Security & Compliance Center

Offline by architecture. Not by promise.

MFC doesn't have a "secure mode" — it has no cloud at all. Part geometry, customer names, and your pricing are processed and stored on a Windows machine inside your facility, and nowhere else. There is nothing to misconfigure, no vendor server to audit, and no data flow diagram with an arrow leaving the building.

100% offline — fits ITAR & CUI environments Independently pen-tested Signed binaries · NIST 800-171 documented
The architecture

Everything stays inside your boundary

The application, your settings file, your quotes, and your backups all live on hardware you control. The license is validated locally with SHA-256 against your machine's hardware — no activation server check-ins, no phone-home, no telemetry.

  • No outbound connections from the application
  • No accounts, logins, or cloud sync
  • License verified offline against your hardware
  • Your data is yours — files on your disk, in formats you can back up
Why it matters

ITAR, CUI, and CMMC — in plain English

If your shop touches defense work, every system that sees part data is in scope. MFC's answer is to never put that data anywhere you'd have to defend.

ITAR technical data

A STEP file of a defense part is ITAR technical data. Upload it to a cloud quoting tool and you need to verify where those servers are, who administers them, and whether any foreign person can access them. With MFC the file never leaves your machine — the question never comes up.

CUI handling

Controlled Unclassified Information has to be protected wherever it's stored or processed. Because MFC stores everything locally, your existing facility and network controls — the ones you already maintain — are the controls. No new cloud boundary to document.

CMMC assessments

Every cloud vendor in your workflow adds scope to a CMMC assessment. MFC enters your environment as a signed desktop application with no external connections — closer to a calculator than a service, and documented so your assessor can verify exactly that.

Supply-chain integrity

Signed at every step you install

An offline app still has one trust moment: installation. MFC's distribution chain is signed end to end, so what runs in your facility is exactly what we built.

  • Installers code-signed through Microsoft Azure Trusted Signing — Windows verifies the publisher before anything runs
  • SHA-256 checksums published for every release, so you can verify downloads independently
  • Add-ons signed with Ed25519 — the app refuses anything that doesn't carry a valid signature
Zero-account architecture

No accounts means no account attack surface

You never create an MFC account. There is no login screen, no password reset flow, no session token — none of the machinery that gets phished, stuffed, or leaked. Your license key is generated for your specific machine and verified locally with SHA-256.

Purchasing and support happen over email with Psyrcuit; the application itself has nothing to sign in to. If you replace a machine, you have a self-service transfer right once per year — still no account required.

For your procurement team

Request the compliance pack

Everything your security reviewer or assessor will ask for, in one set of documents — sent straight to your inbox.

What's in the pack

  • Product Security Overview
  • Data Handling Specification
  • NIST 800-171 Responsibility Matrix
  • Software Bill of Materials (SBOM)
  • Penetration Test Report summary
  • Vendor Security Questionnaire

Prefer email? Write to [email protected] and we'll send it directly.

Request received — the compliance pack is on its way to your inbox.

Security review done? See the product.

The full calculator runs in your browser — no signup, no install, nothing sent anywhere.

Launch the demo See pricing