CyberSecurityConsulting
A comprehensive cybersecurity compliance and risk management platform built with Django REST Framework and React. It provides the frameworks and tracking mechanisms for RMF (Risk Management Framework) and NIST compliance, ideal for consulting engagements and internal audit preparation.
Key Features
- RMF/NIST Frameworks Library
- Plan of Action & Milestones (POAM) Management
- Control Monitoring & Evidence Repository
- Risk Posture Visualization (Heatmaps)
- Automated Audit Trail Generation
API Endpoints
| Method | Path | Description |
|---|---|---|
| GET | `/api/frameworks` | List supported compliance frameworks |
| GET | `/api/controls` | List security controls and their status |
| POST | `/api/poams` | Create a new Plan of Action and Milestones |
| GET | `/api/risk/heatmap` | Get overall risk posture data |
Usage Example
import requests
# Example interaction
response = requests.get(
url="https://api.arcore.internal/api/frameworks",
headers={"Authorization": "Bearer <token>"}
)
print(response.json())Tech Stack
Authentication
- •**Header:** `Authorization: Bearer <token>`
- •**Scopes:** RBAC is enforced at the object level via `ArcoreCodex` policies.
Compliance & Security
Compliance
- ✓Role-Based Access Control (RBAC) per engagement
- ✓Audit logging for all compliance artifact changes
Security
- ✓Role-Based Access Control (RBAC) per engagement
Related Services
Arcore Sentinel
A high-performance application assurance and testing service. Sentinel runs continuous compliance checks, load tests, and API validation against running environments to generate real-time evidence for ATO (Authority to Operate) and regulatory adherence.
Arcore Test
A centralized Test Data Management (TDM) and scenario repository. ArcoreTest solves the 'bad data' problem by managing test cases, generating synthetic datasets, and linking tests directly to requirements for end-to-end traceability.
Arcore Codex
The 'Legal Brain' of the Arcore platform. Codex digitizes laws, contracts, and policies into executable policy-as-code, allowing other Arcore applications to query and enforce rules programmatically, especially for AI guardrails and data governance.