DoD's $18.2M Tanium Software Purchase: Air Force taps Carahsoft for endpoint security

Contract Overview

Contract Amount: $18,238,080 ($18.2M)

Contractor: Carahsoft Technology Corp

Awarding Agency: Department of Defense

Start Date: 2024-09-27

End Date: 2025-09-27

Contract Duration: 365 days

Daily Burn Rate: $50.0K/day

Competition Type: COMPETED UNDER SAP

Number of Offers Received: 1

Pricing Type: FIRM FIXED PRICE

Sector: IT

Official Description: TANIUM SOFTWARE PURCHASE.

Place of Performance

Location: HANSCOM AFB, MIDDLESEX County, MASSACHUSETTS, 01731

State: Massachusetts Government Spending

Plain-Language Summary

Department of Defense obligated $18.2 million to CARAHSOFT TECHNOLOGY CORP for work described as: TANIUM SOFTWARE PURCHASE. Key points: 1. Value for money assessed through comparison with similar software procurements. 2. Competition dynamics indicate a BPA Call under a MAS contract. 3. Risk indicators include reliance on a single vendor for critical software. 4. Performance context is endpoint security for the Air Force. 5. Sector positioning within IT software procurement, specifically endpoint management.

Value Assessment

Rating: fair

The contract value of $18.2M for Tanium software over one year appears within a reasonable range for enterprise-level endpoint security solutions. However, without specific details on the modules and user count, a precise value-for-money assessment is challenging. Benchmarking against other government or commercial procurements of similar Tanium deployments would provide better context. The firm-fixed-price nature offers cost certainty, but potential overspending could occur if the software is not fully utilized or if more cost-effective alternatives exist.

Cost Per Unit: N/A

Competition Analysis

Competition Level: limited

This contract was awarded as a BPA Call under a General Services Administration (GSA) Multiple Award Schedule (MAS) contract. While MAS contracts are generally competed, the specific call-off to Carahsoft Technology Corp may have had limited competition depending on the specific terms of the underlying BPA and the availability of other MAS-contracted vendors offering Tanium or comparable solutions. The reliance on a specific vendor's product through a BPA call can sometimes limit direct price competition at the task order level.

Taxpayer Impact: The limited competition at the BPA Call level means taxpayers may not benefit from the lowest possible pricing that a broader, more open competition could yield. However, the use of a pre-competed MAS contract provides some level of oversight and established pricing.

Public Impact

The primary beneficiaries are the Department of the Air Force, gaining enhanced endpoint security capabilities. The service delivered is critical cybersecurity software for managing and securing endpoints. The geographic impact is likely Air Force-wide, supporting its digital infrastructure. Workforce implications include IT security personnel who will utilize and manage the Tanium software.

Waste & Efficiency Indicators

Waste Risk Score: 50 / 10

Warning Flags

• Potential for vendor lock-in with a single software provider.
• Reliance on Carahsoft as an intermediary may add cost.
• Limited visibility into the specific competitive process for this BPA Call.

Positive Signals

• Procurement through a GSA MAS contract leverages existing competition.
• Tanium is a recognized leader in endpoint security, suggesting a capable solution.
• Firm-fixed-price contract provides budget certainty.

Sector Analysis

This contract falls within the Information Technology sector, specifically the software publishers sub-sector. The market for endpoint security solutions is highly competitive, with numerous vendors offering a range of products from antivirus to advanced threat detection and response. Government spending in this area is substantial, driven by the need to protect sensitive data and critical infrastructure. Comparable spending benchmarks would involve analyzing other large-scale endpoint security software purchases by federal agencies.

Small Business Impact

The contract was awarded to Carahsoft Technology Corp, a large reseller. While Carahsoft does engage with small businesses for subcontracting, this specific award does not appear to be a small business set-aside. The primary impact on small businesses would be through potential subcontracting opportunities with Carahsoft, rather than direct award. Analysis of Carahsoft's subcontracting plans would be needed to fully assess the impact.

