Ventia adopts AI platform to speed up major infrastructure bids
Automation of bid writing
The new platform, known as Tendia, automates the search, collation, and drafting of early-stage bid content – a process previously measured in days, now reduced to minutes. The solution is designed to help Ventia's teams prepare responses more quickly and accurately for complex, high-value tenders within its extensive operations.
Tendia was developed by DXC's data, AI, and cloud experts, utilising Amazon Web Services (AWS) technologies including Amazon Bedrock and Kendra. The system is trained on Ventia's historical submissions to ensure that its outputs are relevant and accurate for current tender requirements. More than 10,000 AWS-certified professionals at DXC have contributed technical and security support to ensure the solution is viable at scale and enterprise-ready.
The implementation of Tendia is seen as a practical demonstration of generative AI's expanding role beyond pilot projects, addressing complicated, document-heavy business processes at enterprise scale.
Operational benefits for Ventia
Ventia, one of the largest infrastructure service providers in the region, previously faced significant time and resource challenges preparing major tenders. The company has access to a workforce of more than 35,000 people operating across over 400 sites. Addressing these pressures was a primary driver for developing an AI-powered solution that could assist its teams in focusing on higher-value work within the bidding process. "Working with DXC, we've been able to improve the speed and quality of our bid development process. Tendia enables our teams to focus on higher-value work, deliver more accurate proposals, and respond faster to complex, multi-million-dollar tenders. This project marks the first phase of Ventia's broader AI adoption strategy to improve how we support clients and deliver services across the business."
Ventia's General Manager for Strategy, Digital & Corporate Affairs, Em Hogan, pointed to these advantages, noting that the initiative is part of a wider programme to extend AI adoption across the organisation and its services.
Technical background and partnership
DXC's data, AI, and cloud teams worked closely with Ventia throughout the project, integrating AWS services such as Amazon Fargate, Kendra, and Cognito to deliver the Tendia solution. These components enable rapid, context-aware content generation and secure access for teams across different business units and geographies. "This collaboration shows how AI can support business-critical operations – within the public sector," said Seelan Nayagam, President, Asia Pacific, Middle East & Africa, DXC Technology. "We have drawn on our global scale and cross-industry AI experience to help Ventia turn an initial concept into an enterprise-ready solution. With over 10,000 AWS skilled resources and more than 15,000 experts trained through DXC's AI Academy and AI-Xcelerate programs, we're delighted to be supporting Ventia as it extends AI applications across more parts of its business," said Nayagam.
DXC emphasised that its partnership with Ventia demonstrates how technology and global expertise can be applied to overcome barriers to generative AI use within critical business functions. The company's Consulting & Engineering Services team has a remit to operate and optimise mission-critical systems, including the co-creation and delivery of solutions based on automation and AI technologies.
Productivity and security considerations
The deployment of Tendia comes against a backdrop of growing demand for efficiency and accuracy in high-stakes processes such as infrastructure tenders. By automating the early stages of bid development, Ventia expects its staff to be able to dedicate more time to the strategic aspects of crafting proposals tailored to client needs and sector requirements.
Tendia's support for compliance and data security is grounded in DXC's scale and AWS certifications, providing additional assurance for both technology stakeholders and business users.
