[{"data":1,"prerenderedAt":518},["ShallowReactive",2],{"/en-us/the-source/ai/how-ai-can-fix-governments-legacy-code-problem":3,"footer-en-us":48,"the-source-banner-en-us":382,"the-source-navigation-en-us":388,"article-site-categories-en-us":411,"the-source-newsletter-en-us":413,"how-ai-can-fix-governments-legacy-code-problem-article-hero-category-en-us":420,"how-ai-can-fix-governments-legacy-code-problem-the-source-source-cta-en-us":446,"how-ai-can-fix-governments-legacy-code-problem-article-hero-author-en-us":455,"how-ai-can-fix-governments-legacy-code-problem-category-en-us":478,"how-ai-can-fix-governments-legacy-code-problem-the-source-resources-en-us":491},{"id":4,"title":5,"body":6,"category":7,"config":8,"content":14,"description":6,"extension":38,"meta":39,"navigation":40,"path":41,"seo":42,"slug":44,"stem":45,"type":46,"__hash__":47},"theSource/en-us/the-source/ai/how-ai-can-fix-governments-legacy-code-problem.yml","How Ai Can Fix Governments Legacy Code Problem",null,"ai",{"layout":9,"template":10,"featured":11,"author":12,"sourceCTA":13},"the-source","TheSourceArticle",false,"bob-stevens","source-lp-ai-powered-efficiency-modernizing-government-in-2025",{"title":15,"description":16,"date":17,"timeToRead":18,"heroImage":19,"keyTakeaways":20,"articleBody":24,"faq":25},"How AI can fix government’s legacy code problem","Discover how AI-powered modernization tools can transform government's expensive legacy COBOL systems into secure, efficient infrastructure in months.","2025-07-29T00:00:00.000Z","5 min read","https://res.cloudinary.com/about-gitlab-com/image/upload/v1753720940/display-the-source-how-ai-can-solve-the-federal-legacy-code-crisis-article-image-0818-1800x945-fy26_yrmbw4.png",[21,22,23],"Federal agencies spend hundreds of millions of dollars annually maintaining legacy systems, creating security risks and operational inefficiencies.","AI-powered refactoring tools can modernize legacy government code in months instead of years, translating outdated code into secure, compliant modern applications.","Modern AI-native DevSecOps platforms prevent future technical debt by building security and compliance into new code from day one, breaking the expensive maintenance cycle.","NASA uses AI to guide rovers on Mars, but federal agencies still run key operations on COBOL, a programming language older than the moon landing. \n\nCritical U.S. agencies like the Department of Health and Human Services, Social Security Administration, and Centers for Medicare and Medicaid Services depend on systems built with COBOL and other legacy languages. However, fewer and fewer programmers know how to work with this outdated code. \n\nThat means each year brings higher chances of major system breakdowns that could stop benefit payments, expose private citizen data, or create processing delays affecting millions of citizens.\n\nHowever, because modernizing legacy code can be such a daunting process, many agencies have delayed major upgrade projects, choosing instead to patch problems as they appear. This strategy has created technical debt that grows exponentially over time.\n\nWith mounting pressure to improve efficiency, the public sector has a chance to use AI for a critical purpose: system modernization. Agencies can use AI to expedite the [modernization of legacy applications](https://about.gitlab.com/the-source/security/why-legacy-code-is-a-security-risk-and-how-ai-can-help/) with memory-safe code, which was once a slow and challenging process.\n\nThe time to start modernization projects is now. AI-powered tools can turn what once took years into a faster path for agencies to eliminate their dependence on COBOL and other outdated languages.\n## Understanding code refactoring basics\nMoving away from COBOL begins with code refactoring — a method that enhances the design and stability of existing code, enabling the secure modernization of legacy code without altering its functionality.