Deliver trusted software to the edge — even fully air-gapped.
FortressOps freezes your container images, Helm charts, and files into signed, scanned bundles, then distributes them — with per-site encrypted secrets — across a peer network that reaches disconnected and tactical sites.
Air-gap-native · Cryptographically signed · Registry-compatible
FortressOps console — bundle catalog, distribution status, and fleet health.
dashboard-overview.pngDrop the real screenshot here to replace

Built to the standards your ATO depends on
Getting trusted software into disconnected sites is still a sneakernet.
Edge, tactical, and air-gapped environments break every assumption of a normal software supply chain.
No line of sight
Registries, scanners, and CI live on the connected side. The sites that need the software the most can’t reach any of it.
Unverifiable provenance
Files copied by hand arrive with no proof of what they are, who approved them, or whether they were tampered with in transit.
Stale vulnerability data
Offline sites can’t pull fresh scan databases, so nobody knows what CVEs shipped with the last drop.
Secrets sprayed everywhere
Per-site configuration and credentials get emailed, shared, and reused — the opposite of least privilege.
One registry. Signed bundles. Delivered anywhere.
Everything a regulated team needs to publish, prove, and distribute software to sites it can’t reach directly.
One registry, four surfaces
Push and pull Docker/OCI images, Helm charts, generic files, and clone a GitOps repo — all from the same host and the same credentials.
Signed & scanned bundles
Freeze a version into a bundle with an SBOM and a vulnerability report, then Ed25519-sign it on approval.
Distribute anywhere
Push bundles across a peer graph — source → relay → edge — with resumable, de-duplicated transfer, even into air-gapped sites.
Per-site secrets
Attach configuration secrets that are end-to-end encrypted for exactly one destination site and no one else.
Secure by default
Argon2id passwords, encryption at rest, mutual-TLS between nodes, RBAC, audit logging, and offline vulnerability scanning.
GitOps ready
Every app is also a read-only Git remote — point Argo CD or Flux straight at it, one branch per version.
Source → hopper → edge.
Content flows between FortressOps nodes over a signed, mutually-authenticated peer network that can hop through relays to reach disconnected environments.
- 01Source
Publish & approve
A central team publishes artifacts, builds a bundle with its SBOM and vulnerability report, and Ed25519-signs it on approval.
- 02Hopper
Relay across boundaries
Bundles hop through relay nodes in a DMZ or intermediate segment — resumable and de-duplicated, so only new blobs move over the wire.
- 03Edge
Verify & run offline
Edge sites verify signatures offline — no HSM, KMS, or network dependency — then serve the content to local tooling.
Peer graph — a directed path from a connected source out to air-gapped edge sites.
peer-graph.pngDrop the real screenshot here to replace

A cryptographic root of trust for every release.
A bundle is an immutable, content-addressed snapshot of a version — its artifacts, an SBOM, and a Trivy vulnerability report — sealed with an Ed25519 detached signature on approval. The signature is re-verified at every hop.
- SBOM generated with Syft (CycloneDX)
- Trivy vulnerability report bound into the signed manifest
- Approval policy gate blocks unscanned or vulnerable releases
- Immutable SHA-256 content addressing end to end
Bundle approval — review the SBOM and vulnerability report, then sign.
bundles-approve.pngDrop the real screenshot here to replace

Byte-perfect transfer over degraded links.
Bundles move across a peer graph of mutually-authenticated nodes. Content-addressed de-duplication means only blobs the destination is missing ever traverse the network, and transfers resume exactly where they left off.
- Mutual-TLS with SHA-256 certificate pinning between nodes
- CAS de-duplication — never re-send a blob a peer already has
- Resumable, chunked, throttled transfer for tactical links
- Hopper forwarding to reach nodes with no direct route
Distribution feed — track every bundle as it hops toward its destination.
distribution-feed.pngDrop the real screenshot here to replace

Encrypted for one site, and no one else.
Attach configuration secrets to a destination and FortressOps encrypts them end-to-end for exactly that site — X25519 key agreement, HKDF-SHA256, and AES-256-GCM — so relays carry ciphertext they can never read.
- X25519 → HKDF-SHA256 → AES-256-GCM per-site envelopes
- Key epochs and revisioned, locally-encrypted overrides
- Relays and hoppers never see plaintext
- Least-privilege configuration by construction
Per-site secrets — end-to-end encrypted to a single destination.
secrets-upload.pngDrop the real screenshot here to replace

Point Argo CD or Flux straight at it.
Every FortressOps app is also a read-only Git remote over smart-HTTP, with one branch per version. Your existing GitOps controllers reconcile against trusted, signed content — no extra glue, even at the edge.
- Native Argo CD and Flux compatibility
- Read-only Git smart-HTTP surface, one branch per version
- Same host, same credentials as your registry and charts
- Reconcile edge clusters against signed, scanned bundles
GitOps — Argo CD / Flux reconciling against a FortressOps app’s Git remote.
gitops-argocd.pngDrop the real screenshot here to replace

