Resource LibraryCarahsoft and Partners at WEST 2025

Prepare for the Post-Quantum Cryptography Era
with Fortanix

• Discover automated cryptographic key discovery and manage inventory
• Implement role-based access control (RBAC) for human and machine users
• Configure policy management and auditability
• Achieve scalable, agile cryptographic implementation and control for future-ready security

ATO in a Day: Lessons from the
USMC MCCS Digital Transformation

• Streamline ATO Processes: Reduce timelines from years to under 30 days using agile frameworks.
• Reclaim Resources: Minimize inefficiencies that cost millions annually and redirect them toward mission priorities.
• Adapt for Operational Success: Shift from inflexible, outdated practices to continuous, data-driven workflows that align compliance with mission readiness.

Featured Speakers:
Dave Raley, CX Digital Program Manager at Marine Corps Community Service (MCCS), USMC
Travis Howerton, Co-Founder & Chief Executive Officer, RegScale
Tarik Williams, Principal Solutions Engineer, RegScale
Ryan Pratt, Chief Executive Officer, Raven Solutions

DoDs Pathway to Secure Software - How Speed and Agility are Transforming Platform One

Platform One is an Air Force organization focused on DevSecOps that has achieved cyber readiness. View this on-demand webinar to understand how to modernize secure software practices to ensure compliance with government directive.

Speaker: Josh Bressers, VP of Security, Anchores.

F5 Zero Trust On-Demand Webinar

Protecting APIs transcends the defense of individual software components—it’s about preserving the integrity of an entire ecosystem. Furthermore, the Department of Defense (DoD) has mandated the implementation of Zero Trust architecture to ensure that all resources are accessed securely, regardless of location or user, and that continuous verification is enforced. Tune in to this exclusive webinar where F5's Senior Solution Architect, Peter Scheffler, will discuss how F5 approaches Zero Trust within the DoD and how enhancing API security is critical.

Speaker: Peter Scheffler, Senior Solutions Architect, F5 

F5 Strengthening API Security On-Demand Webinar

As the Department of Defense operations become increasingly interconnected, APIs emerge as crucial links binding these systems together. The rise of generative AI provides yet another tailwind to API adoption, as regardless of the use case, most AI usage will call API endpoints as their primary means of communication. During this exclusive webinar, Chuck Herrin, F5's Field CTO, will explore the critical aspects of API Security and how they pertain to the unique needs of DoD operations.

Speaker: Chuck Herrin, Field Chief Technology Officer, F5

How Amtrak rethinks experience design with FigJam

Learn about the unique challenges of product development in the public sector and how FigJam is powering Amtrak's leap into modern, collaborative work

Data Protection Webinar

Fortra's Wade Barisoff delved into the complexities of government data protection, exploring why traditional threat tools fall short in securing sensitive information. He addressed how to bridge the gap between technology and business, enforce agency policies, and implement solutions like Data Loss Prevention (DLP) and data classification to strengthen your agency’s cybersecurity.

Powering NDR Visibility with Network Intelligence

Securing hybrid environments is challenging due to blind spots in lateral traffic visibility, affecting both encrypted and unencrypted traffic. The complexity of multi-segment infrastructures and the dynamic nature of containerized environments exacerbate these issues, hindering NAV tools like NDR from achieving comprehensive traffic visibility essential for effective security incident management. Discover how enhanced traffic visibility, network telemetry, and application metadata can enable your NDR to detect hidden threats faster, accelerate response times, and reduce noise in hybrid cloud environments.

Tracking APT41 with Mobile EDR

Finding Wonderland Through the Rabbit Hole: Lookout's Mobile CTI with Jim Coyle

Speaker: Jim Coyle, US Public Sector CTO

How to Create the Most Accurate SSP for Faster FedRAMP Authorizations

Struggling with inaccuracies in your SSP and the endless cycle of audits and corrections? This article explains how automating your SSP and ATO package with Paramify can save time, reduce errors, and streamline the process. Get accurate, audit-ready documentation quickly, and focus more on improving your security.

Author: Becki Johnson, Sr. Copywiter

Build Trust in Your Software

Black Duck helps agencies build trust in software by managing application security, quality and compliance risks at the speed of their mission. Black Duck offers the most comprehensive portfolio of AST tools and services to secure software, integrate security into development and safely innovate.

Develop Mission-Critical Skills at Scale Across Your Agency

Coursera for Government partners with U.S. federal and state agencies to enhance workforce capabilities through scalable AI and digital skills training. It provides learning resources like videos, certificates, and guided projects, along with tools for custom course creation and analytics. Outcomes include 71% of learners reporting career benefits, a 94% increase in training efficiency, and a 38% reduction in attrition rates.

Unlock Efficiency and Productivity with Generative AI

Coursera's Generative AI (GenAI) Academy provides tailored AI training for leaders, teams, and individuals, focusing on ethical AI, strategic implementation, and hands-on practice. It includes courses from industry leaders like Microsoft and Stanford, covering topics such as prompt engineering and responsible AI use. The platform also offers AI-assisted course customization and on-demand support via Coursera Coach.

