Data in asia-south1 · MSME/DPIIT registered · Razorpay billing

One AI.
Seven shields.
Every Indian
regulator, covered.

initialising aegis console…

Aria is the agentic cybersecurity OS built for Indian BFSI, NBFCs, brokers, insurers and regulated SaaS. Seven shields — now including Synthetic / Deepfake Defense — five regulators, three Claude-powered agents — in one console. Auto-drafts for CERT-In, DPDP, RBI, SEBI and IRDAI.

Start free — 5 min setup Try scanners on your domain →
No credit card Mumbai data residency Cancel anytime
ariacyber.in/aegis LIVE
Aegis SOC DevSec Comply Recon
Aegis Ops Console UI PREVIEW · NO LIVE DATA
SOC alerts
connect AriaShield EDR
Recon targets
register apex domain
Posture score
grant insurer consent
SOC investigations populate here once AriaShield EDR forwards events
Lookalike domains populate here after Recon registration
BEC verdicts populate here after Mail webhook setup
CERT-In drafts populate here when the 6-hour clock starts
DevSec · 11 scanners UI PREVIEW · NO LIVE DATA
AppSec grade
connect repo
Open critical
post first scan
AI auto-PRs
last 30d
SAST findings populate after first repo scanSAST
SCA / dependency findings populate after SBOM ingestSCA
IaC misconfigurations populate after Terraform / CFN scanIaC
Secrets findings populate after first commit hookSecrets
India Compliance · 5 regulators UI PREVIEW · NO LIVE DATA
CERT-In clock
starts on incident
DSARs in queue
DPDP §8
Evidence vault
artefacts
CERT-In Annexure-II auto-drafts on first SOC criticalCERT-In
DPDP §8(6) breach notice template ready on incidentDPDP
RBI severity-tier reporter ready when an incident is loggedRBI
SEBI CSCRF quarterly pack ready at quarter-endSEBI
Recon · external attack surface UI PREVIEW · NO LIVE DATA
Assets found
register apex
Exposed ports
first sweep
Lookalikes
CT-log watch
Lookalike domains populate from CT logs + dnstwist sweepCT
Exposed-port findings populate after first attack-surface sweepPorts
TLS expiry alerts populate as certificates approach expiryTLS
Source-map / leaked artefact findings populate after web scanSrcMaps
CERT-In clock6h on incident
3 Claude agentsSearch · Classify · Respond
🇮🇳
5 regulators coveredDPDP · RBI · SEBI · CERT-In · IRDAI
Live · talk to Aria · no signup

Don't read about it. Just talk to Aria.

Aria is the same agent that runs inside the platform. Ask her how she'd handle a CERT-In incident. Paste a scam SMS. Or just chat. Voice on — she speaks back.

Aria

India's agentic security analyst

Same agent that runs in the live platform. Triages alerts, drafts CERT-In Annexure-II, takes down lookalike domains, classifies fraud in 22 Indian languages.

BrainClaude haiku-4-5
VoiceBrowser TTS (free)
Regionasia-south1 (Mumbai)
FallbackDeterministic rules
Quick start — pick one
Aria · online Chat mode
A
Aria · just now
Hey 👋 I'm Aria — the agent that defends your business across mail, identity, SOC, and compliance. Pick a question on the left, or type anything. If you paste a suspicious SMS, I'll run it through my real fraud engine and tell you the scheme name, indicators, and what I'd do about it. Flip Voice ON if you want me to speak.
Enter to send · Shift+Enter new line · 🎤 to talk · all chat anonymous, nothing stored
Built for regulated India · 5-minute onboarding · trusted infrastructure
🏦 BFSIDPDP · RBI
🏥 HealthcareDPDP · HIPAA
🏛 Fintech / NBFCRBI SBR
📈 MarketsSEBI CSCRF
🛡 InsuranceIRDAI
💻 SaaS / EdTechDPDP
0
Production-grade shields
Aegis console
0
Indian regulators covered
CERT-In · DPDP · RBI · SEBI · IRDAI
0
Live KEV vulnerabilities
CISA-published · auto-refreshed
0s
Tenant auto-seed
First-visit onboarding
The Aegis Console

One console. Seven shields.
Every vendor you can't afford — replaced.

