ArcoreCodex icon

ArcoreCodex

ProductionSecurity & Assurance

The 'Legal Brain' of Arcore. Codex provides a dual-engine architecture for digitizing federal contracts (financials, CLINs, rates) and enforcing executable policy-as-code using OPA/Rego for AI guardrails, data governance, and dynamic access control.

Key Features

  • Federal Contract Digitization (CLINs/Rate Cards)
  • Policy-as-Code Engine (OPA/Rego)
  • Centralized Policy & Version Repository
  • AI Prompt & Output Guardrails (Infrastructure)
  • Dynamic Access Control Enforcement

API Endpoints

MethodPathDescription
POST`/api/policy/evaluate/`Evaluate a policy against input data
GET`/api/codex/contracts/`List digitized federal contracts
POST`/api/policy/policies/`Manage policy definitions
POST`/api/policy/policy-versions/`Create immutable policy versions

Usage Example

python
import requests
# Example interaction
response = requests.post(
    url="https://api.arcore.internal/api/policy/evaluate/",
    headers={"Authorization": "Bearer <token>"},
    json={
        "policy_key": "ai_guardrails",
        "input": {"prompt": "hello", "user_id": "123"}
    }
)
print(response.json())

Tech Stack

Python (Django)OPA (Open Policy Agent)RegoNext.js/ReactGraphQL

Authentication

  • **Header:** `Authorization: Bearer <token>`
  • **Scopes:** RBAC is enforced at the object level via `ArcoreCodex` policies.

Compliance & Security

Compliance

  • Input Validation: Strict schema checks
  • Immutable Policy Versioning
  • Audit Logging: All policy decisions logged

Security

  • TLS 1.3
  • AES-256 encryption

Coming Soon

4 planned

  • AI Guardrail Policy Templates

    Target: Q1 2025

  • Real-time Policy Violation Alerts

    Target: Q2 2025

  • Automated Contract Ingestion (OCR/AI Parser)

    Target: Q3 2025

  • Federal Regulation Library (FAR/DFARS)

    Target: Q4 2025

Related Products

ArcoreSentinel icon
Production

Arcore Sentinel

A high-performance application testing service built with .NET 8.0 and Blazor. Sentinel provides multi-protocol testing (REST API, Database, WebSocket), load testing with detailed performance metrics, API compliance analysis, and real-time health monitoring with comprehensive test result storage.

Security & Assurance
ArcoreTest icon
Production

Arcore Test

An automated Test Inventory & Discovery Framework. ArcoreTest scans codebases and databases to build a living inventory of testable components, triggers, and actions, providing a centralized metadata repository for testing governance and coverage analysis.

Security & Assurance
ArcoreAegis icon
Production

Arcore Aegis

A comprehensive cybersecurity compliance and risk management platform. It provides automated framework management (NIST, ISO, CIS), system categorization (FIPS 199), risk assessment, and audit lifecycle tracking for enterprise governance and Authority to Operate (ATO) preparation.

Security & Assurance