[{"data":1,"prerenderedAt":482},["ShallowReactive",2],{"/en-us/the-source/ai/ai-for-government-software-teams-without-compromise":3,"footer-en-us":33,"the-source-banner-en-us":367,"the-source-navigation-en-us":373,"article-site-categories-en-us":396,"the-source-newsletter-en-us":398,"ai-for-government-software-teams-without-compromise-article-hero-category-en-us":406,"ai-for-government-software-teams-without-compromise-the-source-source-cta-en-us":432,"ai-for-government-software-teams-without-compromise-category-en-us":440,"ai-for-government-software-teams-without-compromise-the-source-resources-en-us":453},{"id":4,"title":5,"body":6,"category":7,"config":8,"content":13,"description":6,"extension":23,"meta":24,"navigation":25,"path":26,"seo":27,"slug":29,"stem":30,"type":31,"__hash__":32},"theSource/en-us/the-source/ai/ai-for-government-software-teams-without-compromise.yml","Ai For Government Software Teams Without Compromise",null,"ai",{"layout":9,"template":10,"featured":11,"gatedAsset":12},"the-source","TheSourceArticle",false,"modernizing-devsecops-for-secure-environments-with-gitlab-duo-agent-platform",{"date":14,"title":15,"description":16,"heroImage":17,"keyTakeaways":18,"articleBody":22},"2026-04-17","AI for government software teams, without compromise","Learn how government agencies can adopt AI-powered DevSecOps in air-gapped and self-hosted environments without compromising security or compliance.","https://res.cloudinary.com/about-gitlab-com/image/upload/v1752687563/vda4ouljcsv1z63bvs2p.png",[19,20,21],"Government agencies don't have to choose between AI adoption and security. Self-hosted AI infrastructure keeps all data and workflows within your secure environment, satisfying even the most stringent compliance frameworks.","A self-hosted AI gateway and agent platform work together to deliver intelligent automation across the full software development lifecycle, from code generation and test generation to vulnerability detection, without external connectivity.","By deploying AI models on existing infrastructure, agencies can accelerate legacy system modernization, reduce technical debt, and improve team productivity without incurring additional cloud costs or usage-based pricing constraints.","For government agencies, the pressure to modernize is real. Shrinking development teams, aging legacy systems, and an expanding software threat landscape have moved AI-powered tools to the top of the modernization agenda. At the same time, the security requirements governing how agencies handle sensitive data haven't changed.\n\nThe result is a practical tension many CTOs and CIOs know well. Cloud-based AI tools promise efficiency gains, but they introduce data exposure risks that conflict with compliance frameworks like NIST SP 800-53, ICD 503, and CNSSI 1253\\. For agencies operating in air-gapped or self-managed environments, that tension is especially difficult to navigate.\n\nThis guide examines how a self-hosted AI approach resolves that tension, giving agencies a path to adopt AI-powered DevSecOps capabilities without exposing sensitive data to external networks.\n\n## What’s inside\nThe guide walks through the specific security and compliance challenges government organizations face when adopting AI tools: the risks of conventional cloud architectures, the growing importance of data sovereignty as federal AI policy evolves, and the compliance gaps created by the limited transparency of standard large language models.\n\nIt also covers the technical architecture behind a self-hosted AI deployment. You'll see how a self-hosted AI gateway and agent platform work together to keep all AI operations within your enterprise boundary, how authentication and access controls function without external synchronization, and how composite identity frameworks ensure that AI agents operate with appropriate permissions across your software development lifecycle.