Not seven stitched products — one AI running seven production-grade shields, sharing tenant memory, ledger and risk score across every investigation. Auto-seeded in under three seconds.

Shield · SOC
24×7 Autonomous SOC
AriaShield alerts in, Claude investigations out. Risk-scored verdicts, dedup, proposed containment — with WhatsApp approval for destructive ones.
  • Ledger-backed action trail
  • Heuristic fallback if AI down
  • 6-alert auto-seed per tenant
Shield · Mail
BEC + Phishing Defence
3-stage classifier (lexical → identity → Claude). Links screenshotted, sender rep learned. India-tuned gift-card and wire-transfer heuristics.
  • Gmail + Graph webhook ready
  • DMARC/SPF/DKIM on hover
  • Feedback loop retrains
Shield · Recon
External Attack Surface
Continuous subdomain discovery via CT logs, exposed-port tracking, TLS expiry + CVE correlation. AI-written remediation tickets per finding.
  • CT-log subdomain sweep
  • CVE-to-port correlation
  • Branded PDF report export
Shield · Comply
India Compliance Engine
CERT-In 6-hour auto-draft. DPDP §5 inventory + §8(6) breach + SDF checklist. RBI severity reporter. SEBI CSCRF draft. IRDAI 48-hour clock.
  • Annexure-II in one click
  • DSAR queue + state machine
  • Evidence vault → CSV / PDF
Shield · Identity
Brand & Digital Risk
Lookalike domain generation (dnstwist + homoglyphs), CT watch, social impersonation, rogue apps, ad libraries — takedown cases with states.
  • Takedown case workflow
  • 3 demo cases auto-seeded
  • Feeds SOC watchlist
Shield · Underwrite
Cyber-Insurance Posture
Tenant grants consent → HMAC-signed posture score computed from ledger signals. Insurers pull monthly deltas without seeing raw telemetry.
  • HMAC-signed attestation
  • Premium simulator (+MFA etc.)
  • Monthly delta payload
Shield · Synthetic NEW
Deepfake & Synthetic Threat Defense
V-CIP injection detection · synthetic red-team-as-a-service · Hindi/regional voice-clone scoring. Built by the only team in India that ships an attacker pipeline daily.
  • V-CIP gate API · per-scan billing
  • Quarterly Hinglish CEO red-team drill
  • Synthetic exposure index → Underwrite
THE ARIA SOVEREIGN STACK

Six products. One platform.
Built for Indian compliance from day one.

A unified data plane covering every layer an Indian SOC needs — endpoints, SIEM, autonomous response, posture, vulnerability management, phishing defense. India-localized at the kernel of every product: DPDP-aware Aadhaar handling, UPI fraud detection, NIC government IP awareness, CERT-In + RBI-tier reporting wired in.