Fortra Solutions for Government

This Fortra datasheet details their suite of products designed to help government agencies manage risk, ensure compliance, and enhance cybersecurity. The datasheet highlights key features, benefits, and how Fortra's solutions support mission-critical operations across various levels of government.

Data Protection for Government Agencies

This Fortra solution brief outlines their Digital Guardian data protection platform, designed to help government agencies safeguard sensitive data, ensure compliance with regulations, and prevent data breaches. The solution brief emphasizes key features like encryption, monitoring, and granular control to protect critical information across diverse environments.

GigaVUE-HCT

Public sector organizations, including government agencies, often face challenges in securely transporting IT equipment while maintaining compliance. To address this issue, the Gigamon GigaVUE-HCT was designed as a portable solution offering the full enterprise-grade functionality of the GigaVUE HC Series, tailored for environments with stringent low-SWaP (size, weight, and power) requirements.

MultiCloud Success for Federal Agencies with HashiCorp

Automation tools and orchestration frameworks can help simplify the provisioning, deployment, and management of cloud services by automating repetitive tasks and reducing the risk of human error. The HashiCorp cloud operating model provides a core layer of tools that can securely manage the entire lifecycle of resources, which improves collaboration, portability, security compliance, and resource tracking.

Portal26 GenAI Adoption Management Platform (AMP)

Portal26 is the ultimate enabler of GenAI adoption in the enterprise. Portal26’s GenAI Adoption Management Platform (AMP) enables enterprises to rapidly deploy critical capabilities that immediately remove eight major blockers to effective, responsible, and secure enterprise GenAI adoption.

Unified Protection: XDR aligns the DoD's 7 Pillars of Zero Trust

Discover how Trellix Zero Trust XDR approach empowers the DoD’s Zero trust initiatives. Trellix's approach is to focus on protecting data first and foremost. Then focuses on the XDR integration as a core requirement for Zero Trust.

Trellix Wise: GenAI for your biggest security operations challenges

Discover Trellix Wise, Trellix’s security operations platform that uses AI, analytics and automation, to transform how customers solve their biggest security challenges.

Adobe JELA eBook

What content velocity means to the DoD's mission

SSDF Attestation 101: A Practical Guide for Software Producers

The NIST Secure Software Development Framework (SSDF) lays out new compliance requirements for software producers selling to federal agencies. Download this ebook to understand the key practices, risks of non-compliance and how tools like Anchore Enterprise can facilitate a smoother attestation process.

Black Pearl Case Study

The Black Pearl DevSecOps Platform enables the US Navy to achieve Authority to Operate (ATO) in just 3-5 days by automating compliance reporting and managing open-source software risks. By integrating Anchore, the platform prioritizes actionable vulnerabilities, allowing developers to focus on writing code while ensuring security and compliance throughout the software development lifecycle.

Validation Authority Suite Data Sheet

Axway Validation Authority (VA) Suite provides a scalable and reliable solution for validating digital certificates in Public Key Infrastructure (PKI) environments, supporting multiple certificate authorities and trust models. Widely used in government sectors, it ensures secure authentication, encryption, and signing with high performance and near-zero downtime.

Defense Logistics Agency ensures always-on access to global procurement services

This customer case study highlights how the Defense Logistics Agency leveraged Axway Validation Authority to enhance the security and reliability of its digital procurement services, ensuring real-time certificate validation and 24/7 system availability for mission-critical operations.

FedRAMP High Authorized: Nothing less guarantees ZTA compliance

Zero Trust Architecture (ZTA) provides a path to modernization prior to cyber attacks. This article outlines the benefits of FedRAMP High to protect data as the federal government pushes to modernize and agencies race to adopt cloud solutions.

MARKET TRENDS REPORT: How Government Can Elevate Its Approach to Zero Trust

A zero-trust architecture (ZTA) security approach is essential for federal agencies in today’s cyber landscape. This Market Trends Report discusses the factors that hinder Zero Trust and explains how modern, automated tools can help organizations gain a maximum-security advantage.

Authors: Commvault, GovLoop 

Simplifying Data + AI so Federal Agencies can Deliver Better Public Services to Citizens

Building a smarter and more innovative Federal Government starts by unlocking the power of data analytics and machine learning. Recent executive mandates from the IT Modernization Act to the Federal Data Strategy and AI Executive Order, have laid the blueprint for federal agencies to modernize their data analytics capabilities to deliver on their mission outcomes faster while providing a better citizen experience.

Federal Agencies Meet Executive Order 14028 with Delinea PAM

Review this Delinea whitepaper to see how Executive Order 14028 forced federal agencies to take immediate action to secure the nation's cybersecurity.

Privileged Access Management for Government Agencies

Read this whitepaper to learn how Deliena's Secret Server can allow agencies to adopt an aggressive PAM model.

Achieving the Pillars of Zero Trust at Federal Agencies

Download this eBook to learn how Dynatrace's continuous observability transforms basic visibility into intelligent insights, enhancing cybersecurity for federal agencies. The eBook addresses the CISA/DoD zero trust pillars, integrating visibility, AI-powered observability and automation to establish a real-time zero trust architecture.