Secure by construction, not by configuration.
FortressOps is designed for regulated, disconnected, and high-assurance environments. Every layer assumes a hostile, offline world.
Ed25519 signatures
Detached signatures over canonical JSON manifests, re-verified at every hop.
mTLS + cert pinning
Mutually-authenticated nodes with SHA-256 certificate fingerprint pinning.
AES-256-GCM at rest
Content-addressed blobs encrypted at rest with authenticated encryption.
Per-site E2EE secrets
X25519 → HKDF-SHA256 → AES-256-GCM envelopes targeted at a single site.
Argon2id + breach checks
14-character policy, Argon2id hashing, and optional offline HIBP breached-password checks.
RBAC + app lockdown
Company-scoped read/write/manage roles plus per-app lockdown allow-lists.
Offline vulnerability scanning
Trivy with an operator-supplied offline database and an approval policy gate.
Audit logging
Append-only audit events, revocable tokens, and Prometheus health metrics.
Air-gap-native, and built to the DoD evidence model.
FortressOps was designed from day one around the way defense programs actually ship software to disconnected enclaves and tactical edge sites.
RMF & NIST SP 800-53
Architected against the RMF workflow with 800-53 Rev 5 control mappings threaded through the design.
STIG-hardening path
Hardening guidance mapped to ASD, Kubernetes, Container Platform, OS, and database STIGs.
Iron Bank / Big Bang
A clear path to inherit a DoD DevSecOps cATO via Platform One containers and pipelines.
IL4–IL6 target
Designed for IL4–IL6 enclaves, with a path to TS/SCI via ICD 503 / JSIG under sponsorship.
NIPR / SIPR / air-gap
Every capability — vuln DB, licensing, config — has a fully offline file-drop path.
CMMC & 800-171 ready
Supports CUI-handling programs pursuing CMMC 2.0 Level 2 and NIST SP 800-171.
Straight talk: FortressOps is compliance-evidence-ready — it is built to the RMF / 800-53 / STIG model and packaged for Iron Bank / Big Bang inheritance. It is not itself certified, FIPS-validated, or ATO-granted. We provide the architecture and artifacts; your authorizing official grants the ATO.
Runs where you run — connected or not.
A single self-contained image, or native packages, with no hard dependency on the internet.
Docker
One container image; select API, distributor, or both via a single environment variable.
Kubernetes / Helm
A Helm chart ships a StatefulSet, Service, Ingress, and persistence for single-node sites.
.deb / .rpm + systemd
Native OS packages with a systemd unit for bare-metal and appliance installs.
SQLite or PostgreSQL
Run fully self-contained on SQLite, or point at PostgreSQL for larger sites.
Local or S3 / MinIO
Store blobs on local disk or any S3-compatible object store, including MinIO.
Fully offline
Trivy DBs, licenses, and config all have upload or file-drop paths — no internet required.
Air-gap-native, not air-gap-retrofitted.
Built for the disconnected edge
Offline is the default, not a bolt-on. Every subsystem has a sneakernet path with no break in the air-gap guarantee.
A supply-chain root of trust
Signed, scanned bundles verified at every hop give you cryptographic proof of lineage from source to edge.
A distribution network, not just a repo
FortressOps doesn’t just store artifacts — it moves them across boundaries with resumable, de-duplicated transfer.
Drop-in registry compatibility
Speaks OCI/Docker, Helm, generic files, and Git — your existing DevSecOps tooling works unchanged.
Transparent pricing. No sales maze.
One price, per node, per year. Offline-verifiable licensing that works even in a fully air-gapped enclave.
FortressOps License
The full platform. Every feature. No metering, no per-artifact fees, no connectivity requirement.
- All registry surfaces — OCI, Helm, files, Git
- Signed & scanned bundles with SBOM + vuln reports
- Federated source → hopper → edge distribution
- Per-site end-to-end encrypted secrets
- RBAC, audit logging, and encryption at rest
- Offline, node-bound license verification
Support & Updates
Priority support, response-time SLAs, and hands-on help with upgrades and hardening.
- Priority ticketing with response SLAs
- Guided upgrades and STIG-hardening assistance
- Direct line to the engineering team
Prefer to talk procurement, volume, or a Federal vehicle first? Reach out — we’ll meet you where your paperwork is.
A repository is not a distribution network.
Artifact repositories like JFrog Artifactory and Sonatype Nexus Repository (and the open-source Harbor registry) are excellent at storing artifacts on the connected side. FortressOps is built to get signed, scanned software all the way to the disconnected edge.
Product names are trademarks of their respective owners and are referenced for comparison only. Capabilities described reflect typical artifact-repository positioning.
Questions, answered.
Does FortressOps really work fully air-gapped?
Yes. Air-gapped operation is the design center, not an afterthought. Vulnerability databases, licenses, and configuration all have upload or file-drop paths, and edge nodes verify bundle signatures offline with no HSM, KMS, or network dependency.
Is the product certified, FIPS-validated, or ATO-approved today?
No — and we won’t pretend otherwise. FortressOps is pre-GA and compliance-evidence-ready: built to the RMF / 800-53 / STIG model and packaged for Iron Bank / Big Bang inheritance. We provide the architecture and artifacts; your authorizing official grants the ATO.
How does licensing work without an internet connection?
Licenses are cryptographically signed bundles verified offline against a public key baked into the build. They are node-bound and can be centrally managed and pushed across your fleet — no phone-home, no metering.
What formats and tools does it support?
FortressOps speaks the Docker Registry v2 API, a ChartMuseum-compatible Helm API, plain HTTP for generic files, and read-only Git smart-HTTP for GitOps. Your existing tooling — including Argo CD and Flux — works unchanged.
How is it deployed?
As a single Docker image, a Helm chart for Kubernetes, or native .deb/.rpm packages with a systemd unit. It runs on SQLite or PostgreSQL, and stores blobs on local disk or any S3-compatible store, including MinIO.
Who is FortressOps for?
Defense programs and regulated enterprises that need to deliver trusted software to edge, tactical, and air-gapped sites — anywhere provenance, integrity, and offline operation actually matter.
Request a demo.
Tell us about your environment and what you need to deliver to the edge. We’ll follow up to set up a walkthrough — and yes, we can talk air-gapped pilots.
- Walkthrough tailored to your environment
- Air-gapped and edge pilots supported
- Transparent, flat pricing — no sales maze