Oversight & Accountability

Oversight is provided through the GSA MAS program, which establishes pre-negotiated contract terms and pricing. The Department of the Air Force will oversee the performance and utilization of the software. Transparency is facilitated by contract databases like FPDS, though specific details of the BPA Call competition may be limited. Inspector General jurisdiction would apply if any fraud, waste, or abuse is suspected.

Related Government Programs

• Cybersecurity Software Procurement
• Endpoint Detection and Response (EDR)
• IT Infrastructure Modernization
• GSA Multiple Award Schedule (MAS) Contracts
• Department of Defense IT Spending

Risk Flags

• Limited Competition
• Potential Vendor Lock-in
• Reliance on Reseller

Tags

it, defense, department-of-defense, department-of-the-air-force, software, endpoint-security, carahsoft-technology-corp, tanium, competed-under-sap, bpa-call, firm-fixed-price, mas-contract

Frequently Asked Questions

What is this federal contract paying for?

Department of Defense awarded $18.2 million to CARAHSOFT TECHNOLOGY CORP. TANIUM SOFTWARE PURCHASE.

Who is the contractor on this award?

The obligated recipient is CARAHSOFT TECHNOLOGY CORP.

Which agency awarded this contract?

Awarding agency: Department of Defense (Department of the Air Force).

What is the total obligated amount?

The obligated amount is $18.2 million.

What is the period of performance?

Start: 2024-09-27. End: 2025-09-27.

What is the track record of Carahsoft Technology Corp in fulfilling similar large-scale software procurements for the Department of Defense?

Carahsoft Technology Corp is a major reseller of IT solutions to the U.S. government, including the Department of Defense. They frequently leverage GSA Schedules, including MAS, to provide software and hardware to various agencies. Their business model relies on partnering with software manufacturers and then selling those products to government entities. For large-scale procurements, Carahsoft's track record is generally strong in terms of administrative fulfillment and delivery, as they act as a conduit. However, the ultimate performance and value of the software itself depend on the manufacturer (Tanium in this case) and the specific implementation by the end-user agency. Their extensive experience means they are adept at navigating government procurement regulations and processes for software acquisition.

How does the $18.2M price compare to other federal procurements of Tanium software or similar endpoint security solutions?

A direct comparison of the $18.2M price for this one-year contract requires detailed knowledge of the specific Tanium modules, user licenses, and support levels included. Tanium is a premium endpoint security solution, and its pricing can vary significantly based on deployment scale and features. Generally, enterprise-wide endpoint security suites for large organizations like the Air Force can range from tens to hundreds of millions of dollars annually. To benchmark effectively, one would need to compare this contract's per-user or per-endpoint cost against other federal or large commercial contracts for Tanium, or against comparable solutions from competitors like CrowdStrike, SentinelOne, or Microsoft Defender for Endpoint, considering similar feature sets and contract durations.

What are the primary risks associated with this contract, beyond standard software procurement risks?

Key risks include potential vendor lock-in, as Tanium is a specialized solution, making it difficult and costly to switch providers later. There's also a risk of underutilization or over-provisioning of licenses if the Air Force's actual needs change or if the software's capabilities are not fully leveraged, leading to wasted expenditure. Reliance on Carahsoft as the reseller, while standard practice, introduces a layer that could potentially increase costs compared to direct purchasing if available. Furthermore, the effectiveness of endpoint security is highly dependent on proper configuration and ongoing management, so risks related to implementation and sustainment by the Air Force personnel are significant.

What is the expected program effectiveness or impact of this Tanium software purchase for the Air Force?

The expected effectiveness of this Tanium software purchase is to significantly enhance the Air Force's endpoint security posture. Tanium is known for its ability to provide real-time visibility and control over a vast number of endpoints, enabling rapid detection and response to threats, vulnerability management, and patch deployment. For the Air Force, this translates to improved resilience against cyberattacks, better compliance with security mandates, and potentially reduced incident response times. The program's success will hinge on effective deployment, integration with existing security infrastructure, and the proficiency of the personnel managing the system.

What are the historical spending patterns for endpoint security software within the Department of Defense or the Air Force?