\n\nTraditional refactoring methods include inline refactoring, which restructures outdated elements of code, and abstraction, which eliminates repeated code. However, these methods require a significant amount of time, skilled developers who understand legacy languages, and thorough testing to function properly.\n\nWhile federal agencies recognize that modernization is necessary in the long term, it's challenging to justify spending resources now when the benefits may not be realized for years.\n## Using AI for code modernization\nAI makes the refactoring process achievable. Developers across all industries are adopting this approach: [GitLab research](https://about.gitlab.com/developer-survey/2024/ai/) found that 34% of organizations already use AI in their software development lifecycle, including for code modernization.\n\nAI tools handle the heavy lifting in refactoring, such as understanding complex legacy code and creating modern code that works the same way. For developers with limited COBOL knowledge, these tools work like translators between old and new programming methods.\n\nAfter modernizing the code, AI can further improve it by identifying security vulnerabilities, recommending optimizations, and automatically running comprehensive testing. For government agencies with stringent security and compliance requirements, this automated hardening of codebases eliminates a major modernization barrier, reducing the modernization timeline from years to months.\n## Building software for tomorrow\nWhile addressing the challenges associated with legacy code is important, forward-thinking government agencies must also adopt modern development practices that avoid creating future technical debt. A [DevSecOps platform](https://about.gitlab.com/platform/) lets developers quickly build software with AI help and security built into every line of code.\n\nWith a comprehensive platform, AI works as both a speed booster and protector. Tools like [AI-powered code suggestions](https://about.gitlab.com/solutions/code-suggestions/) can incorporate federal compliance rules and generate secure, optimized code that meets government standards from day one. Meanwhile, vulnerability scanning finds and fixes potential security issues before deployment. This shift allows developers to focus on high-value work that requires human skills instead of routine coding tasks.\n\nThe collaborative aspects of AI go beyond code creation to improve team collaboration. By summarizing code review comments, identifying potential integration problems, and tracking compliance requirements, AI tools streamline communication between distributed development teams.\n\nIn addition, security becomes an ongoing, integrated process instead of a checkpoint at project completion. [AI-powered vulnerability detection](https://about.gitlab.com/the-source/ai/understand-and-resolve-vulnerabilities-with-ai-powered-gitlab-duo/) doesn't just find risks faster — it explains them in the context of federal security requirements, suggests specific fixes, and learns from each project to improve future development.\n\nThe federal government has made real progress using technology to serve citizens and protect national security. By embracing AI-powered modernization for both legacy systems and new development, agencies can break free from the expensive cycle of managing old technical debt while building more responsive, secure, and adaptable digital infrastructure.",[26,29,32,35],{"header":27,"content":28},"How long does AI-powered code modernization take compared to traditional methods?","AI-powered refactoring tools can modernize legacy government code in months instead of years. Traditional modernization projects often take years to show benefits, while AI tools accelerate the timeline by automatically handling complex code translation and testing processes.",{"header":30,"content":31},"Which government agencies rely most heavily on legacy