ForgeHome Logo
ForgeHome

Security You Can Trust

ForgeHome is owned and operated by ForgeDBI, LLC and follows security best practices appropriate for a multi-tenant SaaS platform.

ForgeHome is built with a security-first, multi-tenant architecture to protect builder data, customer information, and business operations.

All data is encrypted in transit and at rest, tenant data is fully isolated, and access is controlled through role-based permissions — so your information stays secure and private.

Built for Multi-Tenant SaaS

  • Tenant-isolated data architecture
  • Role-based access control (RBAC)
  • Secure authentication and authorization
  • Scoped APIs and protected integrations

Enterprise-Grade Infrastructure

  • Encrypted data storage
  • Secure HTTPS/TLS communication
  • DDoS and network-level protections
  • Continuous monitoring and logging

DDoS Protection

  • Advanced DDoS mitigation
  • Web Application Firewall (WAF)
  • Rate limiting and throttling
  • Traffic anomaly detection

24/7 Monitoring

  • Real-time threat detection
  • Automated security alerts
  • Rapid incident response
  • Continuous system health checks

Our Security Practices

ForgeHome implements industry-leading security practices to protect your data and ensure platform reliability. Our security program is designed around the principle of defense in depth, with multiple layers of protection.

Infrastructure Security

  • Hosted on industry-leading cloud providers with SOC 2 Type II certification
  • Network isolation with private subnets and security groups
  • Web Application Firewall (WAF) protection
  • Automated vulnerability scanning and patching
  • Intrusion detection and prevention systems

Application Security

  • Secure coding practices following OWASP guidelines
  • Regular security code reviews and audits
  • Input validation and output encoding
  • Protection against SQL injection and XSS attacks
  • Content Security Policy (CSP) implementation

Data Protection

  • TLS 1.3 encryption for all data in transit
  • AES-256 encryption for data at rest
  • Secure key management with regular rotation
  • Data residency options for compliance requirements
  • Secure data deletion procedures

Authentication & Access

  • Multi-factor authentication (MFA) support
  • Single sign-on (SSO) integration options
  • Strong password policies
  • Session management and timeout controls
  • IP allowlisting capabilities

Compliance

ForgeHome is committed to maintaining compliance with relevant security standards and regulations:

  • GDPR compliant data handling
  • CCPA compliance for California residents
  • Regular third-party security assessments
  • Vendor security due diligence

Incident Response

In the event of a security incident, our team follows a comprehensive incident response plan that includes immediate containment, investigation, remediation, and transparent communication with affected customers.

Report a Vulnerability

We value the security research community. If you discover a security vulnerability, please report it responsibly to security@forgehome.io. We appreciate your help in keeping ForgeHome secure.

Questions?

For security-related questions or to request our security documentation, please contact our security team at security@forgehome.io.