Both organisations have indicated that the platform's introduction represents only the initial stage in broader AI integration efforts across Ventia's operations, with further developments and expansions expected in the future.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
2 days ago
- Techday NZ
Ventia adopts AI platform to speed up major infrastructure bids
Ventia has implemented an AI-powered platform, developed in partnership with DXC Technology, to streamline its bid writing process for major infrastructure contracts across Australia and New Zealand. Automation of bid writing The new platform, known as Tendia, automates the search, collation, and drafting of early-stage bid content – a process previously measured in days, now reduced to minutes. The solution is designed to help Ventia's teams prepare responses more quickly and accurately for complex, high-value tenders within its extensive operations. Tendia was developed by DXC's data, AI, and cloud experts, utilising Amazon Web Services (AWS) technologies including Amazon Bedrock and Kendra. The system is trained on Ventia's historical submissions to ensure that its outputs are relevant and accurate for current tender requirements. More than 10,000 AWS-certified professionals at DXC have contributed technical and security support to ensure the solution is viable at scale and enterprise-ready. The implementation of Tendia is seen as a practical demonstration of generative AI's expanding role beyond pilot projects, addressing complicated, document-heavy business processes at enterprise scale. Operational benefits for Ventia Ventia, one of the largest infrastructure service providers in the region, previously faced significant time and resource challenges preparing major tenders. The company has access to a workforce of more than 35,000 people operating across over 400 sites. Addressing these pressures was a primary driver for developing an AI-powered solution that could assist its teams in focusing on higher-value work within the bidding process. "Working with DXC, we've been able to improve the speed and quality of our bid development process. Tendia enables our teams to focus on higher-value work, deliver more accurate proposals, and respond faster to complex, multi-million-dollar tenders. This project marks the first phase of Ventia's broader AI adoption strategy to improve how we support clients and deliver services across the business." Ventia's General Manager for Strategy, Digital & Corporate Affairs, Em Hogan, pointed to these advantages, noting that the initiative is part of a wider programme to extend AI adoption across the organisation and its services. Technical background and partnership DXC's data, AI, and cloud teams worked closely with Ventia throughout the project, integrating AWS services such as Amazon Fargate, Kendra, and Cognito to deliver the Tendia solution. These components enable rapid, context-aware content generation and secure access for teams across different business units and geographies. "This collaboration shows how AI can support business-critical operations – within the public sector," said Seelan Nayagam, President, Asia Pacific, Middle East & Africa, DXC Technology. "We have drawn on our global scale and cross-industry AI experience to help Ventia turn an initial concept into an enterprise-ready solution. With over 10,000 AWS skilled resources and more than 15,000 experts trained through DXC's AI Academy and AI-Xcelerate programs, we're delighted to be supporting Ventia as it extends AI applications across more parts of its business," said Nayagam. DXC emphasised that its partnership with Ventia demonstrates how technology and global expertise can be applied to overcome barriers to generative AI use within critical business functions. The company's Consulting & Engineering Services team has a remit to operate and optimise mission-critical systems, including the co-creation and delivery of solutions based on automation and AI technologies. Productivity and security considerations The deployment of Tendia comes against a backdrop of growing demand for efficiency and accuracy in high-stakes processes such as infrastructure tenders. By automating the early stages of bid development, Ventia expects its staff to be able to dedicate more time to the strategic aspects of crafting proposals tailored to client needs and sector requirements. Tendia's support for compliance and data security is grounded in DXC's scale and AWS certifications, providing additional assurance for both technology stakeholders and business users. Both organisations have indicated that the platform's introduction represents only the initial stage in broader AI integration efforts across Ventia's operations, with further developments and expansions expected in the future.
Techday NZ
4 days ago
- Techday NZ
When trusted tools go rogue: The return of the ‘Confused Deputy Problem'
A decades-old cybersecurity vulnerability is staging a dangerous comeback, and this time it involves modern tools and has far-reaching consequences. Known as the 'Confused Deputy Problem,' this flaw sees trusted software - such as administrative tools, privileged scripts, or even AI agents - being manipulated to misuse their powers on behalf of less-privileged applications operating autonomously or by users. And in today's rapidly evolving threat landscape, the consequences are more severe than ever. From compiler quirk to enterprise crisis The confused deputy problem isn't new. First described by computer scientist Norm Hardy in 1988, it referred to a case where a compiler (legitimately empowered to write to billing files) was tricked by less-privileged applications into overwriting those sensitive files. The applications themselves didn't have the necessary access, but the compiler acted on their behalf, unwittingly