tour by GitLab

October | Washington, D.C. | In-Person Event

Through expert-led sessions, hands-on workshops and real-world case studies, attendees will explore the latest trends, tools and best practices in DevSecOps and gain valuable insights into security, enhancing collaboration and the best practices of integrating security seamlessly into the DevOps lifecycle. Attendees should look for sessions about global software development trends and success stories from Public Sector clients.

Carahsoft enables attendees to explore tailored solutions that streamline workflows, ensure compliance and accelerate the adoption of secure software development practices. Check out the events tab on our website for more information closer to the date of the event.

DevSecCon by Snyk

October | Virtual Event

With a focus on bridging the gap between security and development, offering insights into the latest trends and providing tools and practices in DevSecOps, this event will explore best practices for integrating security into the software development lifecycle. Through a combination of keynote speeches, hands-on workshops and interactive sessions, attendees will gain valuable knowledge on securing cloud-native applications, mitigating risks and enhancing collaboration between security and development teams.

Tracks at this event include AI Security, Open Source Security and Security Culture & Education

At DevSecCon, Carahsoft showcases its partnerships with top-tier vendors, offering attendees the opportunity to learn about cutting-edge technologies and solutions tailored to enable the Public Sector to become DevSecOps compliant while meeting their unique needs. To learn more about Carahsoft and Snyk’s DevSecOps capabilities and how we will be involved in this event soon, visit our website.

KubeCon + CloudNativeCon North America

November 10-13 | Atlanta, GA | In-Person Event

By uniting developers, operators and technology leaders to explore the latest innovations in containerization, microservices and cloud-native architectures, this event provides attendees with hands-on workshops and technical sessions to learn from industry experts on topics ranging from Kubernetes and container orchestration to DevOps, security and cloud infrastructure. Attendees should look for sessions about Kubernetes security, cloud-native security tools and DevSecOps automation.

Carahsoft’s booth and vendor demo kiosks will present solutions for secure Kubernetes deployments in Federal agencies. Check back soon to our events website for more information on this year’s event.

Splunk GovSummit

December | Washington, D.C. | In-Person Event

By providing a firsthand look at how Splunk’s data analytics, security and operational intelligence solutions can enhance mission-critical operations across Federal, State and Local agencies, this event enables attendees to gain insights from real-world case studies. Learn about emerging trends in data and network with industry leaders shaping the future of Government technology, as well as how to utilize Splunk for continuous monitoring in a DevSecOps pipeline.

As a key partner of Splunk GovSummit and distributor of Splunk’s powerful analytics platform, Carahsoft will provide a team of experts to share valuable knowledge, offer tailored solutions and facilitate connections between Government professionals and Splunk’s cutting-edge products, enabling attendees to transform data into actionable intelligence. To stay informed on our presence at Splunk GovSummit, visit our website and explore Splunk solutions.

Public Sector Network’s DevSecOps Virtual Event

TBA | Virtual Event

To provide a comprehensive look into the integration of security within the DevOps lifecycle, this event looks at incorporating security from planning through deployment. Topics covered include enhancing security measures, improving DevOps processes and ensuring compliance with Federal standards, all while addressing real-world examples and the unique needs of Government agencies. Attendees should look for sessions about security challenges, automation strategies and real-world use cases for DevSecOps in the Public Sector.

Carahsoft will showcase innovative solutions that enhance security, streamline workflows and ensure compliance, empowering Public Sector agencies to meet the demands of modern software development in a secure and efficient manner. Check out the events tab on our website for more information closer to the date of the event.

Red Hat Summit & Connect Series 2025

Multiple Dates | Multiple Locations | In-Person and Virtual Events

With both in-person and online options, this dynamic series of events brings together IT professionals, developers and business leaders to explore the latest innovations in Open Source technology, cloud-native solutions and automation. Featuring keynote sessions, expert-led workshops and hands-on labs, this conference empowers attendees to drive transformation within their organizations, improve efficiencies and accelerate their digital transformation journey. Attendees should look for sessions about security automation, containerization best practices and DevSecOps with OpenShift.

Carahsoft provides comprehensive support and expertise to help Government agencies, educational institutions and other Public Sector agencies leverage Red Hat’s innovative Open Source solutions. Carahsoft is a gold sponsor at this year’s event, and we will continue to update the details of our presence here.

Previous Event Highlights

Atlassian Team on Tour Government

Public Sector professionals joined to explore the latest tools and strategies for driving collaboration, efficiency and innovation across Government teams. This dynamic event showcased Atlassian’s solutions for managing complex projects, improving cross-functional workflows and fostering a culture of transparency and accountability. Attendees gained valuable insights from industry leaders, learned how to optimize team performance with Atlassian products and discovered best practices tailored to the unique challenges in Government.

As a proud key partner, Carahsoft brings its expertise in providing innovative IT solutions by offering attendees personalized insights on how Atlassian’s software can address their unique challenges and improve mission-critical operations.

By gaining new insights and perspectives on the right tools to continually integrate DevSecOps into every stage of the software development process, Public Sector agencies can ensure their systems remain secure. With DevSecOps, agencies can increase the delivery speed of their software, monitor systems in real time and collaborate with other agencies.

To learn more or get involved in any of the above events please contact us at DevSecOpsMarketing@Carahsoft.com. For more information on Carahsoft and our industry leading DevSecOps technology partners’ events, visit our DevSecOps solutions portfolio. 

The Top Autonomy and Robotics Events for Government in 2025

Posted on by Lauren Regiec

Autonomous technology and robotics are having a huge impact on and revolutionizing industries like construction, agriculture, energy, aviation, public safety and infrastructure for the Public Sector. Here is a list of great events you should know about. Carahsoft and our vendor partners are excited to help attendees learn about and adopt solutions in the field of automation and robotics. Join a variety of senior leaders, Government executives, innovators and IT professionals to explore the rapidly advancing field of autonomy and robotics and how it can help your agency or organization advance its strategies and innovation efforts.

