Arx is the missing layer between the Python agents your security engineers have already written and the vendor review that keeps them from shipping. Auto-mapped controls, policy guardrails with human approval gates, immutable audit trails, and 100+ pre-built connectors — running on SOC 2 Type II infrastructure.
Enriches CrowdStrike detections with Okta + Wiz context, opens a ServiceNow incident if severity ≥ High.
Fortune 500 security teams are writing genuinely useful Python agents. They're getting stuck at the same place: the forty-page vendor questionnaire, the SOC 2 evidence bundle, the CISO asking who gets paged when it misbehaves. Arx is what you put in front of the review, not a replacement for the work your team already did.
Every questionnaire in the industry — CAIQ, SIG, HECVAT — was designed for SaaS procurement. Internally-built software has no vendor to point to. Arx gives the review board something real to review.
An auditor who can't point to the exact line enforcing least privilege is not really enforcing least privilege. Arx binds every SOC 2, NIST, and ISO control claim to a hash-verified span of your agent's source.
An agent that chooses when to call its own approval gate will eventually choose not to. We move the gate into the connector — the credential holder — so there's nothing for the agent to route around.
Append-only is not enough. Every five minutes we publish the log tip to a witness bucket in your account we can write to but not read or delete. Integrity is something you verify — not something we promise.
Five primitives. Each one is what it sounds like. None of them tries to be your agent framework — you've already chosen one, and Arx wraps it.
Policy lives in the connector, not the agent. Actions that write outside a declared blast radius pause for a named human. Simulation mode lets you test changes against the last 30 days before enforcement.
Every agent has a named owner, a declared connector graph, and a blast radius. CISOs can see the whole fleet on one screen and tell the board what's running in ninety seconds.
SDK-shaped. Policy enforced server-side, inside the connector — not in agent code.
Hash-chained, witness-signed to a bucket in your account every five minutes. Your auditor verifies without trusting us.
Static analysis reads your agent's source, emits per-control evidence bound to specific line ranges. 78 of 113 SOC 2 controls pre-mapped.
Governance starts with discovery. We scan your existing tools, show you what's running, you decide what's controlled.
OAuth into Okta, CrowdStrike, your SOAR. We read what's there—no credentials stored, no code changes.
We find every agent, platform integration, and automation running in your stack. No guessing.
Your team sees all findings. Mark what's critical, what's compliant, what needs owners. One interface.
Policies apply instantly. High-risk actions trigger approvals. Audit logs every decision. Live.
"The agents worked from day one. Arx is what let us ship them — and tell the board what we shipped, with evidence.
Arx itself is SOC 2 Type II, HIPAA, and ISO 27001 attested, deployed on Aptible's certified infrastructure. Your agents inherit the posture; you don't have to prove the whole stack from scratch.
Continuous attestation, monthly evidence packet available to your GRC team.
BAA available. PHI-touching connectors gate by default.
Annex A mapped 1:1 against deployed controls in your workspace.
One-per-agent workbooks emit automatically from platform state.
30-minute demo. We'll load one of your Python agents into a sandbox workspace, generate the SOC 2 evidence bundle, and walk your review board through what they'd see.