Accelerate Your Mission with Elastic as a Global Data Mesh

Public sector organizations can securely unlock the full value of their data without the limitations of centralized data warehouses by leveraging Elastic as a data mesh layer. This empowers them to access and analyze all data in place, regardless of location, format, or source, while maintaining robust security and compliance. This distributed data architecture enables faster, deeper insights into operations, leading to more informed and agile decision-making.

F5 Web Application Firewalls (WAFs) for Dummies

Web app attacks are a leading cause of security incidents and data breaches.1 As traditional apps are modernized, attackers target the digital endpoints that serve as a conduit to critical business logic—APIs. How can a web application firewall (WAF) help? What does a web application firewall really do? What threats and risks can it protect against? The WAFs for Dummies eBook details how a WAF can protect your apps and APIs in the way that works best for your business.

Authors: Lawrence Miller, CISSP ; Chad Wise, Principal Solutions Engineer, F5 ; Matthew Wedlow, Solutions Engineer, F5

Government Supply Chain Cybersecurity in 2024

This Fortra blog discusses the evolving challenges and strategies for improving cybersecurity in government supply chains in 2024. The blog highlights key risks, emerging threats, and best practices for securing critical infrastructure and sensitive data within the public sector's supply chain ecosystem.

Author: Antonio Sanchez, Principal Cybersecurity Evangelist

The National Park Service goes from paper to pixels

By learning from their legacy, the NPS app invites a broader community and a new generation to experience and protect America’s cultural and historical heritage.

Author: Jenny Xie - Content Strategist

Strategic Behaviors and Mindsets of Design Executives

Explore how design leaders at companies such as Cisco, CNN, Target, and Warner Music Group, create impact in this whitepaper produced by the Design Executive Council (DXC).

Author: DXC Research

Illumio at Tactical Edge

Discover how Illumio’s Zero Trust Segmentation delivers unparalleled security for tactical environments. From safeguarding ships at sea to pre-configuring mission-critical assets, this resource reveals how to stop breaches, maintain resilience in disconnected networks and keep attackers at bay.

Mapping Illumio to the Department of Defense Zero Trust

Illumio integrates the Department of Defense's Zero Trust Reference Architecture, ensuring robust security across all pillars through comprehensive visualization and policy enforcement.

Mobile Threat Landscape Report: Q3 2024

The Lookout Threat Lab's Q3 2024 report highlights a rapidly evolving mobile threat landscape, with notable increases in enterprise-focused phishing, malicious app detections, and unique vulnerabilities exposing iOS devices to greater phishing and web content threats than Android. Backed by AI-driven analysis of over 220 million devices and 360 million apps, the report underscores the urgent need to integrate mobile security into enterprise strategies to counter advanced threats, including those from nation-state-linked APT groups.

The Top 5 Signals Your Company is Prioritizing Compliance Over Actual Security

In today's digital age, companies often prioritize compliance certifications like FedRAMP and SOC 2 over actual security, creating potential risks. This article highlights five signs that an organization’s security strategy may be lacking and emphasizes the importance of aligning security efforts with compliance to effectively manage risks and enhance protection.

Author: Kenny Scott, CEO

Cost of CMMC in 2025

Starting in 2025, businesses handling Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) must obtain CMMC certification. This article provides a breakdown of the costs associated with CMMC certification, including price ranges for each level, gap assessments, documentation, and ongoing compliance, to help businesses prepare for the certification process

Author: Becki Johnson, Sr. Copywiter

Government Agencies Test, yet Wary of Adopting Generative AI Recent webinar participants have mixed feelings on the Advent of GenAI

Recently, Portal26 participated in a webinar with nearly 400 federal, state and local government cybersecurity professionals on the risks and rewards of Generative AI. During the webinar, participants were asked a few survey questions. This blog outlines the survey's interesting and sometimes surprising results, showing government agencies have mixed feelings as they adopt Generative AI.

BYOAI & Shadow AI: Threats, Innovation & Risk Management

The unsanctioned usage of AI technology, referred to as shadow AI, is an ongoing challenge that agencies face. Employees don’t always participate in shadow AI with the awareness of it being a breach of internal governance standards. In these instances, employees may be carrying out meaningful research in order to find the tools that would serve the biggest benefits for their job. We’re describing this scenario as ‘BYOAI’ – bring your own AI, where unsanctioned usage comes as a result of employees that are using their own initiative or curiosity; but it still leaves agencies in a difficult position.

VAST Cyber Lakehouse

This document explores the key features, benefits, scalability, and data storage capabilities of the VAST Cyber Lakehouse, emphasizing its role in achieving real-time continuous vigilance in the realm of cybersecurity.

VAST Data Platform for Zero Trust

The document highlights the importance of Zero Trust principles in cybersecurity, with the VAST Data Platform highlighting this shift through its advanced features and design, aligning with federal mandates for modernizing cybersecurity strategies.