AUVSI XPONENTIAL

May 19-22 | Houston, TX | In-Person Event

XPONENTIAL 2025 is the leading global event for uncrewed systems and autonomous technology, bringing together innovators, policymakers and industry leaders to shape the future of autonomy. Attendees will gain valuable insights from over 200 expert-led sessions, explore cutting-edge technologies from 500+ exhibitors and network with 8,500+ professionals from across the air, land and maritime domains. The event offers unparalleled opportunities to discover real-world applications, address regulatory challenges and accelerate the adoption of autonomous solutions across diverse industries. Whether you are driving innovation, navigating policy landscapes or seeking strategic partnerships, XPONENTIAL 2025 is the premier platform to advance your organization’s autonomy strategy.

For a sneak peek into what you can expect at the summit, topics covered during last year’s event included:

Cybersecurity

Data and Analytics

Implementation and Application

Infrastructure and Operations

Technical Development and Research

Carahsoft is thrilled to be sponsoring and participating in this event again. We will be featuring two demoing partners at our booth and look forward to sharing details about our reception following the event. Check back for more details closer to the event!

Energy Drone & Robotics Summit

June 16-18 | Houston, TX | In-Person Event

The 9th annual Energy Drone & Robotics Summit is the largest event in the world for unmanned aerial vehicles (UAVs), Robotics, Data, AI and ML, exclusively focused on the business and technology of unmanned systems, automation, data and AI in energy and industrial operations. Offering sessions in UAV and drone operations, maintenance and repair, marine robotics and more, this summit empowers geospatial leaders to adopt, adapt and scale.

Sessions to look out for:

Energy DataOps: GIS & 3D

Drone Geophysics & Remote Sensing

UAV/Drone Ops: Surveying & Mapping

The 2024 Energy Drone & Robotics Summit brought together industry leaders, innovators and tech enthusiasts to explore the latest advancements in unmanned systems, AI and data analytics for energy operations. With cutting-edge demos, insightful panels and hands-on networking, it was a powerhouse event for anyone looking to push the boundaries of automation in the energy sector. While Carahsoft’s involvement is still being finalized, we are planning to have a presence at this year’s event. Stay tuned for updates as we confirm our participation!

Commercial UAV Expo

September 2-4 | Las Vegas, NV | In-Person Event

Carahsoft Autonomy and Robotics Top Events Blog Embedded Image 2025

Commercial UAV Expo 2025 is the leading global event for professionals in the commercial drone industry, bringing together experts, innovators and decision-makers to explore the latest advancements in UAV technology. Attendees will gain valuable insights from over 100 expert-led sessions, discover state of the art solutions from over 200 exhibitors and network with over 3,500 industry professionals from sectors like construction, agriculture, energy, public safety and infrastructure. The event offers a deep dive into critical topics such as drone regulations, AI integration, beyond visual line of sight (BVLOS) operations and real-world case studies showcasing UAV success stories. Whether you are looking to adopt drone technology, optimize operations or stay ahead of industry trends, this expo is the must-attend event for commercial drone professionals.

For a sneak peek into what you can expect at the summit, topics covered during last year’s event included:

Surveying

Drone Pilots

Construction

Infrastructure

Energy and Utilities

This year, you can find Carahsoft on the show floor with several of our key Autonomy and Robotics vendors and spend time with us at our reception – more to come. Keep a look out for our reception on our website!

2025 NBAA Business Aviation Convention & Exhibition (NBAA-BACE)

October 14-16 | Las Vegas, NV | In-Person Event

The 2025 National Business Aviation Convention & Exhibition (NBAA-BACE) allows its exhibitors to showcase their latest innovations and services driving the business aviation industry forward. At NBAA-BACE, companies receive unparalleled access to a global audience of decision-makers, industry leaders and potential clients. Exhibitors will have the opportunity to connect with thousands of attendees, expand their reach and elevate their brand in front of key players looking for solutions and partnerships.

Carahsoft is looking forward to attending this year’s event and joining the aviation industry’s decision makers, buyers and brokers at the world’s most influential aviation event. We seek to support the future of aviation through strategic partnerships and innovative technology solutions. By working with industry-leading vendors, we provide government and commercial customers with the tools they need to enhance efficiency, security and sustainability in aviation.

EVTOL Technology USA

October | Arlington, VA | In-Person Event

Drawing on knowledge shared by leading electric vertical take-off and landing (eVTOL) experts, eVTOL Technology USA will facilitate fruitful discussions on industry priorities, challenges and solutions. Through a wide range of presentations, demonstrations and discussion, this event offers a holistic view and seeks to enable the community to access the latest design, innovation and certification developments in the sector. This conference will be a catalyst to furthering these internationally important topics by promoting dedicated discussions, networking and knowledge sharing to enhance approaches, analysis and solutions for the safe integration of eVTOLs in the US and international airspace.

Carahsoft’s involvement in the EVTOL Technology USA event highlights our commitment to advancing next-generation aviation solutions through strategic partnerships and innovative technology. By collaborating with industry leaders and leveraging our extensive ecosystem of partners, we empower Government and commercial customers with cutting-edge eVTOL capabilities that drive efficiency, sustainability and mission success.

Drone and AAM Symposium

July 29-30 | Washington, DC | In-Person Event

The Drone and Advanced Air Mobility (AAM) Symposium brings together representatives from Government agencies, international aviation experts, industry leaders and academia to accelerate advanced operations. Presenters and panelists will discuss the latest information and advancements related to the diverse uses of drones and the safe integration of Advanced Air Mobility aircraft into the National Airspace System.

Carahsoft’s participation in the Drone and AAM Symposium underscores our goal of supporting the future of autonomous and advanced air mobility. Through our strong partnerships with industry leaders, we provide Government and commercial customers with the cutting-edge solutions needed to drive innovation, enhance safety and accelerate adoption in the evolving aerospace landscape.

Previous Event Highlights:

GeoWeek

GeoWeek united geospatial and mapping professionals to explore how data, maps and advanced technologies can deepen our understanding of the world and inform solutions for complex challenges this year in Denver, CO. Attendees had the chance to discover cutting-edge developments in 3D technology, airborne and terrestrial surveying methods and Building Information Modeling (BIM). GeoWeek showcases over 200 exhibitors’ cutting-edge solutions, providing a comprehensive platform for comparing and qualifying technologies that are transforming various industries. In addition to the exhibition, GeoWeek offers practical, actionable education sessions led by industry experts, focusing on the integration of geospatial data, workflow optimization and software standards. This convergence of technology and knowledge-sharing positions GeoWeek at the forefront of industry innovation.