COBOL systems?","Critical agencies including the Department of Health and Human Services, Social Security Administration, and Centers for Medicare and Medicaid Services depend on COBOL and other legacy systems. These systems handle operations affecting millions of citizens, from benefit payments to healthcare data processing.",{"header":33,"content":34},"What security risks do legacy government systems create?","Legacy systems represent an expanding attack surface with higher chances of major breakdowns each year. These vulnerabilities could stop benefit payments, expose private citizen data, or create processing delays affecting millions of Americans.",{"header":36,"content":37},"How does DevSecOps prevent future technical debt in government development?","AI-native DevSecOps platforms build security and compliance into new code from day one, incorporating federal compliance rules automatically. This approach prevents the accumulation of technical debt by creating secure, optimized code that meets government standards during initial development.","yml",{},true,"/en-us/the-source/ai/how-ai-can-fix-governments-legacy-code-problem",{"config":43,"title":15,"ogTitle":15,"description":16,"ogDescription":16,"ogImage":19},{"noIndex":11},"how-ai-can-fix-governments-legacy-code-problem","en-us/the-source/ai/how-ai-can-fix-governments-legacy-code-problem","article","Wb9qHxnoYQYFbHm5WHZDrir3AEleRfYObYt0vqhwQP4",{"data":49},{"text":50,"source":51,"edit":57,"contribute":62,"config":67,"items":72,"minimal":371},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":52,"config":53},"View page source",{"href":54,"dataGaName":55,"dataGaLocation":56},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":58,"config":59},"Edit this page",{"href":60,"dataGaName":61,"dataGaLocation":56},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":63,"config":64},"Please contribute",{"href":65,"dataGaName":66,"dataGaLocation":56},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":68,"facebook":69,"youtube":70,"linkedin":71},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[73,130,187,246,309],{"title":74,"links":75,"subMenu":91},"Pricing",[76,81,86],{"text":77,"config":78},"View plans",{"href":79,"dataGaName":80,"dataGaLocation":56},"/pricing/","view plans",{"text":82,"config":83},"Why Premium?",{"href":84,"dataGaName":85,"dataGaLocation":56},"/pricing/premium/","why premium",{"text":87,"config":88},"Why Ultimate?",{"href":89,"dataGaName":90,"dataGaLocation":56},"/pricing/ultimate/","why ultimate",[92],{"title":93,"links":94},"Contact Us",[95,100,105,110,115,120,125],{"text":96,"config":97},"Contact sales",{"href":98,"dataGaName":99,"dataGaLocation":56},"/sales/","sales",{"text":101,"config":102},"Support portal",{"href":103,"dataGaName":104,"dataGaLocation":56},"https://support.gitlab.com","support portal",{"text":106,"config":107},"Customer portal",{"href":108,"dataGaName":109,"dataGaLocation":56},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"text":111,"config":112},"Status",{"href":113,"dataGaName":114,"dataGaLocation":56},"https://status.gitlab.com/","status",{"text":116,"config":117},"Terms of use",{"href":118,"dataGaName":119,"dataGaLocation":56},"/terms/","terms of use",{"text":121,"config":122},"Privacy statement",{"href":123,"dataGaName":124,"dataGaLocation":56},"/privacy/","privacy statement",{"text":126,"config":127},"Cookie preferences",{"dataGaName":128,"dataGaLocation":56,"id":129,"isOneTrustButton":40},"cookie preferences","ot-sdk-btn",{"title":131,"links":132,"subMenu":143},"Product",[133,138],{"text":134,"config":135},"DevSecOps platform",{"href":136,"dataGaName":137,"dataGaLocation":56},"/platform/","devsecops platform",{"text":139,"config":140},"AI-Assisted Development",{"href":141,"dataGaName":142,"dataGaLocation":56},"/gitlab-duo/","ai-assisted