✓ DoD PRODUCTION READY
Forge is DoD Thunderdome Ready
100% STIG compliant and ready to help you get compliant — plus FIPS 140-2 cryptography, 10+ IaC tools, and air‑gap capability for high‑security environments.
100% STIG compliant and ready to help you get compliant — plus FIPS 140-2 cryptography, 10+ IaC tools, and air‑gap capability for high‑security environments.
Forge exceeds typical DoD platform requirements and helps your team achieve and maintain compliance faster. Certified, tested, and ready for high-security deployments.
51/51 requirements met
CAT I, II, and III complete
Cryptographic modules validated
Production certified
Terraform, Ansible, Packer
Most comprehensive support
1,610 compliance rules
STIG, CIS, NIST, PCI-DSS
Forge is fully compliant today — and provides automation, reporting, and exports to help your organization reach and sustain compliance across all 51 DISA STIG requirements.
| Category | Severity | Items | Complete | Status | Key Controls |
|---|---|---|---|---|---|
| CAT I | Critical | 13 | 13 | ✓ 100% | MFA, Data Encryption, Container Security |
| CAT II | High | 35 | 35 | ✓ 100% | System Config, Monitoring, Logging |
| CAT III | Medium | 5 | 5 | ✓ 100% | System Banners, Documentation |
| TOTAL | 51 | 51 | ✓ 100% CERTIFIED | Production Ready | |
Certification Date: October 2025 | Certification Authority: Digital Data Co. Security Team
Documentation: Complete STIG compliance reports available in repository
Forge exceeds typical DoD platform requirements — and helps teams get compliant faster with automation and evidence exports
| Feature Category | Typical DoD Platform | Forge | Advantage |
|---|---|---|---|
| IaC Tools Supported | 2-3 tools | 10+ tools | 3-5x MORE |
| STIG Compliance | Partial (30-40/51) | 100% (51/51) | ✓ CERTIFIED |
| Policy Packs | 0-1 packs | 7 official packs (1,610 rules) | 7x MORE |
| Auto-Remediation | None | Auto-generate Ansible playbooks | UNIQUE |
| Secret Backends | 2-3 backends | 7 backends | 2-3x MORE |
| Cloud Platforms | 2-3 clouds | 6 platforms | 2x MORE |
| RBAC Roles | 2-3 basic roles | 5 roles (incl. Reporter) | PURPOSE-BUILT |
| Container Security | Basic hardening | STIG-hardened UBI 9 | ✓ HARDENED |
| Air-Gap Capability | Requires DB server | SQLite (zero-config) | SIMPLIFIED |
| Documentation | Basic docs | 50+ comprehensive docs | 10x MORE |
✓ Forge wins or ties in EVERY category
Features not found in any comparable DoD platform
Click any failing STIG rule to auto‑generate an Ansible playbook. Forge is compliant and helps you get compliant faster by turning findings into fixes and evidence automatically.
Pre-curated RHEL STIG, Ubuntu STIG, CIS, NIST 800-53, and PCI-DSS policies. 1,610 compliance rules ready for one-click installation. Industry-leading coverage.
Purpose-built for DoD compliance officers and auditors. Read-only access to compliance data, STIG results, and CKL exports for eMASS. Perfect for ISSOs and ISSMs.
Build STIG-compliant images with Packer, store in catalog, then click "Generate Terraform Vars" to get production-ready Terraform code. Seamless Packer→Terraform workflow.
Complete Phases 1–6: cross-project dependencies, approval gates with full context, drift detection and auto-remediation. Advanced infrastructure orchestration.
Terraform, OpenTofu, Terragrunt, Terramate, Terraformer, Ansible, Packer, Bash, PowerShell, Python, Pulumi. Most comprehensive tool support in any platform.
No database server required. Single-file database with full feature parity to PostgreSQL. Perfect for air-gap deployments and disconnected operations.
Open-source Vault alternative with MPL 2.0 license. No vendor lock-in, DoD-friendly licensing, API-compatible with HashiCorp Vault.
Quantifiable advantages for DoD deployments
Forge supports all typical DoD deployment environments out of the box
Forge Solution: Single binary deployment with SQLite (zero-config) or PostgreSQL. All tools work offline. On-prem Vault/OpenBao for secrets. Complete audit logging. ✓ FULLY SUPPORTED
Forge Solution: STIG-hardened containers with non-root execution (UID 1001), read-only filesystem, SELinux policies, resource limits, and FIPS-enabled UBI 9 base image. Network and pod security policies included. ✓ FULLY SUPPORTED
Forge Solution: Complete workflow: Build STIG images with Packer → Store in Golden Image Catalog → Generate Terraform code (one click) → Deploy VMs → Configure with Ansible → Validate with OpenSCAP. ✓ FULLY SUPPORTED
Forge Solution: Multi-cloud Terragrunt orchestration with RHEL 8 STIG High + NIST 800-53 High policy packs. Real-time compliance dashboard with CKL export for eMASS submission. ✓ FULLY SUPPORTED
Enterprise-grade technologies with DoD-approved standards
| Category | Technology/Standard | Status |
|---|---|---|
| Programming Language | Go 1.21+ (Backend), Vue.js 3 (Frontend) | ✓ Modern & Secure |
| Container Base | Red Hat UBI 9 (Universal Base Image) | ✓ DoD-Approved |
| Cryptography | FIPS 140-2 Validated Modules | ✓ Certified |
| Compliance Scanning | OpenSCAP 1.3, DoD SCC | ✓ DoD Standard |
| Database Support | SQLite, PostgreSQL, MySQL | ✓ Enterprise-Grade |
| Secret Management | Vault, OpenBao, AWS/Azure/GCP Secrets, Ansible Vault | ✓ Multi-Backend |
| Authentication | LDAP/AD, OIDC, SAML 2.0, MFA (TOTP) | ✓ Enterprise Auth |
| TLS Support | TLS 1.3 Minimum (Configurable) | ✓ Modern Security |
| Audit Logging | Comprehensive event logging, syslog integration | ✓ Complete Trail |
| License | MIT (Open Source) | ✓ DoD-Friendly |
Forge is 100% DoD-ready and production-certified today.
Start your evaluation with our comprehensive documentation.