Sessions covered:

Rescue, Recovery and Rebuild by Francis Scott Key Bridge

3D, AI/ML and Event-Driven Architecture in Action by DFW Airport’s Digital Evolution

At this year’s show, Carahsoft’s booth featured live demos from two of our partners, Tomorrow.io and Reveal Technologies. We eagerly showcase innovative technologies for our customers and look forward to participating again at next year’s conference.

Army Worldwide Security Assistance Conference (AWSAC)

AUVSI’s AWSAC event brings together the ASAE and U.S. industry with opportunities for collaboration, transparent discourse, professional development and innovative ideas to reshape the future of Army security assistance. This three-day event is designed to provide a deep dive into the landscape of security assistance, defense innovation and the United States industrial base.

Sessions covered:

Best Practices on the Job | Program Management Best Practices: What Army acquisition best practices to apply to FMS on the ground

Integrating FMS into Army Modernization | Drive Partnership Across Security Cooperation and Modernization

Workforce Professionalization | Impact of Workforce Reform

Carahsoft proudly represented a 3-star sponsorship at this year’s AUVSI AWSAC event. Attendees had the opportunity to stop by our table and speak with a defense solutions procurement expert.

Drone Responders National Public Safety UAS Conference

The Drone Responders National Public Safety UAS Conference is a key annual event dedicated to the use of unmanned aircraft systems (UAS) by public safety professionals. This conference serves as a hub for sharing knowledge, best practices and innovative solutions tailored to the unique needs of first responders and public safety agencies, as well as a space to promote the education of UAS safety.

Sessions covered:

Hurricane Responses

Exciting New Public Safety FAA Waivers

Law Enforcement Tactical, Detection and Mitigation

Carahsoft is excited to have sponsored and attended this year’s conference! As a Gold sponsor, we met with attendees at our booth sharing more about our Autonomy and Robotic Technology offerings and how to become a vendor.

Industry and Government collaborations enable Carahsoft to offer a comprehensive range of autonomy and robotics technology solutions and services to the Public Sector. By leveraging the strengths of these companies, Carahsoft ensures that Government agencies have access to cutting-edge technology for search and rescue, mapping and surveying and disaster response.

To learn more or get involved in any of the above events, please contact us at AutonomousTech@Carahsoft.com. For more information on Carahsoft and our industry leading Autonomy and Robotics technology partners’ events, visit our Autonomy and Robotics solutions portfolio.

The Subcommittee on OSINT: A Milestone for National Security

Posted on by Marty Gryski

The establishment of the Subcommittee on Open Source Intelligence (OSINT) within the House Permanent Select Committee on Intelligence (HPSCI) marks a significant step forward in recognizing the vital role of OSINT in modern intelligence and national security. This dedicated subcommittee is designed to provide oversight, guidance and strategic direction for OSINT initiatives across the intelligence community (IC). Chaired by Rep. Ann Wagner (R-Mo.), the subcommittee focuses on enhancing OSINT capabilities by promoting data sharing, professionalizing OSINT as a discipline and ensuring adequate resource allocation. By leveraging publicly available information, OSINT plays a critical role in identifying global threats, improving situational awareness and strengthening national security.

Purpose and Mission

The OSINT subcommittee is responsible for overseeing programs and policies that ensure the collection, analysis and dissemination of OSINT align with national security objectives. It will advocate for increased funding and resource allocation to enhance OSINT capabilities while encouraging innovation through the adoption of artificial intelligence (AI), machine learning and automation tools to improve the effectiveness of OSINT. Additionally, the subcommittee will address ethical and legal considerations by establishing guidelines that adhere to privacy laws, civil liberties and best practices.

Why OSINT Matters

Carahsoft Subcommittee on OSINT Security Blog Embedded Image 2025

OSINT has become a cornerstone of modern intelligence gathering, providing real-time, publicly available data to supplement classified intelligence. By leveraging OSINT, agencies can accelerate threat detection and response by prioritizing the most critical risks, ensuring a proactive defense strategy. OSINT supports counterterrorism efforts, combats disinformation, identifies cyber threat actors, assesses geopolitical risks and aids in crisis response, making it an essential tool for strategic planning and real-time threat mitigation.

Impact on the Intelligence Community

The formation of this subcommittee signals a shift toward a more structured and well-funded approach to OSINT. By prioritizing open-source data collection, analysis and integration, the IC can gain faster, more accurate and cost-effective insights into global events. Additionally, it opens the door for increased collaboration between the Government and Private Sector OSINT providers, fostering innovation and strengthening national security.

Carahsoft’s Perspective

As The Trusted Government IT Solutions Provider^™, Carahsoft Technology Corp. views this initiative as a game-changer for the OSINT community, recognizing the congressional backing as a significant momentum builder for the discipline. With formal recognition and dedicated oversight at the congressional level, OSINT will receive the attention, investment and structure needed to solidify its role as an indispensable intelligence asset in an era of rapidly evolving digital threats. This move is expected to bring increased resources, enhanced policies and a more strategic approach to OSINT initiatives. For industry leaders like Carahsoft, it presents greater opportunities to collaborate with Government agencies, drive innovation and contribute to the evolving landscape of intelligence gathering. The subcommittee’s focus aligns with Carahsoft’s mission to provide cutting-edge OSINT tools and services, ultimately strengthening the nation’s intelligence capabilities.

Discover how Carahsoft’s OSINT portfolio of trusted technology partnerships and innovative solutions can enhance intelligence gathering.