development",[144],{"title":145,"links":146},"Topics",[147,152,157,162,167,172,177,182],{"text":148,"config":149},"CICD",{"href":150,"dataGaName":151,"dataGaLocation":56},"/topics/ci-cd/","cicd",{"text":153,"config":154},"GitOps",{"href":155,"dataGaName":156,"dataGaLocation":56},"/topics/gitops/","gitops",{"text":158,"config":159},"DevOps",{"href":160,"dataGaName":161,"dataGaLocation":56},"/topics/devops/","devops",{"text":163,"config":164},"Version Control",{"href":165,"dataGaName":166,"dataGaLocation":56},"/topics/version-control/","version control",{"text":168,"config":169},"DevSecOps",{"href":170,"dataGaName":171,"dataGaLocation":56},"/topics/devsecops/","devsecops",{"text":173,"config":174},"Cloud Native",{"href":175,"dataGaName":176,"dataGaLocation":56},"/topics/cloud-native/","cloud native",{"text":178,"config":179},"AI for Coding",{"href":180,"dataGaName":181,"dataGaLocation":56},"/topics/devops/ai-for-coding/","ai for coding",{"text":183,"config":184},"Agentic AI",{"href":185,"dataGaName":186,"dataGaLocation":56},"/topics/agentic-ai/","agentic ai",{"title":188,"links":189},"Solutions",[190,194,199,204,209,213,218,221,226,231,236,241],{"text":191,"config":192},"Application Security Testing",{"href":193,"dataGaName":191,"dataGaLocation":56},"/solutions/application-security-testing/",{"text":195,"config":196},"Automated software delivery",{"href":197,"dataGaName":198,"dataGaLocation":56},"/solutions/delivery-automation/","automated software delivery",{"text":200,"config":201},"Agile development",{"href":202,"dataGaName":203,"dataGaLocation":56},"/solutions/agile-delivery/","agile delivery",{"text":205,"config":206},"SCM",{"href":207,"dataGaName":208,"dataGaLocation":56},"/solutions/source-code-management/","source code management",{"text":148,"config":210},{"href":211,"dataGaName":212,"dataGaLocation":56},"/solutions/continuous-integration/","continuous integration & delivery",{"text":214,"config":215},"Value stream management",{"href":216,"dataGaName":217,"dataGaLocation":56},"/solutions/value-stream-management/","value stream management",{"text":153,"config":219},{"href":220,"dataGaName":156,"dataGaLocation":56},"/solutions/gitops/",{"text":222,"config":223},"Enterprise",{"href":224,"dataGaName":225,"dataGaLocation":56},"/enterprise/","enterprise",{"text":227,"config":228},"Small business",{"href":229,"dataGaName":230,"dataGaLocation":56},"/small-business/","small business",{"text":232,"config":233},"Public sector",{"href":234,"dataGaName":235,"dataGaLocation":56},"/solutions/public-sector/","public sector",{"text":237,"config":238},"Education",{"href":239,"dataGaName":240,"dataGaLocation":56},"/solutions/education/","education",{"text":242,"config":243},"Financial services",{"href":244,"dataGaName":245,"dataGaLocation":56},"/solutions/finance/","financial services",{"title":247,"links":248},"Resources",[249,254,259,264,269,274,279,284,289,294,299,304],{"text":250,"config":251},"Install",{"href":252,"dataGaName":253,"dataGaLocation":56},"/install/","install",{"text":255,"config":256},"Quick start guides",{"href":257,"dataGaName":258,"dataGaLocation":56},"/get-started/","quick setup checklists",{"text":260,"config":261},"Learn",{"href":262,"dataGaName":263,"dataGaLocation":56},"https://university.gitlab.com/","learn",{"text":265,"config":266},"Product documentation",{"href":267,"dataGaName":268,"dataGaLocation":56},"https://docs.gitlab.com/","docs",{"text":270,"config":271},"Blog",{"href":272,"dataGaName":273,"dataGaLocation":56},"/blog/","blog",{"text":275,"config":276},"Customer success stories",{"href":277,"dataGaName":278,"dataGaLocation":56},"/customers/","customer success stories",{"text":280,"config":281},"Remote",{"href":282,"dataGaName":283,"dataGaLocation":56},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"text":285,"config":286},"GitLab