Garuda
AriaShield Endpoint Sensor
Native EDR for Linux, macOS, and Windows. Kernel-level telemetry — eBPF on Linux, Endpoint Security on macOS, minifilter on Windows. Encrypted bidirectional transport. Designed for India-resident data planes.
  • Linux + macOS shipping
  • Windows agent on the roadmap
  • Air-gapped deployment supported
Indra
AriaShield SIEM
India-localized SIEM with DPDP-compliant Aadhaar redaction (full Verhoeff validation), UPI VPA recognition, and NIC government CIDR awareness. SQL-style query layer over OpenSearch with 8 pre-built dashboards.
  • DPDP §8 + Aadhaar PII handling native
  • Multi-tenant defense-in-depth
  • Hot/warm/cold storage with ILM
Krishna
AriaShield Autopilot
SOAR with YAML playbook engine, case management (lifecycle + timeline + evidence vault), and 15+ action integrations across M365, Workspace, Okta, Slack, JIRA, ServiceNow, and major cloud providers. 8-gate approval workflows for destructive actions.
  • 5 prebuilt incident playbooks
  • Cross-cloud containment actions
  • WhatsApp approval for critical steps
Vishnu
AriaShield Posture
Cloud and endpoint security posture management. Host config collectors for Linux, Windows, macOS, with native scanners for AWS, GCP, Azure. CIS benchmarks plus DPDP-specific Indian compliance framework — 25 controls across 8 sections.
  • India-first compliance: RBI · DPDP · CERT-In
  • Continuous drift detection
  • Asset-graph joined with EDR fleet
Durga
AriaShield Vulnerability Manager
Network and authenticated scanning across SSH, WinRM, SNMP. CVE matching against NVD with 33 starter plugins. India-context CVE scoring — exploit-in-the-wild, CISA KEV, EPSS, exposure, and CERT-In advisories rolled into a single priority signal.
  • NIC government exposure flag
  • CERT-In disclosure feed
  • Auto-remediation via Autopilot
Agni
AriaShield Phishing Defense
Email auth (DMARC + SPF + DKIM), URL sandbox detonation, phishing-kit fingerprinting, lookalike detection across 47 Indian brands (Damerau-Levenshtein + IDN homograph). Fine-tuned 8B model trained on UPI, Aadhaar, KYC, and RBI-impersonation phishing corpora. M365, Gmail, milter, Outlook add-in, Chrome extension.
  • Indian-language fraud detection
  • Quarantine via M365 / Workspace
  • India-resident inference
Developer Security Suite

Connect once. Eleven scanners
watch every push.

One OAuth → continuous SAST, SCA, SBOM, Secrets, IaC, Containers, Source-Maps, Doc Metadata, Posture, API Security, Supply Chain. Findings auto-mapped to OWASP + CERT-In + DPDP + RBI + SEBI + IRDAI. AI opens the PR.

ariacyber.in/devsec · acme/platform@main Auto-scan ON
acme/platform-api
3 crit12 high2m ago
acme/billing-web
0 crit4 high12m ago
acme/kyc-service
1 crit6 high1h ago
acme/mobile-rn
0 crit2 hightoday
A−
AppSec posture · 87/100OWASP 10/10 · CWE 23/25 · ▲ +4 vs last week
SQLi · app/routes/users.py:142SAST✨ AI PR #482
CVE-2026-1841 · libxml2SCA✓ Upgraded
S3 bucket public · terraform/s3.tfIaCBlocked
AWS key · .env.backup → rotatedSecrets3h 12m SLA
Exposed .map · app.[your-org].comSrcMapsAuto-PR

Security that moves at developer speed.

Snyk + SonarCloud + GitHub Advanced Security — in one console, priced for Indian teams, with compliance mapping baked in. Your developers keep shipping; Aria handles the rest.

⚡ 10-30s per push 🎯 Incremental scanning ✨ AI auto-fix PRs 🛡 Pre-receive hook 🇮🇳 DPDP · CERT-In · RBI 🔐 Air-gapped agent
Open DevSec console → See pricing
01 / 11
🧪SAST Scanner

Static code analysis. SQL injection, XSS, SSRF, unsafe deserialization, weak crypto, hard-coded secrets — flagged with auto-fix patches.

SemgrepCodeQLAria-AI rules
02 / 11
📜Dependency SCA

Every npm, pip, maven, go, cargo package cross-referenced against OSV + NVD + GHSA. Critical CVE SLA 72h. Auto-PR upgrades.

TrivyOSVRenovate
03 / 11
📋SBOM Generator

CycloneDX 1.5 / SPDX 2.3 inventory on every release. Sigstore attestation. 7-year retention for regulator audits.

SyftCycloneDXSigstore
04 / 11
🔒Secrets Scanner

200+ patterns + entropy. Pre-receive hook blocks on commit. Vendor-API auto-revoke (AWS · Stripe · GitHub · Slack). Rotation SLA < 4h.

GitleaksTruffleHog
05 / 11
🏗IaC Scanner

Terraform · Helm · Dockerfile · Pulumi · CloudFormation. CIS-benchmark rule-pack. Blocks merge on critical misconfig.

