CyberArmor AI Docs

CyberArmor AI is an enterprise AI security and cyber trust platform for teams that need to discover AI usage, enforce policy at runtime, protect sensitive data, and prove what happened with auditable evidence.

This documentation site is the technical companion to cyberarmor.ai. It is built for operators, security architects, platform teams, and customer engineering teams who need to deploy, operate, and integrate the platform in real environments.

What you can do here

• URL Trust Gate — 15-minute PoC

  ---

  Run bash scripts/poc/install.sh to see the URL Trust Gate block phishing, hidden prompt injection, and promptware payloads with live verdicts in under 120 ms — no full-stack setup required.

  URL Trust Gate

• Deploy the platform

  ---

  Bring up the Docker Compose stack, understand the public domains, and move from local evaluation to a hardened hosted environment.

  Start with installation

• Understand the platform

  ---

  See how the control plane, policy engine, detection services, endpoint agents, integrations, and secrets architecture fit together.

  Review the architecture

• Roll out endpoint coverage

  ---

  Enroll the endpoint agent, understand what it monitors, and validate heartbeat, policy sync, and telemetry paths.

  Endpoint agent guide

• Get support

  ---

  Use the support center for deployment triage, enrollment issues, and the details we need to troubleshoot incidents quickly.

  Open the support center

• Operate tenant portals

  ---

  Use Mission Control, guided onboarding, admin readiness, and evidence export to move a tenant from blank state to demo-ready.

  Customer portal guide

• Run polished demos

  ---

  Follow CISO, security architect, and AppSec demo paths with seed/reset scripts and buyer-specific talk tracks.

  Demo runbooks

Product boundary

The URL Trust Gate runs end-to-end and is pilot-ready: the 15-minute PoC installer brings up the full gate stack on any developer laptop, and optional reputation feeds (Google Safe Browsing, Microsoft SmartScreen, VirusTotal) are configurable via environment variables.

The broader platform — control plane, policy, detection, response, secrets, and endpoint agent — is deployable and testable today in controlled pilots, internal deployments, and operator-led staging environments. Some customer-facing SaaS surfaces are still evolving.

The docs reflect the working product as it exists in the repo. See docs/architecture/capability-status.md in the repository for the authoritative status table.

Core platform services

CyberArmor currently includes:

• control-plane for tenant, bootstrap, audit, and control APIs
• policy for runtime policy evaluation and enforcement decisions
• detection for prompt injection, sensitive data, toxicity, and output-safety
• response for incident response actions
• url-trust-gate for pre-ingestion URL safety — phishing, hidden prompt injection, and promptware checks before content reaches a human, browser, or AI agent
• secrets-service plus openbao for secrets and PQC key material
• ai-router, agent-identity, integration-control, siem-connector, and compliance for the broader enterprise operating model
• endpoint agents, RASP packages, browser extensions, and IDE integrations for workload and user-side coverage

Capability status

The public buyer-facing capability status table lives at cyberarmor.ai/status. It uses four states: Production-deployed, Pilot-ready, PoC/demo, and Roadmap. The internal engineering table (docs/architecture/capability-status.md) uses the Working / Configurable / Pilot / Roadmap labels and maps directly to those four states.

Recommended reading order

1. Getting Started
2. Install
3. Architecture
4. Services
5. Deployment
6. Customer Portal
7. Evidence Export
8. Demo Runbooks
9. Support Center