Skip to main content
    iTmethods

    FORGE · SECURE SOURCE CODE CONTROL

    Your source code, inside your trust boundary. Hardened, governed, audit-grade.

    Forge runs GitHub Enterprise, GitLab Self-Managed, and Bitbucket Data Center inside a governed substrate the customer owns. Source code never leaves the trust boundary. Reign governs every AI coding tool that touches it. Continuous assurance of every read and every write.

    Talk to Forge engineering
    ProofSOC 2 Type IIHIPAA EligibleFedRAMP AlignedFINOS AIGF AlignedReign-ready
    AWS Advanced PartnerValidated AWS MSPAWS Private OffersAWS Marketplace
    GitHub Enterprise
    Inside your trust boundary
    GitLab Self-Managed
    Hardened
    Bitbucket Data Center
    Governed by Reign
    ForgejoEARLY ACCESS
    Audit-grade

    ATTACK SURFACE

    Source code is one of the largest single attack surfaces in a regulated enterprise. Treat it that way.

    Source code contains every secret, every architecture decision, every business logic rule, and every coding-assistant prompt the enterprise has ever issued. A breach at that layer is not a breach of a tool. It is a breach of the institution.

    The agentic era multiplies the touch surface. Every AI coding agent the engineering team runs (Copilot, Cursor, Claude Code, Cortex, GitLab Duo, Atlassian Intelligence, and whatever ships next) reads, writes, and reasons over source code at machine speed and machine pace. Engineers, agents, CI pipelines, security scanners, dependency bots. The count of distinct entities interacting with the codebase per day has grown sharply over the last 18 months. Source code is no longer the engineering team's working set.

    Source code is the operating context of the institution. The agent runtime reads it to plan changes. The CI pipeline reads it to provision infrastructure. The compliance scanner reads it to attest to controls. Every regulator-facing claim an enterprise makes about its AI posture ultimately resolves to something written in the source code substrate. Hardening that substrate is no longer an engineering decision. It is an institutional one.

    The 2024 to 2026 wave of source-code-platform incidents made one principle plain. The trust boundary matters more than the feature set. Source code that lives outside the customer's authorization boundary is exposed by the platform vendor's posture, not the customer's. Hardening inside the boundary is the only durable answer.

    Forge runs GitHub Enterprise, GitLab Self-Managed, and Bitbucket Data Center inside the customer's trust boundary. Customer Cloud, VPC, or air-gapped. iTmethods does not custody customer code, secrets, or pipeline artifacts. The substrate is operated by iTmethods. The artifacts are owned by the customer.

    THREE LAYERS

    Three layers of governance. One operating posture.

    The substrate (Forge).

    GitHub Enterprise, GitLab Self-Managed, or Bitbucket Data Center deployed inside the customer's trust boundary. Dedicated, Customer Cloud, or air-gapped. SOC 2 Type II. HIPAA-eligible. FedRAMP-aligned. AWS Advanced Tier Services Partner operating heritage. 21 years.

    The AI coding tools (Reign).

    Cursor, Claude Code, Cortex, Copilot, GitLab Duo, Atlassian Intelligence, and any future coding agent governed by Reign at the call layer. Identity-bound. Audit-trailed. Mapped to the customer's three-reg posture (EU AI Act, SR 26-2, DORA where applicable; FedRAMP and CMMC where applicable). Reign-ready means the AI coding tools your engineers ship with do not become a side-channel for code or secrets.

    The operating posture (FSAI).

    Forge Secure AI Assess delivers a board-ready threat model, gap report, and 4 to 6 week remediation plan covering foundation models, agent runtimes, MCP, identity, and the source code substrate. The on-ramp from existing platform to hardened deployment.

    PICK YOUR PLATFORM

    Three Platform Options. One operating model. Inside your trust boundary.

    GitHub on Forge

    Managed GitHub Enterprise inside your trust boundary. Server, Cloud-hardened, or air-gapped.

    • GitHub Actions runners isolated per environment, short-lived OIDC tokens.
    • Advanced Security (GHAS), branch protection as policy-as-code, Reign-governed Copilot.
    • FIPS 140-2 Level 3 air-gapped deployment for defense and classified programs.

    See the deep dive

    GitLab on Forge

    Managed GitLab Self-Managed inside your trust boundary. Sovereign-friendly by default.

    • GitLab Ultimate or Premium, customer-owned IdP, policy-as-code branch and push controls.
    • Sovereign on-prem, hybrid, or fully air-gapped deployment.
    • GitLab Duo and the rest of the AI coding tool fleet governed by Reign at the call layer.

    See the deep dive

    Bitbucket Data Center on Forge

    Managed Bitbucket Data Center inside your trust boundary. Customer Cloud, dedicated, or air-gapped.

    • Atlassian preserved Bitbucket Data Center in the 2029 DC sunset plan. Source code stays self-hosted.
    • March 30, 2026 new-customer license cutoff; mid-2026 hybrid license launch.
    • Atlassian Intelligence governed by Reign at the call layer.

    See the deep dive

    EARLY ACCESS · TALK TO FORGE ENGINEERING

    Up and Comers.

    Forge also operates an emerging open-source platform inside your trust boundary, for buyers whose sovereignty requirement is non-negotiable. Talk to Forge engineering for early-access scoping.