The Top 10 5G Events for Government in 2025

Posted on by Mark DeMerse

As the demand for enhanced connectivity continues to grow, the upcoming 5G events for Government professionals present a unique opportunity to explore the transformative potential of next-generation wireless technology. With 5G, agencies can achieve unprecedented levels of speed, reliability and efficiency, paving the way for innovative solutions in public safety, emergency management and critical infrastructure. These events will showcase how 5G is revolutionizing operations, enabling the integration of advanced technologies such as artificial intelligence (AI) and the Internet of Things (IoT) into Government workflows. Join Carahsoft and our esteemed partners at these pivotal gatherings to discover how to harness the power of 5G, engage with industry leaders and gain insights that will drive mission success while ensuring the security and integrity of Public Sector networks.

2025 5G Summit | Potomac Officers Club

February 27 | Tysons, VA | In-Person Event

The U.S. Government is at the forefront of leveraging 5G and FutureG technologies to drive transformative advancements. From strengthening national security and public safety to enhancing citizen services and critical Federal missions, 5G is set to revolutionize operations across the board. Ready to explore its full potential? Join the Potomac Officers Club’s 5G Summit to dive into key topics including 5G at the edge, its role in the DoD’s CJADC2 initiatives, 5G-enabled warfighting capabilities and more.

Sessions to look out for:

Securing 5G in the Field

Operationalizing the Vision: From 5G Concepts to Real-World Defense Applications with Leland Brown (Moderator)

Carahsoft is a key exhibiting sponsor at this year’s event, showcasing its dedication to advancing the public sector’s digital transformation. By partnering with leading technology providers, Carahsoft offers innovative 5G solutions that support secure communications, smart city applications and enhanced operational efficiencies. These collaborations ensure that Government agencies can deploy scalable and secure 5G technologies to meet the growing demands of their digital infrastructure.

MWC25

March 3-6 | Fira Gran Via, Barcelona | In-Person Event

Carahsoft Top 5G Events Blog Embedded Image 2025

Mobile World Congress (MWC) Barcelona 2025 is a key industry event where leaders from top global companies, international Governments and innovative technology businesses gather to frame the future of connectivity. This event offers iconic insights from renowned and emerging voices across technology, industry, policy and ethics. Attendees can explore groundbreaking innovations from the world’s greatest startups and tech pioneers and witness the intersection of connectivity and connected industries driving revolutionary solutions. Additionally, MWC Barcelona is a unique platform for bridging ministerial programs, social policy, business leadership and technology development to achieve sustainable progress.

Sessions to look out for:

5G’s Big Moment: The Time is Now

5G Innovations That Matter: Real-World Use Cases Driving Value

Carahsoft maintains strategic partnerships with Nokia, AWS, Palo Alto Networks and Ericsson. These collaborations enable Carahsoft to offer a comprehensive range of 5G solutions and services to the public sector. By leveraging the strengths of these industry giants, Carahsoft ensures that Government agencies have access to cutting-edge technology for enhanced connectivity, security and cloud solutions. For more information visit 5G Technology Government Providers | Carahsoft.

IWCE 2025 Conference

March 17-20 | Las Vegas, NV | In-Person Event

The International Wireless Communications Expo (IWCE) is the premier annual event uniting stakeholders across public safety, Government, emergency management, utilities, education, transportation, healthcare and other critical infrastructure sectors. It is a unique opportunity to network, learn and explore how advancements in critical mobility technologies are transforming operations and reshaping the future of critical communications.

Sessions to look out for:

AI and 5G Mobile Devices: Transforming Public Safety Operations

Advancements in Spectrum Monitoring for Rapid RFI Location

Carahsoft collaborates with Verizon, T-Mobile and AWS to enhance Government connectivity with cutting-edge 5G solutions. These collaborations enable Carahsoft to provide secure and scalable 5G technologies that enhance communication, operational efficiency and smart city applications for public sector organizations. For more information visit 5G The Future of Government Connectivity | Carahsoft.

Future G for Defense Summit

March 26-27 | Alexandria, VA | In-Person Event

DSI’s 2nd Annual FutureG for Defense Summit will gather leaders from the DoD, Federal Government, industry and academia to discuss 5G and wireless networking technologies. This two-day event will focus on the adoption of commercial 5G and NextG technologies to support Warfighter. The implementation of 5G is crucial for faster speeds, more bandwidth and supporting advanced technologies like AI. Greater cooperation between the private sector and Government is essential for integrating 5G and FutureG capabilities. Senior leaders will address initiatives such as developing open radio networks (O-RAN) and fostering public-private partnerships to bridge the 5G gap.

Sessions to look out for:

5G, 6G, NextG: Preparing for the Next Generation of Wireless Network Technologies Across DoD

Integrating 5G Capabilities for the Future Soldier

Through its distribution partnerships with T-Mobile and MITRE, Carahsoft plays a vital role in advancing Government connectivity and defense capabilities. These strategic partnerships ensure the delivery of cutting-edge networking infrastructure and enablement of seamless secure connectivity for various Government applications.

OFC 2025

March 30-April 3 | San Francisco, CA | In-Person Event

Immerse yourself in the future of the high-quality optical communications and networking industry at OFC 2025. This premier event brings attendees the latest research, innovations and newest commercial products through hundreds of exhibitors, speakers and thought leaders across industry and academia. Additional programs attendees can expect throughout the week include symposia, in-depth tutorials, workshops and panels that will showcase market trends, emerging technologies and insight into the state of the industry.

Carahsoft is thrilled to announce our sponsorship of the Full Spectrum Rock n Roll Party and Concert on April 2! OFC badge holders get free entry to this exciting event. We invite you to join us, along with our strategic partners Infinera and Nokia, at the Chase Center in San Francisco for an unforgettable evening of food, drinks and rock ‘n’ roll. This event promises to be a fantastic opportunity to network, celebrate and enjoy great music!

Smart Cities Connect: Spring Conference and Expo

April 14-16 | San Antonio, TX | In-Person Event

Smart cities have transitioned from visionary concepts to practical realities, delivering significant benefits for both people and the planet. From pioneering pilot projects to long-term infrastructure investments, smart city solutions address pressing urban challenges. This spring, join thought leaders, urban planners, technologists, policymakers, researchers and industry experts to explore the strategies, critical elements and collaborative efforts needed to drive sustainable transformations in urban communities and examine the diverse dimensions of fostering lasting change in cities.

