Enterprise-Grade Security

Built for shops that don't compromise on security

100%
Human-approved quotes
SOC 2
Type II Certified
AICPA SOC for Service Organizations
Compliance

Forgepoint is SOC 2 Type II certified.

We completed an independent SOC 2 Type II audit covering our security controls. Customers and prospects can request our SOC 2 report at any time.

Request the SOC 2 report

Security that matches your standards

Encryption in transit & at rest

All data is encrypted in transit via TLS and at rest through our cloud provider. Your pricing data is always protected, whether it's moving or stored.

SOC 2 Type II Certified

Independently audited against SOC 2 Type II controls. Security documentation available on request.

Complete audit trails

Every action is logged: who accessed what, when, and why. Exportable reports for compliance reviews.

Secure infrastructure

Hosted on trusted cloud providers with encrypted connections and organization-level data isolation.

Access controls with SSO

Role-based permissions with SSO support via WorkOS. Control who can view, edit, or approve quotes.

Security testing

Penetration testing performed by third-party security firms to identify and address vulnerabilities.

Change management

Every production change ships through code review, automated tests, and a deploy log we can show an auditor.

Incident response

Documented runbooks, on-call rotation, and a post-mortem process. We tell you fast and we tell you straight.

Vendor management

Every subprocessor reviewed for security posture before we onboard. Annual re-review.

Human-in-the-Loop

AI speed. Human judgment. Zero accidents.

With Forgepoint, you get AI speed without the risk — because you always have the final say.

AI drafts in seconds
Parses RFQ, builds BOM, applies your pricing rules.
You review everything
See AI reasoning, edit any field, verify the math.
Only you can send
One click to approve — or reject and revise.
FAQ

Security questions, answered

Never. It's architecturally impossible. Every quote requires a manual 'Approve' action before it can be sent. This is enforced at the database level, not just the UI.

Your data is hosted on secure US-based cloud infrastructure with encrypted database connections.

Absolutely not. Your data is never used to train models. Your pricing information stays yours — we use it only to generate quotes for your business.

We maintain an incident response plan and carry cyber liability insurance. Our team will investigate promptly and notify affected customers.