SOC 2 Type II Audit Report
Provided via 3verest Pty Ltd. Independent verification of security, availability, and confidentiality controls.
Reference: F-SOC2-2025
via 3verest
SOC 2 Type II Audit Report
SERVICE ORGANIZATION CONTROLS • PROVIDED VIA 3VEREST
Forge.io infrastructure operates on 3verest's SOC 2 Type II certified platform. Full audit report available under NDA.
Audit Period
January 1, 2024 – December 31, 2024
Report Status
Unqualified Opinion
Trust Service Criteria Covered
Security
Protection against unauthorized access
Availability
System availability for operation and use
Confidentiality
Protection of confidential information
Summary of Controls
The service organization's controls over its sovereign cloud infrastructure were suitably designed and operating effectively throughout the audit period to provide reasonable assurance that the service commitments and system requirements were achieved.
- Access controls including multi-factor authentication and role-based permissions;
- Encryption of data in transit (TLS 1.3) and at rest (AES-256);
- Continuous monitoring and automated incident response procedures;
- Change management and deployment controls with immutable audit trails;
- Physical security of data centre facilities across all sovereign regions.
Request Full Report
The complete SOC 2 Type II audit report is available to customers and prospects under NDA. Contact deploy@forgerun.io to request access.
This report summarizes the findings of an independent third-party auditor. The audit was conducted in accordance with the attestation standards established by the American Institute of Certified Public Accountants (AICPA).
Forge.io Pty Ltd • Sovereign Developer Cloud • Powered by 3verest Pty Ltd
Page 1 of 1 (Summary)