Frequently Asked Questions

What is Rocket City Defense Solutions LLC?

We build offline-capable DevSecOps tools for organizations that can't rely on constant internet connectivity. Our suite (PipelineForge, PGuard, KubeFix) enables secure software development in air-gapped networks, classified environments, and high-compliance industries.

Who are your typical customers?

• Defense Contractors: Companies working on classified programs requiring air-gap operation
• Financial Institutions: Banks and fintech requiring data sovereignty and compliance
• Healthcare Organizations: HIPAA-regulated entities needing secure CI/CD pipelines
• Enterprise IT: Large organizations tired of per-developer licensing costs

Are these tools open source?

No. These are commercial products with free tiers and paid licenses. However, we integrate with and bundle open-source scanners (Trivy, Kubescape, Gitleaks).

How is this different from GitLab's security features?

GitLab is a full DevOps platform. We're focused CLI tools for security and remediation that work anywhere.

Can I use this in an air-gapped environment?

Yes. That's what we built it for.

• PGuard: Download database bundles via "sneaker-net" (USB drive), then scan offline indefinitely
• PipelineForge: Supports offline-first generation workflows with local and BYO AI options
• KubeFix: Includes local-first AI analysis paths designed for disconnected environments

Do you see my code or data?

Not by default.

Our tools are CLI binaries that run in your environment. Your code, scan results, and AI prompts never leave your infrastructure. We don't operate a "cloud service" that processes your data.

What platforms does PipelineForge support?

1. GitHub Actions
2. GitLab CI
3. Jenkins (Declarative Pipelines)
4. CircleCI
5. Azure Pipelines
6. Bitbucket Pipelines

What does PGuard scan for?

3 Integrated Scanners:

• Trivy - Container vulnerabilities (CVEs), OS packages, application dependencies
• Kubescape - Kubernetes security posture, CIS benchmarks, NSA/CISA hardening guides
• Gitleaks - Secrets in git history, API keys, passwords, tokens

Extensive security rule coverage (plan and release dependent) covering Dockerfile best practices, pipeline misconfigurations, mobile CI/CD, and compliance violations.

What air-gap capabilities are included?

Common offline capabilities include:

1. Pre-bundled vulnerability databases (no internet required)
2. Checksum verification for database integrity
3. Automated database bundling scripts
4. Offline database updates via USB/sneaker-net
5. Local-only scanning (no telemetry)
6. Unified policy engine (YAML-based)
7. Diff tracking with fingerprint-based change detection
8. Baseline snapshots for drift comparison
9. Waivers and exceptions (track approved risks)
10. PDF/JSON/HTML reports (no cloud rendering)
11. Watch mode (continuous monitoring without internet)
12. License validation with grace periods (works offline 30 days)
13. Compliance templates (pre-configured policies)
14. Auto-fix suggestions (local remediation without API calls)

What's "Three-Tier AI"?

KubeFix routes queries through 3 tiers for optimal speed:

• Tier 1: Expert System (~0ms) - Pattern matching for known errors. Instant response with no AI required.
• Tier 2: ONNX MiniLM-L6-v2 (~50ms) - Semantic classification using a lightweight neural network.
• Tier 3: LLaMA TinyLlama-1.1B (~3s) - Generative AI for complex analysis. Runs entirely offline.

Daemon Mode: Keep models loaded in memory for ~3ms responses.

How is licensing handled?

Licensing depends on the product and deployment context. We do not publish pricing on this site. For licensing details, contact sales@rocketcitydefensesolutions.com.

Can I evaluate a product before committing?

Yes. We can provide evaluation guidance and environment-fit checks (including offline and constrained-network scenarios). Use the product documentation and reach out via Contact for next steps.

Do you support academic or startup programs?

We occasionally support academic and early-stage programs based on fit and availability. Contact sales@rocketcitydefensesolutions.com with your context.

Are your tools compliant with regulations?

Our tools help you achieve compliance, but we don't "certify" your environment.

Pre-configured compliance templates:

• SOC2 Type I/II
• HIPAA
• PCI-DSS
• ISO27001
• GDPR
• NIST 800-53
• STIG/CIS Benchmarks

How do you handle vulnerability updates in air-gap environments?

Database Bundle Process:

1. Download latest vulnerability database bundle from our website (requires internet)
2. Transfer bundle to air-gap network via USB/sneaker-net
3. Run pguard update --bundle <file> to install
4. Scan indefinitely offline until next update

Update frequency: We publish bundles daily. You update on your schedule (weekly, monthly, quarterly).

What support channels do you offer?

How do I install?

# PGuard
curl -sSL https://get.pguard.dev | sh

# PipelineForge
curl -sSL https://get.pipelineforge.dev | sh

# KubeFix
curl -sSL https://get.kubefix.dev | sh

Windows: Download installers from our website or use package managers (Scoop, Chocolatey).

Air-Gap: Download binaries on an internet-connected machine, then transfer to your environment.

Still have questions?

📧 Email: support@rocketcitydefensesolutions.com
📞 Sales: Schedule a call