    EARLY ACCESS

    Forgejo on Forge

    • Position. Fully open-source, self-hosted Git platform. AGPL licensed. Lighter footprint than GitLab. Federation-ready. Backed by Codeberg e.V., a German non-profit.
    • Why it matters. When the sovereign, audit-the-vendor's-code requirement is non-negotiable. EU public sector, defense, and any regulated buyer who needs to read the source of the source-code platform itself.
    • Forge posture. Hardened deployment inside your VPC or air-gapped environment. Reign AI Gateway governs the AI coding tools that touch it. Same shared-responsibility model as GitHub and GitLab on Forge.
    Talk to Forge engineering about Forgejo on Forge

    Other platforms? Talk to engineering.

    partners@itmethods.com

    SHARED RESPONSIBILITY

    What we run, what you run.

    Forge Automated

    Decisions Forge closes inside the substrate without human intervention. The runtime, the identity boundary, the network policy, and the audit logging.

    • Operate the source-code substrate (GitHub Enterprise, GitLab Self-Managed, Bitbucket Data Center, Forgejo) inside the customer's authorization boundary.
    • Enforce the customer-bound IdP at the platform edge. SAML, OIDC, SCIM as the customer requires.
    • Run runners isolated per environment, short-lived tokens, no long-lived secrets.
    • Stream audit logs to the customer's SIEM and to the Reign Audit Ledger (CAVR).
    • Apply hardening configuration as policy-as-code, not manual setup.
    • Patch the substrate, runner fleet, and dependencies on a cadence matched to upstream vendor releases.

    Customer Authored

    Decisions the customer owns under the shared-responsibility model. The customer is the author, not just the approver.

    • Own repositories, intellectual property, code review policy, branch protection rules, and push policy.
    • Author the catalog of AI coding tools the organization sanctions (Copilot, Cursor, Claude Code, Cortex, GitLab Duo, Atlassian Intelligence).
    • Approve evaluators the FDE pod authored during the on-ramp phase against the customer's AI inventory.
    • Define the snapshot policy (which examinations, which cadence, which attestations).
    • Sign off on examination snapshots (Assurance Pack outputs) before delivery to the regulator.
    • Approve new agentic tool integrations and policy exceptions surfaced by the evaluator fleet.

    FDE Intervention

    Decisions where iTmethods Forward Deployed Engineers run the work. Authoring on-ramp plus continuous-remediation SLA, bundled inside the Reign Assurance and Reign Continuous tiers. Not a permanent staffing posture.

    • Stand up the initial hardening configuration on the new substrate.
    • Author the first 10 to 15 evaluators against the customer's source-code surface.
    • Operate the continuous-remediation SLA on findings the fleet emits: P0 within 7 days, P1 within 21 days, P2 within 60 days.
    • Lead quarterly posture reviews with the customer's CRO, CISO, audit committee, and Independent Assurance function.
    • Coordinate with the customer's Big-4 audit firm on examination evidence the snapshots must produce.
    • Train the customer's audit and MRM teams to author their own evaluators. Authoring competency is the proof the engagement worked.

    FAQ

    Common questions before the scoping call.

    Where does my source code live?

    Inside your VPC, your Customer Cloud account, or your air-gapped environment. Forge operates the substrate; iTmethods does not custody customer code, secrets, or pipeline artifacts. The substrate is iTmethods. The artifacts are yours.

    What if my regulator changes the rules?

    The FDE pod operates a continuous-remediation SLA on findings the evaluator fleet emits: P0 within 7 days, P1 within 21 days, P2 within 60 days. The substrate updates with you as the regulatory surface expands.

    How do you handle Copilot, Cursor, Claude Code, Cortex, GitLab Duo, and Atlassian Intelligence?

    Reign AI Gateway governs all of them at the call layer. Identity, content classification, and data exposure policy are enforced before the AI coding tool sees the code. Every call is logged as tamper-evident action exhaust in the Reign Audit Ledger (CAVR).

    What if a vendor (GitHub, GitLab, Atlassian, Forgejo upstream) has a security incident?

    Your code is in your boundary. Your authorization is independent of the vendor's posture. iTmethods leads the patch cadence inside your environment and surfaces a customer-side impact analysis your audit committee can read.

    Is this AWS-only?

    No. Forge runs on AWS, Azure, and GCP. AWS is our deepest operating heritage and the default for many regulated banks. Other hyperscalers are supported.

    Can we move from GitHub to GitLab to Bitbucket Data Center to Forgejo, or any combination, inside Forge?

    Yes. Forge runs them side by side. Migration paths between platforms are scoped through FSAI Assess and delivered by the FDE pod.

    Why include Bitbucket Data Center?

    Atlassian explicitly preserved Bitbucket Data Center in its Data Center sunset plan. Source code workloads stay self-hosted for regulated buyers. iTmethods runs Atlassian managed services and operates Bitbucket Data Center inside the customer's trust boundary under the same shared-responsibility model as GitHub and GitLab on Forge.

    Why include Forgejo?

    Some buyers require a fully open-source source-code platform whose code they can read. Forgejo is the answer. We operate it inside your trust boundary with the same shared-responsibility model. Talk to Forge engineering for early-access scoping.

    REIGN TIER ALIGNMENT

    Forge runs the substrate. Reign governs the AI on top.

    Most regulated Managed Source Code customers also enroll in Reign Assurance or Reign Continuous. The hardening and operations of the source-code substrate are delivered by Forge. The governance of every AI coding tool that touches the code is delivered by Reign at the call layer. The same FDE pod runs both.

    The Reign Design Partner Program is the FY26 onramp into those tiers.

    Apply to the Reign Design Partner Program

    Talk to Forge engineering.

    Scope your hardened source-code substrate. Customer Cloud, dedicated, or air-gapped. Reign-ready for the AI coding tools your engineers ship with.

    Talk to Forge engineering