Aribot - Economic, Regulatory & Security APIs for Modern Applications

Analyze your tech stack. Optimize architecture. Model costs. Identify threats dynamically.

APIs that help you build better systems with practical, actionable recommendations.

Why Aribot?

Modern applications need more than just security scanning. They need intelligent analysis that understands your architecture, quantifies your risks in dollars, and ensures compliance across 100+ regulatory standards.

Aribot is the API layer your security, finance, and compliance teams have been waiting for.

Platform Capabilities

| Capability | What It Does | |------------|--------------| | Advanced Threat Modeling | Multi-framework analysis: STRIDE, PASTA, NIST, Aristiun Framework | | Cloud Security (CSPM/CNAPP) | Real-time posture management across AWS, Azure, GCP | | 100+ Compliance Standards | SOC2, ISO27001, PCI-DSS, GDPR, HIPAA, NIST, FedRAMP, CIS... | | Economic Intelligence | ROI calculations, TCO analysis, risk quantification in real dollars | | FinOps | Cloud cost optimization with security-aware recommendations | | Red Team Automation | Simulate attacks before attackers do | | Living Architecture | Dynamic diagrams that evolve with your infrastructure | | AI-Powered Analysis | Multi-provider AI (Google, OpenAI, Anthropic, Azure) | | Digital Twin | Architecture digital twins with cloud provider integration | | SBOM Management | Software Bill of Materials tracking and vulnerability analysis |

Installation

# npm
npm install @ayurak/aribot-cli

# yarn
yarn add @ayurak/aribot-cli

# pnpm
pnpm add @ayurak/aribot-cli

# Global install for CLI
npm install -g @ayurak/aribot-cli

Quick Start (60 Seconds to Value)

CLI Usage

# 1. Authenticate
aribot login

# 2. Analyze your architecture
aribot analyze architecture.png

# 3. See your threats (multi-framework)
aribot threats <diagram-id>

# 4. Run compliance assessment
aribot compliance <diagram-id> --standard SOC2

# 5. Get economic analysis
aribot economics --cost <diagram-id>

# AI-powered multi-framework threat modeling in 5 commands.

SDK Usage (TypeScript/JavaScript)

import { AribotClient } from '@ayurak/aribot-cli';

const client = new AribotClient({ apiKey: 'ak_...' });

// Upload diagram, get AI threats across all frameworks
const diagram = await client.threatModeling.upload('architecture.png');
const threats = await client.threatModeling.getThreats(diagram.id);

console.log(`Found ${threats.length} threats across STRIDE, PASTA, NIST & Aristiun`);
threats.forEach(t => {
  console.log(`  [${t.severity.toUpperCase()}] ${t.title} - ${t.category}`);
});

// Run compliance assessment
const assessment = await client.compliance.assess(diagram.id, 'SOC2');
console.log(`SOC2 Score: ${assessment.score}%`);

// Calculate security ROI
const roi = await client.economics.calculateROI(100000, 50);
console.log(`3-Year ROI: ${roi.roi_percent}%`);

API Coverage (100+ Endpoints)

Threat Modeling (Multi-Framework)

client.threatModeling.upload(file)              // AI-powered multi-framework analysis
client.threatModeling.list()                    // List all diagrams
client.threatModeling.get(id)                   // Get diagram details
client.threatModeling.getThreats(id)            // Threats from STRIDE, PASTA, NIST, Aristiun
client.threatModeling.generateThreats(id)       // On-demand AI threat generation
client.threatModeling.export(id, { format })    // Export reports (JSON/PDF)

AI & Machine Learning

client.ai.getUsage()                            // AI usage statistics
client.ai.getQuota()                            // AI quota and limits
client.ai.getModels()                           // Available AI models
client.ai.configure(options)                    // Configure AI settings
client.ai.analyze(content, options)             // Run AI analysis
client.ai.getQueueStatus()                      // AI job queue status

Compliance (100+ Standards)

client.compliance.assess(id, 'SOC2')            // Single standard assessment
client.compliance.runScan(id, ['SOC2', 'GDPR']) // Multi-standard scan
client.compliance.listStandards()               // List available standards
client.compliance.listReports()                 // Compliance reports
client.compliance.getRemediation(findingId)     // Fix guidance

Economic Intelligence

client.economics.calculateROI(investment)       // Security ROI
client.economics.calculateTCO('aws')            // Total cost of ownership
client.economics.analyzeCosts(diagramId)        // Diagram cost analysis
client.economics.getMarketIntelligence()        // Industry benchmarks
client.economics.getDashboard()                 // Economic dashboard

Cloud Security (CSPM/CNAPP)

client.cloudSecurity.scanPosture()              // Cloud security scan
client.cloudSecurity.getFindings({ severity })  // Security findings
client.cloudSecurity.getDashboard()             // Security dashboard
client.cloudSecurity.remediate(id, autoFix)     // Auto-remediation

Red Team & Attack Simulation

client.redteam.runSimulation(targetId, type)    // Attack simulation
client.redteam.getAttackPaths(diagramId)        // Attack path analysis
client.redteam.listSimulations()                // List simulations
client.redteam.getSimulation(id)                // Simulation details