\n\n## Why now\nFederal AI policy has shifted decisively toward accelerated adoption. Executive Order 14179 established AI as central to maintaining U.S. technological leadership, placing new pressure on agencies to deploy AI at scale while maintaining control over sensitive data. At the same time, a 2025 GAO report identified 69 federal legacy systems requiring modernization, with 11 deemed most critical. Many of those systems run outdated languages like COBOL and carry known cybersecurity vulnerabilities.\n\nSelf-hosted AI offers a practical path through both challenges. By running models on your existing infrastructure, you can accelerate modernization of legacy codebases, reduce technical debt, and support leaner teams managing broader workloads — without routing sensitive data through external cloud services or exposing it to third-party model training.\n\n## From compliance to capability\nBeyond security, the guide outlines how AI integration across the software development lifecycle delivers operational benefits, including faster vulnerability detection and resolution, smarter CI/CD pipeline troubleshooting, and meaningful time savings on routine documentation and coordination. Self-hosted deployment also eliminates usage-based pricing constraints, letting agencies run AI models at scale without accumulating additional API costs.\n\nThe guide also covers the range of supported model architectures, from open-source models deployable in fully air-gapped environments to options for private cloud deployments on trusted platforms. Understanding these configurations can help you assess which approach aligns best with your agency's security requirements and infrastructure investments.\n\n## Download the guide\nIf your agency is evaluating AI tools for secure or regulated environments, this guide provides the technical and strategic grounding to make an informed decision. Download the full whitepaper to see how a self-hosted approach to AI can support your modernization goals without compromising your security posture.","yml",{},true,"/en-us/the-source/ai/ai-for-government-software-teams-without-compromise",{"config":28,"title":15,"description":16},{"noIndex":11},"ai-for-government-software-teams-without-compromise","en-us/the-source/ai/ai-for-government-software-teams-without-compromise","guide","uAWpa6qLp8jZsIWts7fXV_gIYc3rk6YYv7bC-8xfH2Y",{"data":34},{"text":35,"source":36,"edit":42,"contribute":47,"config":52,"items":57,"minimal":356},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":37,"config":38},"View page source",{"href":39,"dataGaName":40,"dataGaLocation":41},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":43,"config":44},"Edit this page",{"href":45,"dataGaName":46,"dataGaLocation":41},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":48,"config":49},"Please contribute",{"href":50,"dataGaName":51,"dataGaLocation":41},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":53,"facebook":54,"youtube":55,"linkedin":56},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[58,115,172,231,294],{"title":59,"links":60,"subMenu":76},"Pricing",[61,66,71],{"text":62,"config":63},"View plans",{"href":64,"dataGaName":65,"dataGaLocation":41},"/pricing/","view plans",{"text":67,"config":68},"Why Premium?",{"href":69,"dataGaName":70,"dataGaLocation":41},"/pricing/premium/","why premium",{"text":72,"config":73},"Why Ultimate?",{"href":74,"dataGaName":75,"dataGaLocation":41},"/pricing/ultimate/","why ultimate",[77],{"title":78,"links":79},"Contact Us",[80,85,90,95,100,105,110],{"text":81,"config":82},"Contact sales",{"href":83,"dataGaName":84,"dataGaLocation":41},"/sales/","sales",{"text":86,"config":87},"Support portal",{"href":88,"dataGaName":89,"dataGaLocation":41},"https://support.gitlab.com","support portal",{"text":91,"config":92},"Customer portal",{"href":93,"dataGaName":94,"dataGaLocation":41},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"text":96,"config":97},"Status",{"href":98,"dataGaName":99,"dataGaLocation":41},"https://status.gitlab.com/","status",{"text":101,"config":102},"Terms