Services",{"href":287,"dataGaName":288,"dataGaLocation":56},"/services/","services",{"text":290,"config":291},"Community",{"href":292,"dataGaName":293,"dataGaLocation":56},"/community/","community",{"text":295,"config":296},"Forum",{"href":297,"dataGaName":298,"dataGaLocation":56},"https://forum.gitlab.com/","forum",{"text":300,"config":301},"Events",{"href":302,"dataGaName":303,"dataGaLocation":56},"/events/","events",{"text":305,"config":306},"Partners",{"href":307,"dataGaName":308,"dataGaLocation":56},"/partners/","partners",{"title":310,"links":311},"Company",[312,317,322,327,332,337,342,346,351,356,361,366],{"text":313,"config":314},"About",{"href":315,"dataGaName":316,"dataGaLocation":56},"/company/","company",{"text":318,"config":319},"Jobs",{"href":320,"dataGaName":321,"dataGaLocation":56},"/jobs/","jobs",{"text":323,"config":324},"Leadership",{"href":325,"dataGaName":326,"dataGaLocation":56},"/company/team/e-group/","leadership",{"text":328,"config":329},"Team",{"href":330,"dataGaName":331,"dataGaLocation":56},"/company/team/","team",{"text":333,"config":334},"Handbook",{"href":335,"dataGaName":336,"dataGaLocation":56},"https://handbook.gitlab.com/","handbook",{"text":338,"config":339},"Investor relations",{"href":340,"dataGaName":341,"dataGaLocation":56},"https://ir.gitlab.com/","investor relations",{"text":343,"config":344},"Sustainability",{"href":345,"dataGaName":343,"dataGaLocation":56},"/sustainability/",{"text":347,"config":348},"Diversity, inclusion and belonging (DIB)",{"href":349,"dataGaName":350,"dataGaLocation":56},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":352,"config":353},"Trust Center",{"href":354,"dataGaName":355,"dataGaLocation":56},"/security/","trust center",{"text":357,"config":358},"Newsletter",{"href":359,"dataGaName":360,"dataGaLocation":56},"/company/contact/#contact-forms","newsletter",{"text":362,"config":363},"Press",{"href":364,"dataGaName":365,"dataGaLocation":56},"/press/","press",{"text":367,"config":368},"Modern Slavery Transparency Statement",{"href":369,"dataGaName":370,"dataGaLocation":56},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"items":372},[373,376,379],{"text":374,"config":375},"Terms",{"href":118,"dataGaName":119,"dataGaLocation":56},{"text":377,"config":378},"Cookies",{"dataGaName":128,"dataGaLocation":56,"id":129,"isOneTrustButton":40},{"text":380,"config":381},"Privacy",{"href":123,"dataGaName":124,"dataGaLocation":56},{"visibility":40,"title":383,"button":384},"The Intelligent Software Development Era: How AI is reshaping DevSecOps teams",{"config":385,"text":387},{"href":386},"/developer-survey/","Get the research report",{"logo":389,"subscribeLink":394,"navItems":398},{"altText":390,"config":391},"the source logo",{"src":392,"href":393},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1750191004/t7wz1klfb2kxkezksv9t.svg","/the-source/",{"text":395,"config":396},"Subscribe",{"href":397},"#subscribe",[399,403,407],{"text":400,"config":401},"Artificial Intelligence",{"href":402},"/the-source/ai/",{"text":404,"config":405},"Security & Compliance",{"href":406},"/the-source/security/",{"text":408,"config":409},"Platform & Infrastructure",{"href":410},"/the-source/platform/",{"categoryNames":412},{"ai":400,"platform":408,"security":404},{"title":414,"description":415,"submitMessage":416,"formData":417},"The Source Newsletter","Stay updated with insights for the future of software development.","You have successfully signed up for The Source’s newsletter.",{"config":418},{"formId":419,"formName":360,"hideRequiredLabel":40},1077,{"id":421,"title":422,"body":6,"category":6,"config":423,"content":424,"description":6,"extension":38,"meta":440,"navigation":40,"path":441,"seo":442,"slug":7,"stem":443,"testContent":6,"type":444,"__hash__":445},"pages/en-us/the-source/ai/index.yml","",{"layout":9},[425,432],{"componentName":426,"type":426,"componentContent":427},"TheSourceCategoryHero",{"title":400,"description":428,"image":429},"Explore expert insights on how AI is transforming software development, and how organizations can get the most out of their AI