Sessions to look out for:

Open and Smart Solutions for the World’s Smartest Cities

Transforming Urban Infrastructure: Public Safety, Equity and Environment

Carahsoft’s dedication to advancing connectivity solutions and fostering innovation is showcased through its strategic partnerships with 2024 sponsors Intel, Dell, Nvidia and AWS. These collaborations enable Carahsoft to deliver cutting-edge technologies that enhance operational efficiency and secure communications for Government agencies. By working with these industry leaders, Carahsoft supports the digital transformation of the public sector, ensuring that Federal, State and Local Governments have access to the latest advancements in technology.

International Telecoms Week 2025

May 5-7 | National Harbor, MD | In-Person Event

International Telecoms Week (ITW) is the premier event for gathering leaders from across the digital infrastructure spectrum. ITW brings together visionaries and innovators to shape the future of global communications. With cutting-edge technologies and unparalleled networking opportunities, it serves as the largest platform to connect with the entire international connectivity market, from satellite to subsea and beyond.

Sessions to look out for:

Future Networks

Data Center 2.0

Multi-Channel Communications

Connect with Carahsoft’s strategic partners, including Nokia, Infinera and T-Mobile, at International Telecoms Week 2025 in National Harbor, MD. These industry leaders are sponsoring the event to showcase their commitment to innovation across the digital infrastructure spectrum. This is a fantastic opportunity to explore cutting-edge technologies, network with experts and learn how these partnerships are driving advancements in connectivity and telecommunications. Don’t miss out on this exciting event!

Connectivity Expo 2025

May 12-14 | McCormick Place, Chicago, IL | In-Person Event

This event is a premier gathering for professionals in the connectivity industry, focusing on the latest advancements in 5G, fiber and wireless technologies. Attendees will have the opportunity to engage with industry leaders, explore innovative solutions and participate in sessions covering a wide range of topics, from network infrastructure to digital transformation. Connectivity Expo Connect (X) is an essential event for anyone involved in the future of connectivity.

At the Connect (X) 2025, be sure to attend sessions on the latest 5G deployments, advancements in fiber technology and innovations in wireless infrastructure. These sessions will feature insights from industry leaders and showcase cutting-edge solutions shaping the future of connectivity.

Connect X will feature over 200 sponsors and exhibitors, cutting-edge content and more than 10 networking events. Don’t miss the opportunity to hear from exclusive Carahsoft partners and speakers, including Sergio Adames, Director of New Partnerships and Business Development at T-Mobile; Tanveer Saad, Head of Edge Cloud Innovation and Ecosystem at Nokia; and Will Adams, VP of Strategic Policy and Planning at T-Mobile. These industry leaders will share their insights on the latest advancements in digital infrastructure and connectivity. Join us for an exciting and informative experience!

2025 UTC TELECOM & TECHNOLOGY CONFERENCE

June 16-19 | Long Beach, CA | In-Person Event

Connect with industry experts and peers at this leading event tailored for information and communication technology (ICT) professionals and partners. Dive into four days of immersive learning and networking, featuring pre-conference training, workshops, roundtables and summits led by global experts who are actively driving utility modernization. Explore cutting-edge solutions in the Exhibit Hall and gain valuable insights to strengthen your professional toolkit.

Sessions to look out for:

Future of Fiber Technology 3-5 Year Outlook

Planning the Deployment of a Hybrid Advanced Communications Network of PLTE/5G & Fiber

Carahsoft maintains strategic partnerships with Premier and Gold sponsors Nokia and Ciena. At the 2025 UTC Telecom & Technology event, these collaborations will be showcased, highlighting joint efforts to enhance telecommunications infrastructure. The event, scheduled for June 16-19, 2025, at the Long Beach Convention Center, will bring together industry leaders to discuss advancements in information and communications technology (ICT). Carahsoft’s partnerships with Nokia and Ciena will be pivotal in demonstrating cutting-edge solutions for modernizing utilities and improving network performance.

Carahsoft | Public Sector 5G Summit

August 20 | Reston, VA | In-Person Event

We are excited to announce Carahsoft’s 2nd Annual 5G Summit, Create Opportunities for Innovation. Join us in person on Thursday, August 20 at 12:00pm in the Carahsoft Conference & Collaboration Center. Hear industry and Government thought leaders discuss the latest advancements in 5G network rollouts, explore how 5G can create new opportunities to fulfill agencies’ unique missions and look ahead to the future possibilities of 6G. Following our summit, please join us for a networking reception hosted by Carahsoft for delicious appetizers and refreshing drinks!

Register now to join us at the event and learn more about how Carahsoft and our partners can support your 5G mission initiatives. View our exclusive agenda to learn more about the sessions and speakers!

As the landscape of connectivity continues to evolve, attending key events focused on 5G and related technologies is essential for Government professionals and industry stakeholders alike. Carahsoft facilitates connections between leading experts and attendees while showcasing innovative solutions from its strategic partners. These events not only provide a platform for networking but also offer invaluable insights into the latest advancements and best practices shaping the future of communication infrastructure. Engaging with the vibrant community at these events, supported by Carahsoft’s commitment to advancing connectivity, will empower professionals to drive meaningful change and ensure that their organization remain at the forefront of the connectivity revolution.

To learn more or get involved in any of the above events please contact us at 5G@carahsoft.com. For more information on Carahsoft and our industry leading 5G technology partners’ events, visit our 5G solutions portfolio and 5G Events page. 

Protecting Government Benefit Programs from Automated Fraud

Posted on by Katherine Hennessey and Steven Ahlberg

Nation-states, ransomware gangs, and cyber criminals have a new weapon of choice: AI-powered bots. These systems, which mimic human behavior to automate tasks, have already helped fraudsters siphon hundreds of billions of dollars from federal programs. If left unchecked, this problem will cause taxpayers severe financial harm. The incoming administration will need to move quickly to guard against this rapidly growing threat.

The need to better defend the nation’s technology infrastructure against AI-powered attacks is not a partisan issue, and it is likely our new cyber leaders can build upon some actions taken by the last administration, including the final cybersecurity EO, issued in January 2025, that highlighted the role that stolen or synthetic identities play in defrauding our government programs. While the focus on instituting modernized digital identity methods may be appropriate, we’d like to offer a few additional considerations for our incoming cyber leaders on how to attack this problem.