of use",{"href":103,"dataGaName":104,"dataGaLocation":41},"/terms/","terms of use",{"text":106,"config":107},"Privacy statement",{"href":108,"dataGaName":109,"dataGaLocation":41},"/privacy/","privacy statement",{"text":111,"config":112},"Cookie preferences",{"dataGaName":113,"dataGaLocation":41,"id":114,"isOneTrustButton":25},"cookie preferences","ot-sdk-btn",{"title":116,"links":117,"subMenu":128},"Product",[118,123],{"text":119,"config":120},"DevSecOps platform",{"href":121,"dataGaName":122,"dataGaLocation":41},"/platform/","devsecops platform",{"text":124,"config":125},"AI-Assisted Development",{"href":126,"dataGaName":127,"dataGaLocation":41},"/gitlab-duo-agent-platform/","ai-assisted development",[129],{"title":130,"links":131},"Topics",[132,137,142,147,152,157,162,167],{"text":133,"config":134},"CICD",{"href":135,"dataGaName":136,"dataGaLocation":41},"/topics/ci-cd/","cicd",{"text":138,"config":139},"GitOps",{"href":140,"dataGaName":141,"dataGaLocation":41},"/topics/gitops/","gitops",{"text":143,"config":144},"DevOps",{"href":145,"dataGaName":146,"dataGaLocation":41},"/topics/devops/","devops",{"text":148,"config":149},"Version Control",{"href":150,"dataGaName":151,"dataGaLocation":41},"/topics/version-control/","version control",{"text":153,"config":154},"DevSecOps",{"href":155,"dataGaName":156,"dataGaLocation":41},"/topics/devsecops/","devsecops",{"text":158,"config":159},"Cloud Native",{"href":160,"dataGaName":161,"dataGaLocation":41},"/topics/cloud-native/","cloud native",{"text":163,"config":164},"AI for Coding",{"href":165,"dataGaName":166,"dataGaLocation":41},"/topics/devops/ai-for-coding/","ai for coding",{"text":168,"config":169},"Agentic AI",{"href":170,"dataGaName":171,"dataGaLocation":41},"/topics/agentic-ai/","agentic ai",{"title":173,"links":174},"Solutions",[175,179,184,189,194,198,203,206,211,216,221,226],{"text":176,"config":177},"Application Security Testing",{"href":178,"dataGaName":176,"dataGaLocation":41},"/solutions/application-security-testing/",{"text":180,"config":181},"Automated software delivery",{"href":182,"dataGaName":183,"dataGaLocation":41},"/solutions/delivery-automation/","automated software delivery",{"text":185,"config":186},"Agile development",{"href":187,"dataGaName":188,"dataGaLocation":41},"/solutions/agile-delivery/","agile delivery",{"text":190,"config":191},"SCM",{"href":192,"dataGaName":193,"dataGaLocation":41},"/solutions/source-code-management/","source code management",{"text":133,"config":195},{"href":196,"dataGaName":197,"dataGaLocation":41},"/solutions/continuous-integration/","continuous integration & delivery",{"text":199,"config":200},"Value stream management",{"href":201,"dataGaName":202,"dataGaLocation":41},"/solutions/value-stream-management/","value stream management",{"text":138,"config":204},{"href":205,"dataGaName":141,"dataGaLocation":41},"/solutions/gitops/",{"text":207,"config":208},"Enterprise",{"href":209,"dataGaName":210,"dataGaLocation":41},"/enterprise/","enterprise",{"text":212,"config":213},"Small business",{"href":214,"dataGaName":215,"dataGaLocation":41},"/small-business/","small business",{"text":217,"config":218},"Public sector",{"href":219,"dataGaName":220,"dataGaLocation":41},"/solutions/public-sector/","public sector",{"text":222,"config":223},"Education",{"href":224,"dataGaName":225,"dataGaLocation":41},"/solutions/education/","education",{"text":227,"config":228},"Financial services",{"href":229,"dataGaName":230,"dataGaLocation":41},"/solutions/finance/","financial services",{"title":232,"links":233},"Resources",[234,239,244,249,254,259,264,269,274,279,284,289],{"text":235,"config":236},"Install",{"href":237,"dataGaName":238,"dataGaLocation":41},"/install/","install",{"text":240,"config":241},"Quick start guides",{"href":242,"dataGaName":243,"dataGaLocation":41},"/get-started/","quick