Historical spending patterns for endpoint security within the DoD and Air Force show a consistent and increasing trend over the past decade. Agencies have progressively moved towards more advanced solutions beyond traditional antivirus, investing heavily in EDR, Extended Detection and Response (XDR), and Security Information and Event Management (SIEM) tools. Budgets for cybersecurity software are substantial, often running into hundreds of millions or even billions across the DoD annually, reflecting the critical nature of cyber defense. Spending is often driven by evolving threat landscapes, new technological capabilities, and compliance requirements. Contracts for solutions like Tanium, CrowdStrike, and Microsoft's security suite are common.

What level of competition is typical for enterprise endpoint security software procurements within the federal government?

Enterprise endpoint security software procurements within the federal government typically see a range of competition levels. Larger, more strategic buys might involve full and open competition or significant pre-qualification rounds to identify capable vendors. However, many procurements, especially for established solutions or through existing contract vehicles like GSA MAS, can result in limited competition. This often occurs when agencies have a specific product in mind, rely on existing enterprise agreements, or utilize IDIQ vehicles where only a subset of vendors can provide the required solution. The use of BPA Calls, as seen here, often implies a pre-competed base contract but potentially limited competition at the call order level, depending on the number of vendors on the BPA.

Industry Classification

NAICS: Information › Software Publishers › Software Publishers

Product/Service Code: IT AND TELECOM - APLLICATIONS

Competition & Pricing

Extent Competed: COMPETED UNDER SAP

Solicitation Procedures: SIMPLIFIED ACQUISITION

Offers Received: 1

Pricing Type: FIRM FIXED PRICE (J)

Evaluated Preference: NONE

Contractor Details

Address: 11493 SUNSET HILLS RD, RESTON, VA, 20190

Business Categories: Category Business, Corporate Entity Not Tax Exempt, Not Designated a Small Business, Special Designations, U.S.-Owned Business

Financial Breakdown

Contract Ceiling: $18,238,080

Exercised Options: $18,238,080

Current Obligation: $18,238,080

Contract Characteristics

Commercial Item: COMMERCIAL PRODUCTS/SERVICES

Parent Contract

Parent Award PIID: N6600123A0049

IDV Type: BPA

Timeline

Start Date: 2024-09-27

Current End Date: 2025-09-27

Potential End Date: 2025-09-27 00:00:00

Last Modified: 2025-05-27

More Contracts from Carahsoft Technology Corp

• Current Sources of Income and Employment Verification Service (CSI) — $465.0M (Department of Health and Human Services)
• Current Sources of Income and Employment Verification — $368.5M (Department of Health and Human Services)
• Usda Disc Enterprise Wide Salesforce Software&support Services — $294.8M (Department of Agriculture)
• This Delivery Order Will Provide Commercial OFF the Shelf Brand Name SAP Enterprise Resource Planning Software Licenses, Tightly Integrated Dependent Third Party Software Licenses, and Associated Maintenance — $240.7M (Department of Defense)
• Initial Order OFF Idiq Contract W519tc23d0005 for Service NOW Licenses — $204.3M (Department of Defense)

View all Carahsoft Technology Corp federal contracts →

Other Department of Defense Contracts

• Federal Contract — $51.3B (Humana Government Business Inc)
• Lrip LOT 12 Advance Acquisition Contract — $35.1B (Lockheed Martin Corporation)
• SSN 802 and 803 Long Lead Time Material — $34.7B (Electric Boat Corporation)
• 200204!008532!1700!AF600 !naval AIR Systems Command !N0001902C3002 !A!N! !N! !20011026!20120430!008016958!008016958!834951691!n!lockheed Martin Corporation !lockheed Blvd !fort Worth !tx!76108!27000!439!48!fort Worth !tarrant !texas !+000026000000!n!n!018981928201!ac15!rdte/Aircraft-Eng/Manuf Develop !a1a!airframes and Spares !2ama!jast/Jsf !336411!E! !3! ! ! ! ! !99990909!B! ! !A! !a!n!r!2!002!n!1a!a!n!z! ! !N!C!N! ! ! !a!a!a!a!000!a!c!n! ! ! !Y! !N00019!0001! — $34.2B (Lockheed Martin Corporation)
• KC-X Modernization Program — $32.0B (THE Boeing Company)

View all Department of Defense contracts →

Explore Related Government Spending