The Bots Are Here

HUMAN Security NightDragon Protecting Government Benefit Programs Automated Fraud Blog Embedded Image 2025

Bots are increasingly being used by malicious actors to hack into systems, scrape personal data, or submit fake claims for benefits. At its simplest, they can use credentials and identification information purchased or stolen on the dark web to perpetrate fraud against benefit websites. From overwhelming public benefit portals with credential stuffing attacks to manipulating identity verification systems with precision-targeted scams, bots exploit gaps in digital identity systems at a speed, precision, and scale that is incredibly hard to defend against. And with the advancements in AI, they can increasingly mimic legitimate users to bypass security measures faster than most institutions can adapt.

In fact, in 2021, the Department of Labor found that at least $87 billion of the nearly $900 billion in unemployment insurance awarded under the CARES Act in the aftermath of the COVID pandemic were paid improperly, with a significant, but indeterminable portion attributable to fraud. However, in 2023 alone, bots were responsible for 352 billion attacks targeting login portals, credential verification systems, and transaction flows across industries, according to HUMAN’s Quadrillion report.

With 20 percent of login attempts across observed systems linked to account takeover attacks, and 150 million new compromised credential pairs discovered last year, bots are evolving into the ultimate enablers of fraud. If left unchecked, they could amplify the scale of fraud exponentially.

How do we prevent this problem from evolving from merely headline-grabbing to system-crippling?

Our incoming cyber leaders must recognize bots as the major root cause of the fraud problem and refocus attention on deploying cutting-edge new tools on U.S. federal systems to defend the thousands of .gov websites the government administers. This includes deploying applications that can help protect from automated credential stuffing and brute force attempts, block bots from manipulating web applications, prevent data contamination in which bots disseminate fake information to skew metrics, and prevent the unauthorized data harvesting of public websites.

The government must also take the lead in helping private sector entities adopt these tools. The federal government can serve as a catalyst, pushing hold-out organizations to invest in their own fraud defenses. Private businesses are looking for guidance on this issue. Bot detection and counter bot solutions deserve the same level of attention as endpoint detection, patch management, and other fundamental security controls. Proactively embedding bot mitigation into NIST frameworks, for example, will ensure government systems are prepared to defend against automated fraud at scale. Following on this, government guidance relating to how agencies establish Zero Trust architectures should also incorporate bot detection and mitigation.

Finally, we must foster stronger public-private collaboration to advance bot mitigation. Existing bodies for public-private cooperation on cybersecurity must more deliberately include bot intelligence and insight-sharing. We must evolve outdated conceptions of what constitutes cyber threat intelligence (CTI), and endeavor to collect, analyze and report bot intelligence as its own distinct, but highly important category of CTI.

As our incoming cyber leaders in the new administration plan their agenda, it is critical they understand that the root cause of large-scale fraud is not just weak digital identity management methods but AI-powered bots. Bots that undermine the delivery of services and benefits to millions. Combating fraud perpetrated by and with them is a national priority.

To learn more about how HUMAN Security and NightDragon work better together to support Government agencies in their mission to defend against bots, visit our website!

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including HUMAN Security and NightDragon, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Modernizing the Department of Defense’s Authorization to Operate Process For Agility

Posted on by Danielle Metz

What is the National Defense Authorization Act?

Since 1961, the National Defense Authorization Act (NDAA) has authorized funding levels and provided authorities for the U.S. military and other critical defense priorities, ensuring America’s forces have the resources they need to carry out their missions.

Authority to Operate

A barrier that exists for technology companies is obtaining an Authorization to Operate (ATO) for their software applications, services, and or platform capabilities. The ATO process can be challenging, tedious, and unpredictable, with varying costs and timelines. This process is particularly cumbersome and incongruent with the dynamic nature of software deployment. Once the ATO hurdle is cleared, technology companies face their next challenge: continuous monitoring and associated updates. Every major software update must be run through a compliance process. This poses significant challenges for both the software company and the government end-user. It prohibits the timely and continuous resolution of issues and prevents the government from leveraging the latest and most cutting-edge version of an application.

“Presumptive reciprocity” in the context of the National Defense Authorization Act (NDAA) refers to a provision mandating that if one Department of Defense (DoD) authorizing official has approved a cloud-based platform or service as secure, then other DoD officials should automatically accept that assessment without needing to conduct a separate review. Presumptive reciprocity helps lighten the ATO burden and was recently reinforced in Section 1522 of the FY25 NDAA. Enabling another DoD organization to take an ATO for their software application, services, and or platforms from the Air Force Authorizing Official, for example, and having it accepted by the Navy’s Authorizing Official, greatly reduces the burden on both government accrediting officials and the technology company. Most importantly, the DoD warfighter wins by gaining access to best-in-class capabilities delivered at the speed of relevance, ensuring they can execute their missions effectively.

Second Front Systems DoD Authorization to Operate Blog Chart Image 2025

FY2025 NATIONAL DEFENSE AUTHORIZATION ACT (NDAA) SEC. 1522.

What does the language in Sec. 1522 of the FY25 NDAA on DoD Presumptive Reciprocity entail?

Tasks the DoD Chief Information Officer (CIO) to work with Military Department CIOs to develop and regularly maintain a digital directory of all Authorizing Officials (AOs) across the DoD. Specifically, this database will contain current contact information of the AOs AND list training requirements that must be completed to be certified and perform the duties of an AO.
Identifies the need to establish a policy for “Presumption of Reciprocal Software Accrediting Standards.” The DoD CIO is tasked with creating and implementing a policy for DoD that would require AOs to adopt security analysis and supporting documentation of cloud-hosted platforms, services, or applications that have been approved by another AO in the DoD.
- This policy change will allow for more rapid adoption of cloud-hosted platforms, services, or applications at the corresponding classification level (e.g., CUI, Secret, Top Secret) with the existing approval conditions and no further authorization or approval reviews required.
- The policy will include the following:
  - Standardization of security, accreditation, performance, and operational capabilities of the cloud-hosted platforms, services, and applications;
  - A digital workflow to document acceptance by/among the mission owners and system owners to use the operational capabilities from the cloud-hosted platforms, services, and applications; and
  - Define an adjudication process with associated timelines that would allow AOs that disagree with using this policy to present their rationale to the DoD CIO or designated entity for reconciliation.
- The policy applies to the following:
  - ALL AOs in the DoD (Military Department, Defense Agency and Field Activity, and Component).
  - ALL operational capabilities of cloud-hosted platforms, services, and applications that are on public cloud infrastructure and authorized through FedRAMP and DISA AND capabilities in private cloud landing zones managed by the DoD that have been approved by DoD AOs.