setup checklists",{"text":245,"config":246},"Learn",{"href":247,"dataGaName":248,"dataGaLocation":41},"https://university.gitlab.com/","learn",{"text":250,"config":251},"Product documentation",{"href":252,"dataGaName":253,"dataGaLocation":41},"https://docs.gitlab.com/","docs",{"text":255,"config":256},"Blog",{"href":257,"dataGaName":258,"dataGaLocation":41},"/blog/","blog",{"text":260,"config":261},"Customer success stories",{"href":262,"dataGaName":263,"dataGaLocation":41},"/customers/","customer success stories",{"text":265,"config":266},"Remote",{"href":267,"dataGaName":268,"dataGaLocation":41},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"text":270,"config":271},"GitLab Services",{"href":272,"dataGaName":273,"dataGaLocation":41},"/services/","services",{"text":275,"config":276},"Community",{"href":277,"dataGaName":278,"dataGaLocation":41},"/community/","community",{"text":280,"config":281},"Forum",{"href":282,"dataGaName":283,"dataGaLocation":41},"https://forum.gitlab.com/","forum",{"text":285,"config":286},"Events",{"href":287,"dataGaName":288,"dataGaLocation":41},"/events/","events",{"text":290,"config":291},"Partners",{"href":292,"dataGaName":293,"dataGaLocation":41},"/partners/","partners",{"title":295,"links":296},"Company",[297,302,307,312,317,322,327,331,336,341,346,351],{"text":298,"config":299},"About",{"href":300,"dataGaName":301,"dataGaLocation":41},"/company/","company",{"text":303,"config":304},"Jobs",{"href":305,"dataGaName":306,"dataGaLocation":41},"/jobs/","jobs",{"text":308,"config":309},"Leadership",{"href":310,"dataGaName":311,"dataGaLocation":41},"/company/team/e-group/","leadership",{"text":313,"config":314},"Team",{"href":315,"dataGaName":316,"dataGaLocation":41},"/company/team/","team",{"text":318,"config":319},"Handbook",{"href":320,"dataGaName":321,"dataGaLocation":41},"https://handbook.gitlab.com/","handbook",{"text":323,"config":324},"Investor relations",{"href":325,"dataGaName":326,"dataGaLocation":41},"https://ir.gitlab.com/","investor relations",{"text":328,"config":329},"Sustainability",{"href":330,"dataGaName":328,"dataGaLocation":41},"/sustainability/",{"text":332,"config":333},"Diversity, inclusion and belonging (DIB)",{"href":334,"dataGaName":335,"dataGaLocation":41},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":337,"config":338},"Trust Center",{"href":339,"dataGaName":340,"dataGaLocation":41},"/security/","trust center",{"text":342,"config":343},"Newsletter",{"href":344,"dataGaName":345,"dataGaLocation":41},"/company/contact/#contact-forms","newsletter",{"text":347,"config":348},"Press",{"href":349,"dataGaName":350,"dataGaLocation":41},"/press/","press",{"text":352,"config":353},"Modern Slavery Transparency Statement",{"href":354,"dataGaName":355,"dataGaLocation":41},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"items":357},[358,361,364],{"text":359,"config":360},"Terms",{"href":103,"dataGaName":104,"dataGaLocation":41},{"text":362,"config":363},"Cookies",{"dataGaName":113,"dataGaLocation":41,"id":114,"isOneTrustButton":25},{"text":365,"config":366},"Privacy",{"href":108,"dataGaName":109,"dataGaLocation":41},{"visibility":25,"title":368,"button":369},"The Intelligent Software Development Era: How AI is reshaping DevSecOps teams",{"config":370,"text":372},{"href":371},"/resources/developer-survey/","Get the research report",{"logo":374,"subscribeLink":379,"navItems":383},{"altText":375,"config":376},"the source logo",{"src":377,"href":378},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1750191004/t7wz1klfb2kxkezksv9t.svg","/the-source/",{"text":380,"config":381},"Subscribe",{"href":382},"#subscribe",[384,388,392],{"text":385,"config":386},"Artificial Intelligence",{"href":387},"/the-source/ai/",{"text":389,"config":390},"Security & Compliance",{"href":391},"/the-source/security/",{"text":393,"config":394},"Platform & Infrastructure",{"href":395},"/the-source/platform/",{"categoryNames":397},{"ai":385,"platform":393,"security":389},{"title":399,"description":400,"submitMessage":401,"formData":402},"The Source Newsletter","Stay updated with insights for the future of software development.","You have successfully signed up for The Source’s newsletter.",{"config":403},{"formId":404,"skeletonFieldCount":405,"formName":345,"hideRequiredLabel":25},1077,3,{"id":407,"title":408,"body":6,"category":6,"config":409,"content":410,"description":6,"extension":23,"meta":426,"navigation":25,"path":427,"seo":428,"slug":7,"stem":429,"testContent":6,"type":430,"__hash__":431},"pages/en-us/the-source/ai/index.yml","",{"layout":9},[411,418],{"componentName":412,"type":412,"componentContent":413},"TheSourceCategoryHero",{"title":385,"description":414,"image":415},"Explore expert insights on how AI is transforming software development, and how organizations can get the most out of their AI investments.",{"config":416},{"src":417},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463300/eoudcbj5aoucl0spsp0c.png",{"componentName":419,"type":419,"componentContent":420},"TheSourceCategoryMainSection",{"config":421},{"sourceCTAs":422},[423,424,425],"source-lp-how-to-get-started-using-ai-in-software-development","navigating-ai-maturity-in-devsecops","source-lp-ai-guide-for-enterprise-leaders-building-the-right-approach",{},"/en-us/the-source/ai",{"title":385,"description":414,"ogImage":417},"en-us/the-source/ai/index","category","wtQi5a4Yy8rZpv9pRFgz-LgiIdSY188tyR5WwsQyl-w",{"title":433,"config":434,"link":437},"Modernizing DevSecOps for secure environments with GitLab Duo Agent Platform",{"formId":435,"utmCampaign":436,"slug":12},"1002","eg_global_cmp_gated-content_ai_en_modernizedevsecopspubsec",{"config":438},{"href":439},"https://learn.gitlab.com/the-source-ai/whitepaper-modernize-devsecops-dap-pubsec",{"id":407,"title":408,"body":6,"category":6,"config":441,"content":442,"description":6,"extension":23,"meta":451,"navigation":25,"path":427,"seo":452,"slug":7,"stem":429,"testContent":6,"type":430,"__hash__":431},{"layout":9},[443,447],{"componentName":412,"type":412,"componentContent":444},{"title":385,"description":414,"image":445},{"config":446},{"src":417},{"componentName":419,"type":419,"componentContent":448},{"config":449},{"sourceCTAs":450},[423,424,425],{},{"title":385,"description":414,"ogImage":417},[454,464,473],{"config":455,"title":456,"description":457,"link":458},{"slug":424},"Navigating AI maturity in DevSecOps","Read our survey findings from more than 5,000 DevSecOps professionals worldwide for insights on how organizations are incorporating AI into the software development lifecycle.",{"text":459,"config":460},"Read the report",{"href":461,"dataGaName":462,"dataGaLocation":463},"/resources/developer-survey/2024/ai/","Navigating AI Maturity in DevSecOps","thesource",{"config":465,"title":466,"description":467,"link":468},{"slug":425},"AI guide for enterprise leaders: Building the right approach","Download our guide for enterprise leaders to learn how to prepare your C-suite, executive leadership, and development teams for what AI can do today — and will do in the near future — to accelerate software development.",{"text":469,"config":470},"Read the guide",{"href":471,"dataGaName":472,"dataGaLocation":463},"/the-source/ai/ai-guide-for-enterprise-leaders-building-the-right-approach/","AI Guide For Enterprise Leaders: Building the Right Approach",{"config":474,"title":475,"description":476,"link":477},{"slug":423},"How to get started using AI in software development","Learn how to strategically implement AI to boost efficiency, security, and reduce context switching. Empower every member of your team with AI capabilities.",{"text":478,"config":479},"Download the guide",{"href":480,"dataGaName":481,"dataGaLocation":463},"/the-source/ai/getting-started-with-ai-in-software-development-a-guide-for-leaders/","How to Get Started Using AI in Software Development",1777404575060]