Skip to main content
    iTmethods

    FORGE · FSAI · THE ASSESS ON-RAMP

    Available Now

    FSAI Assess. Agentic AI Infrastructure Review in 4 to 6 Weeks.

    A fixed-scope external review of your agentic AI infrastructure, run by iTmethods engineers in your environment. You leave with a threat model, a severity-scored gap report, and a 90-day remediation plan.

    WHAT FSAI ASSESS IS

    The productized AI infrastructure review.

    Most security functions were built around perimeter, identity, application, and cloud configuration. Agent runtimes, MCP servers, and model gateways do not fit cleanly into any of those categories. FSAI Assess is a fixed-scope, fixed-timeline external review focused entirely on agentic AI infrastructure, run by iTmethods engineers who work inside enterprise AI runtimes every day.

    • Foundation model surfaces (Bedrock, Azure AI Foundry, Vertex AI, OpenAI, Anthropic): configuration, egress, key handling, allow-lists, logging.
    • Agent runtimes (Claude Code, Cursor Self-Hosted, LangGraph, CrewAI, Agentforce, NemoClaw): sandboxing, tool permissions, execution boundaries, blast-radius controls.
    • MCP servers (self-hosted, third-party, in-house tool servers): authentication, scope-of-tool, input validation, audit logging, agent-server trust model.
    • Identity, secrets, network: service identity for agents and tools, secret rotation, segmentation, and egress paths reachable without a human in the loop.

    WHAT YOU GET

    Four artifacts. All included. All yours.

    Fixed-scope, 4 to 6 weeks end to end. You leave with the deliverables whether you ever buy anything else from iTmethods or not.

    Threat model

    Visual map of the agent attack surface, runtime by runtime, with trust boundaries, tool reach, and blast-radius zones made explicit.

    Severity-scored gap report

    Specific findings, each severity-scored, each tied to a concrete control or configuration, each cross-referenced to the agentic risk taxonomy.

    Prioritized 90-day remediation plan

    Actionable roadmap sequenced by risk reduction per unit of effort, with owner profiles and acceptance criteria for each item.

    Framework-mapped findings

    Every finding tagged to OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF, FINOS AIGF v2.0, and EU AI Act Article 9, ready for audit committee and regulator.

    WHERE ASSESS SITS

    One on-ramp to the broader Forge stack.

    FSAI Assess produces the picture of current state. The remediation paths and the governed runtime that closes the gaps live here.

    Forge Secure AI (FSAI)

    The full FSAI hub.

    The three phases (Assess, Harden, Sustain), the two subscription tiers, the framework mapping, and where Assess fits.

    Explore FSAI

    Forge AI Substrate

    The governed runtime underneath.

    Agent runtime, foundation model access, MCP and tool operations, sovereign control plane. The substrate Assess reviews.

    Explore Forge AI Substrate
    Available Now

    Start an Assess.

    The next engagement window is open. Fixed scope, 4 to 6 weeks, board-ready artifact at the end. 30 minutes with an iTmethods principal to confirm scope and timeline.