investments.",{"config":430},{"src":431},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1751463300/eoudcbj5aoucl0spsp0c.png",{"componentName":433,"type":433,"componentContent":434},"TheSourceCategoryMainSection",{"config":435},{"sourceCTAs":436},[437,438,439],"source-lp-how-to-get-started-using-ai-in-software-development","navigating-ai-maturity-in-devsecops","source-lp-ai-guide-for-enterprise-leaders-building-the-right-approach",{},"/en-us/the-source/ai",{"title":400,"description":428,"ogImage":431},"en-us/the-source/ai/index","category","wtQi5a4Yy8rZpv9pRFgz-LgiIdSY188tyR5WwsQyl-w",{"config":447,"title":448,"description":449,"link":450},{"slug":13},"AI-powered efficiency: Modernizing government in 2025","Learn how AI accelerates workflows and maximizes productivity, enabling government agencies to maintain service delivery despite reduced headcount.",{"text":451,"config":452},"Read the guide",{"href":453,"dataGaName":448,"dataGaLocation":454},"/the-source/ai/ai-powered-efficiency-modernizing-government-in-2025/","thesource",{"id":456,"title":457,"body":6,"category":6,"config":458,"content":459,"description":6,"extension":38,"meta":472,"navigation":40,"path":473,"seo":474,"slug":12,"stem":475,"testContent":6,"type":476,"__hash__":477},"theSourceAuthors/en-us/the-source/authors/bob-stevens.yml","Bob Stevens",{"layout":9},[460,470],{"componentName":461,"type":461,"componentContent":462},"TheSourceAuthorHero",{"config":463,"name":457,"role":466,"headshot":467},{"gitlabHandle":464,"linkedInProfileUrl":465},"bstevens1","https://www.linkedin.com/in/bob-stevens-1237564/","Public Sector Area Vice President, GitLab",{"altText":457,"config":468},{"src":469},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1752687939/mv3lhtimdzr8jmfqmbk1.jpg",{"componentName":471,"type":471},"TheSourceArticlesList",{},"/en-us/the-source/authors/bob-stevens",{"title":457},"en-us/the-source/authors/bob-stevens","author","kOG3hLfSxAts4brVdPtu5XzwJc8TEJ0cyGxVzqFZ3As",{"id":421,"title":422,"body":6,"category":6,"config":479,"content":480,"description":6,"extension":38,"meta":489,"navigation":40,"path":441,"seo":490,"slug":7,"stem":443,"testContent":6,"type":444,"__hash__":445},{"layout":9},[481,485],{"componentName":426,"type":426,"componentContent":482},{"title":400,"description":428,"image":483},{"config":484},{"src":431},{"componentName":433,"type":433,"componentContent":486},{"config":487},{"sourceCTAs":488},[437,438,439],{},{"title":400,"description":428,"ogImage":431},[492,501,509],{"config":493,"title":494,"description":495,"link":496},{"slug":438},"Navigating AI maturity in DevSecOps","Read our survey findings from more than 5,000 DevSecOps professionals worldwide for insights on how organizations are incorporating AI into the software development lifecycle.",{"text":497,"config":498},"Read the report",{"href":499,"dataGaName":500,"dataGaLocation":454},"/developer-survey/2024/ai/","Navigating AI Maturity in DevSecOps",{"config":502,"title":503,"description":504,"link":505},{"slug":439},"AI guide for enterprise leaders: Building the right approach","Download our guide for enterprise leaders to learn how to prepare your C-suite, executive leadership, and development teams for what AI can do today — and will do in the near future — to accelerate software development.",{"text":451,"config":506},{"href":507,"dataGaName":508,"dataGaLocation":454},"/the-source/ai/ai-guide-for-enterprise-leaders-building-the-right-approach/","AI Guide For Enterprise Leaders: Building the Right Approach",{"config":510,"title":511,"description":512,"link":513},{"slug":437},"How to get started using AI in software development","Learn how to strategically implement AI to boost efficiency, security, and reduce context switching. Empower every member of your team with AI capabilities.",{"text":514,"config":515},"Download the guide",{"href":516,"dataGaName":517,"dataGaLocation":454},"/the-source/ai/getting-started-with-ai-in-software-development-a-guide-for-leaders/","How to Get Started Using AI in Software Development",1772652093339]