
Let Armor Simplify Compliance
Armor actively reduces your security and compliance burden by providing the highest level of security for your customers' data. Whether you host your data in our virtual private cloud or another cloud, our services enable you to more easily meet security and compliance requirements.
Armor provides audit-ready and continous compliance.
Compliance Standards We Support






Audit-ready Compliance with Armor Anywhere
Armor Anywhere
- Intrusion Detection: detects malicious traffic that could result in data breaches
- Vulnerability Scanning: reduces attack surface by identifying improper configurations and missing patches/updates
- IP Reputation Management: effective first line of defense in blocking IP addresses associated with threat actors
- Web Application Firewall: provide effective detection and blocking of traffic associated with malicious application behavior such as cross-site scripts, SQL injection
Armor Anywhere with Secure Hosting
- Integrated security and compliance controls across your network and host
- Certifications against major security frameworks such as HITRUST, PCI DSS, ISO 27001, and Privacy Shield
Armor Anywhere with Log & Data Management
Further enrich security and compliance results and value with log and data management add-on:
- Enhance threat detection through increased visibility of threats in your environments
- Enhance context for effective response
- Address key compliance requirements, with up to 13 months log retention
Achieve Continous Compliance with Armor Automated Security and Compliance
Armor Automated Security and Compliance provides industry-leading cloud security posture management (CSPM) capabilities to continuously discover, assess, and report on security and compliance controls in place across your public cloud environments.
Cloud Security Posture Management (CSPM)
- Discovery
- Policy Visibility
- Policy Enforcement
- Continuous Scanning
- Controls Auditing
- Identification of Misconfigurations
- Risk Assessment
Compliance Frameworks
Assess against compliance frameworks:
- PCI DSS v3.2.1
- GDPR
- HIPAA
Security Frameworks
- CIS v1.2.0 (AWS)
- ISO 27001:2013
- NIST 800-53 Rev4
- NIST CSF
- SOC 2
Take Your Compliance Program to the Next Level
Armor Anywhere PCI
Armor Security Services | PCI DSS 3.2 Controls | Risk Mitigation |
---|---|---|
NETWORK LAYER | ||
Intrusion Detection | 11.4 | Malicious allowed traffic |
Internal Network Vulnerability Scanning | 11.2.3 | Exploits due to missing patches/updates; improper network firewall configuration |
SERVER LAYER | ||
File Integrity Monitoring | 11.5 | Monitoring unauthorized changes to critical files |
Malware Protection | 5.1, 5.2, 5.3 | Compromise due to virus/malware infection |
Log & Data Management | 10.1, 10.2.2-10.2.7, 10.3, 10.5, 10.6, 10.7 | Detection of malicious activity (security incidents) |
Patch Monitoring | 6.1, 6.2 | OS and COTS software weaknesses |
ADMINISTRATIVE CONTROLS | ||
Incident Response | 12.10 | Response to security incidents |
Multi-factor Authentication for AMP Access | N/A | Unauthorized remote use of administrative access |
Business Associate Contract | N/A | Legal liability for data loss/breach |
Access Control | 7.1.1, 7.1.2 | Unauthorized access |
Security Audits | Security best practice | Validation of security controls program |
Armor Anywhere HIPAA/HITECH
Armor Security Services | HIPAA/HITECH Controls | Risk Mitigation |
---|---|---|
NETWORK LAYER | ||
Intrusion Detection | Security best practice - implied control under 164.306(A) | Malicious allowed traffic |
Internal Network Vulnerability Scanning | Included in §164.308(a)(1) | Exploits due to missing patches/updates; improper network firewall configuration |
SERVER LAYER | ||
File Integrity Monitoring | §164.312(e) | Monitoring unauthorized changes to critical files |
Malware Protection | §164.308(a)(5)(ii)(B) | Compromise due to virus/malware infection |
Log & Data Management | §164.308(a)(1)(ii)(D), §164.308(a)(5)(ii)(C), §164.312(b) | Detection of malicious activity (security incidents) |
Patch Monitoring | Security best practice - implied control under 164.306(A) | OS and COTS software weaknesses |
ADMINISTRATIVE CONTROLS | ||
Incident Response | §164.308(a)(6) | Response to security incidents |
Multi-factor Authentication for AMP Access | N/A | Unauthorized remote use of administrative access |
Business Associate Contract | §164.308(b)(1) | Legal liability for data loss/breach |
Access Control | §164.312(a)(1)(12) | Unauthorized access |
Security Audits | §164.308(a)(8) | Validation of security controls program |
Armor Anywhere HITRUST
Armor Security Services | HITRUST CSF v8 Controls Required for Certification (HT1) | Risk Mitigation |
---|---|---|
NETWORK LAYER | ||
Intrusion Detection | 09.m(HT2) | Malicious allowed traffic |
Internal Network Vulnerability Scanning | 10.m | Exploits due to missing patches/updates; improper network firewall configuration |
SERVER LAYER | ||
File Integrity Monitoring | 09.ab, 10.h | Monitoring unauthorized changes to critical files |
Malware Protection | 09.ab, 10.h | Compromise due to virus/malware infection |
Log & Data Management | 09.aa, 09.ab, 09.ac | Detection of malicious activity (security incidents) |
Patch Monitoring | 10.m | OS and COTS software weaknesses |
ADMINISTRATIVE CONTROLS | ||
Incident Response | 05.b, 11.a, 11.c | Response to security incidents |
Multi-factor Authentication for AMP Access | N/A | Unauthorized remote use of administrative access |
Business Associate Contract | 05.k(HT2), 09.e(HT2) | Legal liability for data loss/breach |
Access Control | 01.a | Unauthorized access |
Security Audits | 06.g | Validation of security controls program |
Armor is your one-stop shop for a secure, fully compliant solution no matter what your security needs may be.

Ready to Get Started?
Get started with our pricing tool or chat with our experts for answers on-demand.