Let Armor Simplify Compliance
Armor actively reduces your security and compliance burden by providing the highest level of security for your customers' data. Whether you host your data in our virtual private cloud or another cloud, our services enable you to more easily meet security and compliance requirements.
Armor provides audit-ready and continuous compliance.
Compliance Standards We Support





Audit-ready Compliance with Armor Anywhere
Armor Anywhere
- Intrusion Detection and Prevention: detect and block malicious traffic that could result in data breaches
- Vulnerability Scanning: reduces attack surface by identifying improper configurations and missing patches/updates
- IP Reputation Management: effective first line of defense in blocking IP addresses associated with threat actors
- File Integrity Monitoring: monitors critical operating system (OS) files for changes that may allow threat actors to control your environment
- Malware Protection: protects your environment from harmful malware and botnets deployed to capture your data, monitor your activity, or use your servers for illicit activity
Armor Anywhere with Secure Hosting
- Web Application Firewall: provide effective detection and blocking of traffic associated with malicious application behavior such as cross-site scripts, SQL injection
- Integrated security and compliance controls across your network and host
- Certifications against major security frameworks such as HITRUST, PCI DSS, ISO 27001, and Privacy Shield
Armor Anywhere with Log & Data Management
Further enrich security and compliance results and value with log and data management add-on:
- Enhance threat detection through increased visibility of threats in your environments
- Enhance context for effective response
- Address key compliance requirements, with up to 13 months log retention
Adhere to Compliance Mandates using Armor Anywhere with CSPM
Armor Anywhere with cloud security posture management provides industry-leading cloud security posture management (CSPM) capabilities to regularly discover, assess, and report on security and compliance controls in place across your public cloud environments.
Cloud Security Posture Management (CSPM)
- Policy Visibility
- Policy Enforcement
- On-demand Scanning
- Controls Auditing
- Identification of Misconfigurations
- Reporting with Remediation details
Compliance Frameworks
Assess against compliance frameworks:
- PCI DSS v3.2.1
- GDPR
- HIPAA/HITRUST CSF
Security Frameworks
- CIS v1.2.0 (AWS)
- ISO 27001:2013
- NIST 800-53 Rev4
- NIST CSF
- SOC 2
Take Your Compliance Program to the Next Level
Armor Anywhere PCI
Armor Security Services | PCI DSS 3.2 Controls | Risk Mitigation |
---|---|---|
NETWORK LAYER | ||
Intrusion Detection/Prevention | 11.4 | Malicious allowed traffic |
Internal Network Vulnerability Scanning | 11.2.3 | Exploits due to missing patches/updates; improper network firewall configuration |
SERVER LAYER | ||
File Integrity Monitoring | 11.5 | Monitoring unauthorized changes to critical files |
Malware Protection | 5.1, 5.2, 5.3 | Compromise due to virus/malware infection |
Log & Data Management | 10.1, 10.2.2-10.2.7, 10.3, 10.5, 10.6, 10.7 | Detection of malicious activity (security incidents) |
OS Patching | 6.1, 6.2 | OS and COTS software weaknesses |
ADMINISTRATIVE CONTROLS | ||
Incident Response | 12.10 | Response to security incidents |
Multi-factor Authentication for AMP Access | N/A | Unauthorized remote use of administrative access |
Business Associate Contract | N/A | Legal liability for data loss/breach |
Access Control | 7.1.1, 7.1.2 | Unauthorized access |
Security Audits | Security best practice | Validation of security controls program |
Armor Anywhere HIPAA/HITECH
Armor Security Services | HIPAA/HITECH Controls | Risk Mitigation |
---|---|---|
NETWORK LAYER | ||
Intrusion Detection/Prevention | Security best practice - implied control under 164.306(A) | Malicious allowed traffic |
Internal Network Vulnerability Scanning | Included in §164.308(a)(1) | Exploits due to missing patches/updates; improper network firewall configuration |
SERVER LAYER | ||
File Integrity Monitoring | §164.312(e) | Monitoring unauthorized changes to critical files |
Malware Protection | §164.308(a)(5)(ii)(B) | Compromise due to virus/malware infection |
Log & Data Management | §164.308(a)(1)(ii)(D), §164.308(a)(5)(ii)(C), §164.312(b) | Detection of malicious activity (security incidents) |
OS Patching | Security best practice - implied control under 164.306(A) | OS and COTS software weaknesses |
ADMINISTRATIVE CONTROLS | ||
Incident Response | §164.308(a)(6) | Response to security incidents |
Multi-factor Authentication for AMP Access | N/A | Unauthorized remote use of administrative access |
Business Associate Contract | §164.308(b)(1) | Legal liability for data loss/breach |
Access Control | §164.312(a)(1)(12) | Unauthorized access |
Security Audits | §164.308(a)(8) | Validation of security controls program |
Armor Anywhere HITRUST
Armor Security Services | HITRUST CSF v8 Controls Required for Certification (HT1) | Risk Mitigation |
---|---|---|
NETWORK LAYER | ||
Intrusion Detection/Prevention | 09.m(HT2) | Malicious allowed traffic |
Internal Network Vulnerability Scanning | 10.m | Exploits due to missing patches/updates; improper network firewall configuration |
SERVER LAYER | ||
File Integrity Monitoring | 09.ab, 10.h | Monitoring unauthorized changes to critical files |
Malware Protection | 09.ab, 10.h | Compromise due to virus/malware infection |
Log & Data Management | 09.aa, 09.ab, 09.ac | Detection of malicious activity (security incidents) |
OS Patching | 10.m | OS and COTS software weaknesses |
ADMINISTRATIVE CONTROLS | ||
Incident Response | 05.b, 11.a, 11.c | Response to security incidents |
Multi-factor Authentication for AMP Access | N/A | Unauthorized remote use of administrative access |
Business Associate Contract | 05.k(HT2), 09.e(HT2) | Legal liability for data loss/breach |
Access Control | 01.a | Unauthorized access |
Security Audits | 06.g | Validation of security controls program |
We found security and compliance in one vendor. In order to go to market, we needed to be confident our provider offered the best security for our applications, our company, and our clients. Armor’s experience securing cloud environments made it the best choice.
Ready to Get Started?
Get started with our pricing tool or schedule a demo.