The big take away here is that the FY25 NDAA language marks a significant step forward in reducing bureaucratic hurdles for both technology companies and the DoD. By implementing “presumptive reciprocity,” the NDAA streamlines the ATO process, enabling faster adoption of cloud-hosted platforms and services while maintaining rigorous security standards. This policy helps ensure that the DoD can access cutting-edge technology more efficiently, empowering warfighters with the tools they need to execute their missions with speed and precision. As the DoD continues to modernize and adapt to rapidly evolving technologies, these changes pave the way for a more agile, secure, and effective defense ecosystem.

To learn more about Second Front Systems and the National Defense Authorization Act, visit our website and keep up with our latest efforts with the DoD.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Second Front Systems, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Navy Customer Executive: WEST 2025: Top 10 Insights on AI, Cybersecurity and More

Posted on by Mike McCalip

Government leaders, military officials and industry professionals gathered at AFCEA’s WEST 2025 conference to discuss the newest technologies, modern networking capabilities and cybersecurity initiatives that enhance operations within the Sea Services. As a technology provider for the Department of Defense (DoD) and industry experts affiliated with the Navy, Carahsoft and its partners are deeply aligned with the goals of the Navy and Sea Services and is committed to providing mission-critical technologies to keep the country safe. Carahsoft and over 90 of our partners, including Adobe, Appgate, Crowdstrike, Docusign, HashiCorp, Hitachi, Qualys and WIZ joined at WEST 2025 to showcase solutions in artificial intelligence (AI), cybersecurity, DevSecOps, Zero Trust and more.

Check out the action from San Diego, California in our West 2025 recap video!

Here are the top ten insights for the technology industry and Government from this year’s conference.

1. Artificial Intelligence (AI) in the U.S. Navy

There are many opportunities for AI in the Navy, such as the OpenShip Tool and its usage of OpenAI’s Whisper model to translate incoming communications through the Navy’s Very High Frequency (VHF) radios. Remote monitoring can detect issues with technology and support rapid troubleshooting. AI can also be used to predict turnaround time, helping the workforce choose when to prioritize projects and deliver items on time.

AI can simplify operations. PMS 406 unmanned Maritime Systems runs the Unmanned Maritime Autonomy Architecture (UMAA), whose architecture creates a low barrier of entry for operation. With AI, update 6.0 of the UMAA and the Navy’s “Replicator initiative,” which works to field hundreds of autonomous systems by August 2025,” every soldier could operate a drone.

In the session “Fleet AI Deployment,” Lieutenant Artem Sherbinin, the Chief Technology Officer for the U.S. Navy ‘s Task Force Hopper, reviewed the three priority areas for the Navy’s AI usage, which are to:

Outthink adversaries

Enhance administrative work

Maintain goal of keeping 80% of combat surge-ready fleet

By using AI capabilities, the Navy can empower its acquisition force to act efficiently and quickly. Lieutenant Sherbinin also discussed two upcoming projects. Navy warships produce 150TB of data per warship per day. To manage this massive volume of data, the Navy is building a Warfighting Data and AI Ecosystem. This tool’s requirements are being drafted and will be submitted in the upcoming fiscal year, but currently include components such as data extraction, data processing and sensor updates to ships underway. Vendors should keep an eye out for pre-RFPs and RFI opportunities surrounding this capability. The second project is a new Commercial Solutions Offering (CSO), the Surface Lethality CSO. This soon to be released solution will be released through the Defense Innovation Unit on AI for Surface Lethality, and will expedite decision-making and enable the Navy to keep ahead of adversaries.

2. Red Teaming to Improve Cybersecurity

In the session “Leveraging Cloud to Accelerate Unmanned and Autonomous System (UAS) Mission Critical Capabilities,” Allen Mcafee, CTO of Fuse Integration, discussed the desire to increase red teaming—a process for testing cybersecurity by having allied hackers conduct non-threatening breaches—amongst autonomous systems to increase the robust quality of existing programs, especially in the electronic and kinetic fields. Vendors that specialize in cybersecurity solutions for autonomous systems should offer red team services to help solidify UAS security.

3. The Importance of Maritime Trade to Cybersecurity

In the session “Office of Naval Intelligence Brief,” Rear Admiral Mike Brooks, Commander of the Office of Naval Intelligence (ONI), spoke heavily on the criticality of maritime trade and the effect it has on the posture of the Navy. Chokeholds on shipping ports can hinder the economy, and so ONI is placing further emphasis on gathering intelligence in this area to preserve supply chains.

4. DISA’s New Cloud-Based Mission Partner Environment

To address logistic challenges, the Defense Information Systems Agency (DISA) developed a mission partner environment within the cloud. This tool acts as a joint sustainment decision tool and will feature an application hosting platform. DISA will initially host this environment, but is looking for commercial partners to host the platform and ensure its accessibility to all allies and partners.

5. Business Initiatives

The Navy has upgraded its approach to doing business, releasing its Information Superiority Vision (ISV) 2.0. In the initial version, the Navy’s framework for business was “Modernize, Innovate and Defend.” The 2.0 System is:

Optimize – IT teams can integrate new systems and turn off outdated ones

Secure – Personnel should think proactively in the design phase, rather than the more reactive “defend”

Decide – Staff places data into the hands of people who need it

This new system focuses on being proactive and innovative, integrating a focus on the workforce. Vendors should determine how their solutions fit into one or more of these pillars when marketing their technology and solutions.

