Sovereign defence infrastructure

The sovereign supply chain for
Canada's classified Kubernetes.

Canadian-jurisdictional trust path from build to apply, for the cleared engineering teams already running Protected B and Secret Kubernetes. No foreign vendor in the path.

What we provide

One trust path. Built for what Canada must build.

A complete deploy-time substrate for classified Kubernetes. Built, signed, attested, and audited inside Canadian boundaries.

  1. 01

    A Canadian-jurisdictional trust path

    Every artifact bound for a classified Kubernetes cluster bundled, signed, attested, and applied under Canadian jurisdiction. The vendor is Canadian-incorporated and the supply chain is Canadian-jurisdictional. Foreign-jurisdictional dependencies are removed from the trust path by design, not minimized by policy.

  2. 02

    Hardened artifact attestation

    Every artifact entering a classified cluster is signed, attested, and accompanied by a software bill of materials. Inspectable end to end. Auditable by your own people, not just ours.

  3. 03

    Air-gap operations

    A productized one-way transfer protocol with attestation chain and tamper-evident audit trail. Designed for SCIFs where the high-side machine has never seen the internet, and never will.

  4. 04

    Accreditable compliance and audit

    ITSG-33 controls mapped to Northfleet's capabilities. Auditor-ready evidence collection by default. Every signature, attestation, and audit entry is produced by Northfleet and verifiable on the customer's terms.

Why now

The sovereignty requirement is now a procurement requirement.

Canada's Defence Industrial Strategy committed the country to a domestic defence industrial base, with explicit procurement preference for Canadian-controlled infrastructure. The DSRB is now headquartered in Canada. BDC's Defence Platform is deploying capital to operators that can hold the jurisdiction line.

Every meaningful Kubernetes platform in production at Canadian defence primes today operates under foreign jurisdiction. The CLOUD Act reaches into all of them. The sovereign supply chain into those platforms is the part this strategy still has to buy.

Built for

Buyers operating where jurisdiction matters.

  • Defence primes

    Engineering and accreditation teams running classified Kubernetes for federal customers under domestic-controlled procurement.

  • Federal departments

    CIO and CTO offices building Protected B and Secret capability inside Canadian boundaries, on Canadian-operated infrastructure.

  • Allied multilateral buyers

    DSRB-aligned partners standing up sovereign-by-default infrastructure for cross-jurisdictional defence programs.

Operating principles

Sovereignty is the substrate, not the slogan.

  • ·

    Supplied by a Canadian-incorporated vendor with a Canadian-jurisdictional supply chain.

  • ·

    Deployed on Canadian-jurisdictional infrastructure by cleared engineering teams.

  • ·

    Built on upstream Kubernetes. No fork. No lock-in.

  • ·

    Inspectable from artifact to admission. Audit is a default, not a feature.

  • ·

    Designed for accreditation against ITSG-33 from the first commit.

Talk to us

Ship classified workloads
on Canadian terms.

Northfleet is built for defence primes, federal departments, and allied buyers running classified workloads on Canadian-jurisdictional infrastructure. A briefing follows first contact.