Federal employees used over 1,200 distinct AI tools in 2024 — most without ATO, FedRAMP authorization, or CUI handling agreements. Our 16,024+ classified AI-tool domains give government IT teams the enforcement layer that executive orders, FISMA, and NIST frameworks require.
Federal AI governance is now directive, time-bound, and enforceable. Two landmark directives created the most comprehensive AI governance requirements ever issued.
Procured AI systems like contract management tools and ML-powered cybersecurity platforms. These appear in procurement records.
AI chatbots, coding assistants, and summarization tools accessed via standard web browsers on government networks.
OMB M-24-10 explicitly requires agencies to maintain inventories of AI use, including AI accessed through third-party services. Browser-based AI tools are third-party services — if they are not inventoried, the agency is out of compliance.
The AI Tools Blocklist closes this gap. Deploy 16,024+ classified AI-tool domains against agency DNS and proxy infrastructure to discover, block, and audit every AI tool.
Cybersecurity + AI governance convergence: For agencies where the CAIO sits within the CIO's office, the same infrastructure enforcing cybersecurity policy can enforce AI governance policy. This is the operational model OMB expects.
Any cloud service processing federal information must hold a FedRAMP ATO. Most AI tools are cloud-based, meaning browser access equals unauthorized cloud service usage.
The arithmetic is clear: the overwhelming majority of AI tools lack FedRAMP authorization. Without technical enforcement, agencies rely entirely on employee compliance — every CISO knows that is inadequate.
Authorization level determines what data the tool may process. Category-level controls require the granular domain classification the AI Tools Blocklist provides.
StateRAMP provides a standardized framework modeled on FedRAMP. Adoption is voluntary and varies significantly by state.
Block the domains first, then work backwards to authorize tools through whatever governance process the state employs.
The NIST AI RMF 1.0 is effectively mandatory for federal agencies through OMB M-24-10. It organizes AI risk management into four core functions.
Establish policies and accountability structures for AI.
Contextualize AI risks across your organization.
Quantitative and qualitative AI risk assessment.
Implement controls that mitigate identified risks.
AI tools accessed on government networks are external information systems. Under NIST SP 800-53 control SA-9, agencies must establish trust relationships and monitor continuously.
Unsanctioned AI tool usage violates SA-9 — no trust relationship established, no security controls assessed, no monitoring in place. Each instance requires POA&M documentation and remediation.
FISMA continuous monitoring (NIST SP 800-137)
AI tool discovery is a continuous monitoring obligation, not a one-time audit finding.
Deploy as an automated feed. Transform monitoring from periodic manual exercise to continuous process.
Document unauthorized AI usage in the agency's Plan of Action and Milestones, tracked to remediation.
Daily-updated domain feed ensures newly launched AI tools are automatically captured and authorized.
Classifies every AI tool access event against the agency's FedRAMP authorization list and originating network zone
Unauthorized tools with data uploads on CUI networks flagged HIGH and tagged for POA&M generation
References SA-9, AC-20, and SI-4 — linking directly to control families FISMA assessors evaluate
SIPRNET and JWICS are air-gapped from the internet. AI cloud tools cannot be accessed from classified systems.
Personnel use AI tools on unclassified networks to process classified data. This triggers investigation and potential clearance loss.
The real risk is spillage. Personnel with classified access use AI tools on unclassified networks to process, summarize, or analyze information from classified sources. This triggers investigation, potential clearance loss, and mandatory reporting.
Nuanced category-level policies. Block "Text & Language" and "Data Analytics" on classified-adjacent segments while permitting "Design & Creative" for public affairs.
CUI encompasses a vast range of sensitive government data. Categories span multiple domains of sensitivity.
| Requirement | Description | AI Tool Relevance |
|---|---|---|
| 3.1.1 | Limit system access to authorized users | AI tools are unauthorized systems receiving CUI |
| 3.1.20 | Control connection of mobile devices | AI tools are uncontrolled data exfiltration channels |
| 3.1.21 | Limit use of portable storage devices | Browser-based AI tools function like USB drives for CUI |
| 3.13.1 | Monitor, control, and protect communications | AI tool traffic crosses the external boundary uncontrolled |
CMMC 2.0 makes this contractual for defense contractors. Under Level 2, organizations must implement all 110 NIST 800-171 requirements and pass third-party assessment. Unblocked AI tools on CUI networks will be flagged as a boundary protection failure.
NIST SP 800-53 provides the control catalog for federal security programs. Six control families are directly relevant to AI tool governance.
The following configuration maps AI tool categories to specific controls that agencies must implement for each category.
More than 30 states have enacted or introduced AI governance legislation. Four common themes are emerging across jurisdictions.
Transparency requirements for all government AI operations.
Human oversight for AI-assisted high-stakes decisions.
Safeguards for AI tools processing resident information.
Formal acquisition requirements for government AI systems.
| State | Mandate | Key Requirement |
|---|---|---|
| California | EO N-12-23 | Comprehensive AI use case inventory + deployment guidelines |
| New York City | Local Law 144 | Bias auditing for AI tools in employment decisions |
| Colorado | SB 24-205 | Impact assessments for high-risk AI systems |
| Texas | HB 2060 | AI advisory council + state agency reporting requirements |
The foundational requirement is the same across all mandates: know what AI tools your employees are using. The domain feed deployed against DNS or proxy infrastructure provides that visibility.
NIST SP 800-161 provides the SCRM framework. AI tools introduce unique supply chain risks that traditional assessments miss.
Poisoned or manipulated datasets producing unreliable outputs.
Model biases or hidden behaviors introduced during training.
Infrastructure operated or controlled by foreign adversary entities.
Section 889 analogy: If an AI tool is developed, hosted, or controlled by a foreign adversary entity, its use on government networks creates supply chain risk. The AI Tools Blocklist provides domain inventory for cross-referencing against FASC exclusion lists, ODNI advisories, and CISA alerts.
From inventory mandates to bias auditing. The Blocklist provides the discovery layer every mandate requires.
Build approved-vendor lists from the taxonomy. Unapproved tools are blocked at the network layer.
Unified domain feed with category-level controls. Consistent governance across all jurisdictions.
Government IT teams face unique constraints. Strict change management, lengthy procurement, ATO requirements, and multi-stakeholder coordination.
| Phase | Produces | Satisfies |
|---|---|---|
| Phase 1 | AI use case inventory | OMB M-24-10 inventory requirement |
| Phase 2 | Risk assessments | NIST AI RMF mandate |
| Phase 3 | Technical controls | NIST 800-53 specifications |
| Phase 4 | Continuous monitoring evidence | Annual FISMA assessments |
By completing all four phases, the agency has a comprehensive, auditable, and continuously-updated AI governance program. The CAIO can certify compliance with confidence.
Our team works with federal, state, and local agencies to deploy AI tool controls aligned with FedRAMP, FISMA, NIST AI RMF, and executive order requirements. Request a government consultation to get started.
Tell us about your agency’s network environment, compliance requirements, and AI governance goals. We will map the AI Tools Blocklist to your specific federal or state mandates.