Carahsoft WEST 2025 Blog Embedded Image 2025

The Navy can learn from all types of industries and technology. Former Commander of the U.S. Pacific Command and Former Ambassador to the Republic of South Korea Admiral Harry B. Harris Jr. recounts an example from the 1930s where the Marine Corps struggled to field a landing craft. The solution came from examining a small civilian craft in the local area, showcasing a “Higgins Boat Moment” where the Marine Corps were able to learn from civilian technologies, highlighting the importance of dual-use technology that is prioritized by the DoD.

Business is fulfilled when employees have bandwidth. In the session “Bringing Enterprise IT to the Edge to Accelerate Innovation,” Captain Kevin White of the PEO C4I PMW/A 170 Navy Communications and GPS Navigation Program discussed how bandwidth can fall into three different categories: morale, business applications and tactical services. When sailors have excellent bandwidth for morale and business applications, they are more efficient tactically.

The DoD is working on a portal that provides information and education on Small Business Innovation Research (SBIR) and Small Business Technology Transfer (SBTT) programs. This portal assists in creating effective proposals and understanding language and resources. This page, while accessible, is still in development and will continue to be fleshed out in the upcoming weeks.

6. Renewing Technology

In the session “I’m charged with Putting a Flux Capacitor in a 1995 Mazda,” Brigadier General of the U.S. Marine Corps and Commanding General of the Marine Corps Installations West Nick I. Brown mentions that whether it is power systems or IT, infrastructure needs to be in place to accept new technology. Much of the DoD’s infrastructure is build on legacy systems or is out of date and needs to be replaced or upgraded before advanced solutions can be put in place. The U.S. Marine Corps is looking for vendors to help with new technology instillations and upgrading existing infrastructure, especially on the West coast. The U.S. Navy is allocating funds to achieve similar goals. It aims to improve its outdated infrastructure and systems to carry out technology initiatives by the Program Executive Office Digital and support the Navy’s culture of excellence.

In the session “Why Have a Lambo if You Don’t Have the Road?”, Col. Jared Voneida discussed five major areas that DISA is working on:

Building commercial and Government data centers

Improving theater transport and host nation infrastructure

Fortifying existing cybersecurity infrastructure and Defensive Cyberspace Operations-Internal Defensive Measures (DCO-IDM)

Maintaining command and control of the network

Completing initiatives by 2027

The Colonel also emphasized the need to divest from legacy time division multiplexing (TDM) infrastructure. While AI and machine learning (ML) has a plethora of uses, until AI/ML software divests from TDM infrastructure, DISA cannot utilize it effectively to assist with their network and data. With updated networks and hardware in place, the Navy and DoD can utilize the newest advanced solutions.

7. IT at the Center of the Workforce

To meet the rising demand in recruitment, the Navy has released its new enlisting agent, Robotics Warfare Specialist. With cybersecurity being more at the center of safety, the Navy aims to train more sailors in IT. Additionally, the Navy has released a new enlisted rating, Robotics Warfare Specialist, a new job that helps ensure effective planning and control of autonomous systems.

8. Improving Productivity by Decreasing Troubleshooting

IT and software issues can lead to lost productivity. RAND Corporation, a research and development nonprofit, recently released a report regarding the viral LinkedIn post “Fix Our Computers” that highlighted user experience challenges with IT systems in the DoD. Their report estimated, on the conservative side, $2.5 billion in lost productivity due to IT and software difficulties. The Sea Services aim to increase the user friendliness of software to decrease the time lost to troubleshooting. In the sessions “Bringing Enterprise IT to the Edge to Accelerate Innovation,” Captain White of the U.S. Navy attributed the largest productivity gaps to IT teams relying on command line programing. Captain White encourages industries to develop more user-friendly systems that do not rely on command lines.

9. Compliance is No Longer Enough

In the session “DON CIO Perspective,” Navy CIO Jane Rathbun states that while Authority to Operate (ATO) tells you how secure a system is at that point in time, it does not encourage the readiness mindset that is optimal for protecting cybersecurity. Rathbun encourages switching to continuous monitoring and authorizations of systems, rather than stopping at ATO compliance. Rathbun specifically noted threat analysis and continuous monitoring as areas vendors might be assessed on in the future.

10. DevSecOps Products that Improve Marine Corps Productivity

The Marine Corps showcased 11 different products manufactured by the software factory product line related to development, security and operations (DevSecOps).

Check out details on the products below:

MyCareer – Supports the Manpower Management Enlisted Assignments (MMEA) and aids Marines by monitoring conversations, providing a virtual queue and matching partners based on data on marine preferences

ItemEyes – Provides marine units with a digitized inventory

Sensor Processing Analysis Radar Translation Application (SPARTA) – Hosts data from radar, automatic identification system (AIS) and unmanned systems all in one user-friendly interface

CRUSADER – Controls, processes and detects radar information in one easy to use library

Real-time Alerting, Interference Detection & Electromagnetic Reporting (RAIDER) – Provides real-time alerts for anomalies detected in the electromagnetic spectrum

All-domain Electromagnetic and Radio Organic Trainer (AeroT) – Helps Marines simulate and visualize their electromagnetic signature

EXODUS – Provides evacuees located abroad with personal services, such as mobile passport processing

TAK Design System – Helps Marines navigate and build plugins for Tactical Assault Kit (TAK)

ReserveHub – Enables Marines to find ideal areas when relocating, boosting retention rates

SnapDB – Analyzes pictures taken by unmanned aerial systems (UAS)

J-Series Message Library, Government Open-Source (JSML) – Translates code into J-Series

Through the developing partnerships between the technology industry and Government as well as Carahsoft and our partners, the DoD can streamline in areas such as artificial intelligence, cybersecurity, DevSecOps, compliance and more. These insights from West 2025 illustrate the Navy and Sea Service’s commitment to continual innovation and maintaining the safety of the nation.

To learn more about cybersecurity and the defense industry, visit Carahsoft’s defense portfolio to explore solutions showcased at AFCEA’s WEST 2025. For additional research into the key takeaways industry and Government leaders presented at WEST, view Carahsoft’s extensive market research brief for a recap.