executing their intent. Fast forward to today, and this fundamental breakdown of privilege separation is now playing out in some of the most advanced enterprise systems, including those that rely on artificial intelligence, automation, and cloud-native infrastructure. In most modern enterprises, trusted systems or processes - like automation scripts, CI/CD pipelines, and privileged service accounts - are the deputies. These programs are entrusted with elevated access because they serve as conduits to essential business functions. However, if they lack mechanisms to evaluate the context of the commands and honour least privilege performing functions, they can be exploited just as easily as Hardy's compiler. The problem becomes even more alarming when applied to Agentic AI which are tools that act independently to complete tasks using delegated authority. If these AI agents are manipulated into making requests or executing operations they weren't intended to, they become confused deputies on a much larger scale. Real-world risks The confused deputy issue surfaces in multiple ways across enterprise IT today. These include: SuDo misuse: Scripts with superuser privileges can be hijacked by untrusted inputs, elevating user privilege without directly attacking the OS. Scripts with superuser privileges can be hijacked by untrusted inputs, elevating user privilege without directly attacking the OS. CI/CD exploits: Shared service accounts in development pipelines can be coerced into leaking secrets or deploying malicious artifacts, especially in the absence of role isolation and context validation. Shared service accounts in development pipelines can be coerced into leaking secrets or deploying malicious artifacts, especially in the absence of role isolation and context validation. Cloud token abuse: In AWS or Azure environments, services can inadvertently use their assumed roles to fulfill malicious requests initiated by compromised peers, turning secure microservices into agents of privilege escalation. Why the problem persists Despite increasing awareness and tooling, the confused deputy problem persists largely because enterprises have not fully embraced the principle of least privilege. That is, systems, applications, and users continue to have more access than they need. What's more, the explosion of machine identities, such as automated services, scripts, bots, and now AI agents, has made it far harder to track privilege boundaries. Machines now communicate with other machines more frequently than humans do, and without adequate oversight, these interactions become fertile ground for exploitation. Reimagining Privileged Access Management To confront this resurgent threat, businesses must rethink their approach to Privileged Access Management (PAM). It's no longer enough to store secrets or manage user credentials. Modern PAM must be dynamic, context-aware, and tightly integrated into every aspect of the IT ecosystem. Key strategies to consider include: Command validation and filtering: Systems should whitelist commands, sanitise inputs, and block privilege escalation via indirect parameters. Systems should whitelist commands, sanitise inputs, and block privilege escalation via indirect parameters. Context-aware decisions: Access should be evaluated based on behavioural context and not just identity. Why is a session being initiated? What other systems has the user accessed? What's the broader pattern? Access should be evaluated based on behavioural context and not just identity. Why is a session being initiated? What other systems has the user accessed? What's the broader pattern? Segregation of duties: Different roles and accounts should be used for automation, deployment, and debugging. A single account with broad entitlements poses a massive risk if compromised. Different roles and accounts should be used for automation, deployment, and debugging. A single account with broad entitlements poses a massive risk if compromised. Real-time monitoring and forensics: PAM solutions must include session recording, keystroke logging, and audit trails to detect both deliberate abuse and accidental misuse. AI's double-edged sword Agentic AI represents both the future and the frontier of the confused deputy problem. These systems are capable of incredible operational gains, but their autonomous nature makes them ripe for exploitation. A prompt, parameter, or request that seems benign on the surface can trigger actions that cause significant harm or data leakage, especially if the agent can't distinguish between valid commands and malicious manipulation. This isn't just a technical flaw but a governance challenge. Enterprises must ensure that, as they embrace AI and automation, they do so with controls that prioritise intent verification, privilege minimization, and oversight. A strategic imperative The confused deputy problem is no longer a relic of early computing. It's a central challenge for modern digital security. As organisations deploy more intelligent and powerful tools, they must recognise that privilege without perspective is an attack vector in its own right. To prevent trusted systems from becoming dangerous liabilities, enterprises need to enforce least privilege not just as a policy, but as a design principle embedded in every layer of infrastructure, automation, and AI deployment.
NZ Herald
5 days ago
- NZ Herald
Refund money for 3G-only phone now, Consumer NZ says; Auckland Council says it's not responsible for Amazon's deserted construction site
Another hassle with a recently purchased phone that's only capable of calls on the soon-to-be-shuttered 3G networks; the council updates on Amazon's Quiet Earth Auckland build; an AWS exec jumps to the opposition; and the Government names an AI advisory panel. Another customer has found themselves stuck with a '4G'