Architecture Components

client.architecture.listComponents(diagramId)   // List components
client.architecture.getComponent(id, compId)    // Component details
client.architecture.updateComponent(id, updates) // Update component
client.architecture.getConnections(diagramId)    // Get connections

CLI Commands

Authentication & Status

aribot login                  # Authenticate with API key
aribot login --open-portal    # Open developer portal for API key
aribot logout                 # Clear credentials
aribot whoami                 # Current user info
aribot status                 # API status & rate limits

Threat Modeling

aribot diagrams               # List your diagrams
aribot diagrams --limit 50    # List with limit
aribot analyze <file>         # Upload & analyze diagram
aribot analyze <file> -n name # With custom name
aribot threats <id>           # View threats for diagram
aribot threats <id> -s high   # Filter by severity
aribot generate-threats <id>  # AI threat generation
aribot export <id>            # Export JSON report
aribot export <id> -f pdf     # Export PDF report

Red Team & Attack Simulation

aribot redteam --methodologies              # List threat modeling methodologies
aribot redteam --intelligence               # Get threat intelligence summary
aribot redteam --attack-paths -d <id>       # Analyze attack paths
aribot redteam --analyze <id>               # Comprehensive threat analysis
aribot redteam --requirements <id>          # Generate security requirements
aribot redteam --ai-insights <id>           # AI architecture insights
aribot redteam --simulate APT29 --target <id>  # Adversary simulation

Compliance & Security

aribot compliance --list-standards          # List 100+ compliance standards
aribot compliance <id>                      # Run SOC2 assessment (default)
aribot compliance <id> -s ISO27001          # Specific standard
aribot cloud-security --scan                # Cloud security scan
aribot cloud-security --scan aws            # Provider-specific scan
aribot cloud-security --findings            # View security findings
aribot cloud-security --findings -s critical  # Filter by severity
aribot cloud-security --dashboard           # Security dashboard

Economic Intelligence

aribot economics --dashboard                # Economic intelligence dashboard
aribot economics --roi 100000               # Calculate security ROI
aribot economics --tco <id>                 # TCO for diagram
aribot economics --cost <id>                # Cost intelligence
aribot economics --analyze <id>             # Cost analysis

TypeScript Support

Full TypeScript support with exported types:

import {
  AribotClient,
  AribotConfig,
  Diagram,
  Threat,
  ComplianceAssessment,
  SecurityFinding,
  PaginatedResponse,
  AribotError,
  AuthenticationError,
  RateLimitError,
  APIError,
  RequestSigner,
  SecureCredentialManager,
  analyzeDiagram,
  runComplianceCheck,
} from '@ayurak/aribot-cli';

Supported Compliance Standards

Financial: SOC2, PCI-DSS, PCI-DSS-4.0, SOX, GLBA Healthcare: HIPAA, HITRUST Privacy: GDPR, CCPA, LGPD, PIPEDA Government: FedRAMP-Low/Moderate/High, FISMA, NIST 800-53, NIST 800-171 Cloud: CIS AWS, CIS Azure, CIS GCP, CIS Kubernetes Security: ISO27001, ISO27017, ISO27018, ISO22301, NIST CSF, CSA CCM, CSA STAR Attack Frameworks: MITRE ATT&CK, OWASP TOP-10

Environment Variables

# Set API key via environment variable
export ARIBOT_API_KEY=ak_your_api_key_here

# Then use without passing apiKey
const client = new AribotClient();

Error Handling

import { AribotClient, AuthenticationError, RateLimitError, APIError } from '@ayurak/aribot-cli';

try {
  const client = new AribotClient({ apiKey: 'ak_...' });
  const diagrams = await client.threatModeling.list();
} catch (error) {
  if (error instanceof AuthenticationError) {
    console.error('Invalid API key');
  } else if (error instanceof RateLimitError) {
    console.error(`Rate limited. Retry after ${error.retryAfter}s`);
  } else if (error instanceof APIError) {
    console.error(`API Error: ${error.statusCode} - ${error.message}`);
  }
}

Security Features

• Secure Credential Storage: API keys stored securely using OS-native storage
• Request Signing: HMAC-SHA256 signatures for API request integrity
• Automatic Retry: Exponential backoff with jitter for reliability
• Rate Limit Handling: Graceful handling of rate limits
• No Keys in Code: Environment variable support for CI/CD

Resources

• Platform: aribot.ayurak.com
• Developer Portal: developer.ayurak.com
• API Docs: developer.ayurak.com/docs
• Support: [email protected]

Changelog

v1.2.0

• Added AI resource with usage tracking and configuration
• Added Digital Twin health and provider endpoints
• Added SBOM document management
• Added Marketplace templates and categories
• Added Knowledge Base with real-time threats
• Added Pipeline Security scanning
• Improved economic intelligence with cost analysis
• 111+ working API endpoints documented
• Updated compliance assessment endpoints

v1.1.4

• Initial release with core threat modeling features

License

MIT License - Copyright (c) 2025 Ayurak AI

Built for teams who take security seriously. Start analyzing in 60 seconds.