Air-gapped AI IDE for regulated industries
CMMC. HIPAA. ITAR. GDPR.
When your compliance framework says "no cloud AI," most tools become unusable. Bodega One runs on your machine. Air-gap mode enforces 9 layers of network isolation. Zero data transmitted. Zero vendor dependency.
The compliance gap in AI coding tools
Cloud AI coding tools send your code to external servers for inference. That code gets processed, logged, and sometimes retained. For most developers, that is fine.
For developers working with CUI, PHI, ITAR-controlled source, or EU-regulated data, it is a violation.
Compliance teams ban AI tools. Developers use them anyway. A 2025 IBM study found that 4 out of 5 developers bypass AI restrictions when they exist. Shadow AI breaches cost organizations $670,000 more than standard incidents.
The fix is not better policies. It is tools that are compliant by architecture.
CMMC Level 2: what defense contractors need to know
Deadline
CMMC Phase 2 takes effect November 10, 2026. Level 2 contracts will require C3PAO third-party certification. Phase 1 (self-assessment) has been live since November 10, 2025.
CMMC Level 2 maps to NIST SP 800-171, which includes 110 security controls. Two of those controls directly affect AI coding tools:
- 3.1.3Information flow enforcement. CUI cannot be transmitted in the clear to the internet. Sending code to a cloud AI provider for inference is a transmission of CUI if that code is marked as controlled.
- 3.13.1Boundary protection. Communications at external system boundaries must be monitored and controlled. Cloud AI inference crosses that boundary.
More than 300,000 defense contractors fall under CMMC. Roughly 118,000 will need Level 2 C3PAO certification. The assessment ecosystem is strained: approximately 100 authorized assessors exist for those 118,000 companies, with bookings running 6 to 9 months out.
The DOJ settled 7 False Claims Act cybersecurity cases in 2025. Settlements ranged from $4.6M to $11.25M. Penalties can reach $28,619 per false claim plus triple damages.
Whether specific source code constitutes CUI depends on contract markings. Consult your contracting officer and compliance team.
HIPAA: when code contains patient data
PHI shows up in source code more often than people expect. Database schemas name patient fields. Test fixtures contain sample records. Error logs capture form data. Configuration files reference protected endpoints. When a cloud AI tool processes that code as context, it transmits ePHI to a third-party server.
The HIPAA Security Rule (45 CFR 164.312) requires technical safeguards including access controls, audit controls, integrity controls, and transmission security. A January 2025 proposed update to the Security Rule explicitly covers AI systems that process ePHI and would make encryption mandatory rather than addressable.
Most AI coding tools do not offer Business Associate Agreements. GitHub Copilot and Cursor do not. If the tool transmits zero data to the vendor, no Business Associate relationship exists and no BAA is required. But that determination must be documented in your risk analysis.
The average healthcare data breach costs $7.42M (IBM 2025). The OCR has settled over 152 enforcement cases totaling $144.9M. Penalties range from $145 to $2.19M per violation category.
Consult HHS guidance and your privacy officer for current HIPAA requirements.
Other frameworks that restrict cloud AI
ITAR (International Traffic in Arms Regulations)
Penalties reach $1M per violation and 20 years imprisonment. The "deemed export" rule means code processed by a cloud service with foreign-national employees may constitute an unauthorized export. AI tools handling ITAR data must run on air-gapped or FedRAMP High infrastructure.
GDPR (EU General Data Protection Regulation)
The US CLOUD Act undermines "EU region" hosting claims from US-headquartered cloud providers. EU AI Act penalties can reach 7% of global turnover. Local processing on EU-based hardware avoids cross-border transfer issues entirely.
SOX (Sarbanes-Oxley)
Applies to publicly traded companies. Requires audit trails and data integrity controls for financial systems. AI tools that process financial application code through external services create audit and data integrity risks.
FedRAMP
Cloud services for government agencies require FedRAMP authorization. GitHub Copilot is pursuing FedRAMP Moderate. No AI coding tool has FedRAMP High. Local tools like Bodega One sidestep the requirement entirely since there is no cloud component.
Requirements vary by framework and jurisdiction. Consult qualified counsel for your specific obligations.
How Bodega One fits into regulated environments
Air-gap mode: 9 enforcement layers
Tool filtering, shell command blocking, auto-updater blocking, git IPC blocking, context assembly guards, cloud STT blocking, system prompt filtering, pre-execution guards, and UI confirmation. Disable one and the other eight still hold. Full breakdown
BYOLLM: your models, your hardware
Run models through Ollama, LM Studio, or any of 15 provider presets. Local inference means no third-party data processing. No vendor API keys required for fully local operation.
No vendor data relationship
Bodega One transmits zero data to Bodega One servers. No telemetry, no usage analytics, no model calls through our infrastructure. If no data is exchanged, no BAA, DPA, or data sharing agreement is needed.
What air-gap mode does NOT solve
Air-gap mode eliminates the data transmission risk. It does not replace administrative safeguards, physical security policies, encryption at rest on your local disk, or the compliance documentation your organization needs to maintain. Compliance is a program. Bodega One removes one of the hardest technical risks to manage.
Compliance capabilities compared
| Bodega One | Tabnine | GitHub Copilot | Cursor | |
|---|---|---|---|---|
| Air-gap capable | Yes ($79 one-time) | Yes ($39/user/mo) | No | No |
| On-premises | Yes (desktop app) | Yes (server deploy) | No | No |
| BAA available | N/A (no data transmitted) | Yes (enterprise) | No | No |
| FedRAMP | N/A (local) | No | Pursuing Moderate | No |
| BYOLLM | Yes (15 presets) | No | No | Partial |
Verified March 2026. Check vendor websites for current offerings.
Compliance
questions.
Is Bodega One HIPAA compliant?+
No tool is "HIPAA compliant" on its own. HIPAA compliance is organizational. But Bodega One's architecture eliminates the transmission risk vector entirely. Air-gap mode ensures zero data leaves your machine. Document this in your risk analysis and consult your compliance team.
Does Bodega One have a Business Associate Agreement?+
If zero data is transmitted to the vendor, no Business Associate relationship exists under HIPAA. Bodega One runs locally, processes locally, and stores locally. No BAA is needed because there is no data exchange to cover. Document this determination in your security assessment.
Can I use Bodega One for ITAR-controlled projects?+
Air-gap mode prevents all data from leaving your machine through 9 independent enforcement layers. No telemetry, no cloud calls, no update checks. Consult your ITAR counsel for your specific classification and export control requirements.
What about FedRAMP?+
FedRAMP certifies cloud services. Bodega One runs locally on your hardware. There is no cloud component to certify. Your compliance scope is your local machine, not a vendor's infrastructure.
Does air-gap mode cover all compliance requirements?+
No. Air-gap mode eliminates the data transmission risk. It does not replace administrative safeguards, physical security, encryption at rest, or risk analysis documentation. Compliance is a program, not a feature toggle. Bodega One removes one of the hardest technical risks: data leaving your environment.
Compliance without compromise.
$79 once. Zero data transmitted. Nine layers of network isolation. Your code stays on your machine because it never has a reason to leave.
Join the Waitlist