ArcoreAegis icon

ArcoreAegis

ProductionSecurity & Assurance

A comprehensive cybersecurity compliance and risk management platform. It provides automated framework management (NIST, ISO, CIS), system categorization (FIPS 199), risk assessment, and audit lifecycle tracking for enterprise governance and Authority to Operate (ATO) preparation.

Key Features

  • Multi-Framework Library (NIST CSF/RMF, ISO 27001, CIS, COBIT)
  • POAM & Remediation Lifecycle Management
  • CIA Triad Control Mapping & Monitoring
  • Centralized Evidence & Documentation Repository
  • Penetration Testing & Red Team Exercise Tracking

API Endpoints

MethodPathDescription
GET`/api/frameworks/frameworks/`List supported compliance frameworks
GET`/api/grc/risks/`Retrieve risk assessment data
POST`/api/auditing/findings/`Log new audit findings/POAM items
GET`/api/auditing/evidence/`Access compliance evidence repository

Usage Example

python
import requests
# Example interaction
response = requests.get(
    url="https://api.arcore.internal/api/frameworks/frameworks/",
    headers={"Authorization": "Bearer <token>"}
)
print(response.json())

Tech Stack

Python (Django)Django REST FrameworkNext.js/ReactPostgreSQLMaterial-UI

Authentication

  • **Header:** `Authorization: Bearer <token>`
  • **Scopes:** RBAC is enforced at the object level via `ArcoreCodex` policies.

Compliance & Security

Compliance

  • Role-Based Access Control (RBAC) per engagement
  • Audit logging for all compliance artifact changes
  • FIPS 199 compliant system categorization

Security

  • Role-Based Access Control (RBAC) per engagement

Coming Soon

4 planned

  • Risk Heatmaps (5x5 Matrix View)

    Target: Q2 2025

  • Automated PDF/Excel Report Generation

    Target: Q3 2025

  • SIEM/Vulnerability Scanner Integration

    Target: Q2 2025

  • Multi-tenancy (Organization Isolation)

    Target: Q3 2025

Related Products

ArcoreSentinel icon
Production

Arcore Sentinel

A high-performance application testing service built with .NET 8.0 and Blazor. Sentinel provides multi-protocol testing (REST API, Database, WebSocket), load testing with detailed performance metrics, API compliance analysis, and real-time health monitoring with comprehensive test result storage.

Security & Assurance
ArcoreTest icon
Production

Arcore Test

An automated Test Inventory & Discovery Framework. ArcoreTest scans codebases and databases to build a living inventory of testable components, triggers, and actions, providing a centralized metadata repository for testing governance and coverage analysis.

Security & Assurance
ArcoreCodex icon
Production

Arcore Codex

The 'Legal Brain' of Arcore. Codex provides a dual-engine architecture for digitizing federal contracts (financials, CLINs, rates) and enforcing executable policy-as-code using OPA/Rego for AI guardrails, data governance, and dynamic access control.

Security & Assurance