No product training on customer data.
Forge does not learn across customers. Outcome feedback supports calibration measurement unless a separate, explicit, contracted opt-in says otherwise.
Trust and procurement
Enterprise buyers need the trust path before they can move. Forge keeps that path clear: vendor-security answers, no product training on customer data, an IP-safe architecture overview, counsel-review legal templates, and plain status on SOC 2, penetration testing, cyber insurance, CMMC, FedRAMP, and ATO.
| Public before fit | Trust page, public API overview, onboarding path, vulnerability disclosure, privacy, terms, and this procurement map. |
|---|---|
| After workflow fit | Vendor-security one-pager, no customer-data training statement, data-handling memo, and workflow-specific integration brief. |
| Security review | CAIQ/SIG-style answer bank, non-sensitive architecture overview, deployment options, and current attestation status. |
| Counsel review | NDA, DPA, MSA terms, and pilot order-form drafts are available as starting points for counsel. They are not executed terms. |
Forge does not learn across customers. Outcome feedback supports calibration measurement unless a separate, explicit, contracted opt-in says otherwise.
The proof trail is deterministic and replayable. Extraction may happen before the checked path and must stay cited.
Verification checks authenticity and reproducibility from recorded inputs. It does not certify the customer's business judgment.
Forge has starting-point materials for a mutual NDA, data processing addendum, master services terms, and pilot order form. Those materials help the buyer's counsel move quickly after fit, but they are not legal advice and are not binding until reviewed and signed by the parties.
Open the deeper questionnaire and architecture materials after workflow fit and the right review channel.
Set data boundary, retention, deletion, subprocessors, hosted or on-premises path, and security responsibilities.
Name the decision surface, acceptance criteria, technical owner, review owner, and next-scope trigger.
| SOC 2 | Not claimed today. Readiness work is staged for the enterprise review path. |
|---|---|
| Penetration test | Not claimed as complete today. Scope is prepared for a third-party test as procurement requires. |
| Cyber insurance | Not represented as bound on this public page. Status is handled in the buyer security review. |
| CMMC, FedRAMP, ATO | No third-party CMMC certification, no FedRAMP authorization, and no ATO are claimed. |
| Federal credential | The Forge solution was assessed as Awardable on the U.S. Department of Defense CDAO Tradewinds Solutions Marketplace. |
Before fit, the public pages should answer the shape of the review. After fit, Forge can hand over the questionnaire answers, architecture overview, and counsel-review materials for that buyer and workflow.