CheckovtfsecKICS
06 / 11
📦Container Analyzer

Layer-by-layer CVE scan. Dockerfile best-practices. Admission-controller blocks unsigned images. AI distroless rewrite suggestions.

TrivyGrypeCosign
07 / 11
🗺Source-Maps

Crawls production frontend. Fails build on reachable .map files. Retro-rotates any secrets found in harvested bundles.

CustomAria-Recon
08 / 11
📎Doc Metadata

Strips author, template path, revisions, tracked comments, GPS EXIF from every published PDF/DOCX. MKT · Sales · Legal · HR channels.

ExifTool
09 / 11
📊AppSec Posture

Exec scorecard rolling up SAST · SCA · DAST · RASP into A–F grade. Mapped to OWASP ASVS, NIST SSDF, CERT-In guidelines.

Aria-rollup
10 / 11
🔌API Security

Prod traffic vs OpenAPI spec. OWASP API Top-10. Shadow endpoint detection, BOLA/IDOR scoring, rate-limit drift, SSRF → IMDS hardening.

SchemathesisZAP
11 / 11
Supply Chain

SLSA L3 provenance, sigstore signatures, dep pinning, typosquat detection, AI-BOM for every model. Stops the next SolarWinds.

SigstoreSLSAPicklescan
 
All in one console

One connection. One dashboard. One AI that reads across all 11 to correlate findings. Routes secrets to Identity shield, public APIs to Recon, compliance drafts to Comply.

Try DevSec live →
Complete capability surface

Everything a modern SOC runs — in one console.

Thirteen production modules, not thirteen tabs waiting to be built. Every one is live today, tenant-scoped, ledger-backed, and wired to the Aria agent fleet.

Featured

Aegis Ops Console

Single unified console for all seven shields — SOC, Mail, Recon, Comply, Identity, Underwrite, Synthetic. Tenant-scoped KPIs populate from your own ingest the moment a AriaShield EDR / Mail / IdP webhook lands.

SOC investigations
Mail analyzed
Recon targets
Identity takedowns
Synthetic scans
Posture score
7 shields · per-tenant ledger · UI preview — no live data

DevSec · 6 Scanners

SAST · SCA · SBOM · Secrets · IaC · Container — all with severity normalisation and inline NVD links.

SASTSCA SBOMSecrets IaCContainer

SecOps · Playbooks & Scanners

8 incident playbooks · API security scanner · port scan · SSL grading · web vuln scan · honeypot deploy + honeytokens.

MalwareRansomware Insider+ 5 more

AI Security · LLM Firewall

Prompt-injection detection · Non-Human Identity scan · model security assessment · Claude-powered jailbreak resistance scoring.

Prompt scanNHI Model scan

Human Security

Phishing simulation campaigns · 6 training modules · quiz scoring + per-question feedback · India-specific phishing detector (Aadhaar, UPI, KYC).

Phishing simTraining India detector

Domain Monitor Pro

Attack-surface scanner · CT-log subdomain discovery · SSL grading · AI executive briefing · branded PDF reports.

Surface scanCT logs AI briefing

Threat Intel · CISA KEV live

Full CISA KEV catalogue · ransomware badges · NVD deep-links · URLhaus + Phishtank + OTX + Shodan integrations. Counts populate from CISA on tenant connect.

CVE-2021-44228Log4Shell
CVE-2024-47081requests
+ 1,567 morelive feed

PDF Report Builder

Branded PDFs for threat · compliance · domain · CERT-In Annexure-II · exec briefing · audit pack. One click from any view.

ThreatCompliance Exec briefAudit pack

Evidence Vault

Hash-chained immutable ledger — every investigation, invocation, and submission. Per-kind filter · CSV + PDF export · audit-ready.

Hash-chainedCSV export Per-tenant

5-Minute Onboarding

Org → first domain → agent install (Linux/macOS/Windows one-liner) → WhatsApp alerts → auto-seeded Aegis. Done in 5 min.

5 stepsAriaShield installer Auto-seed

Monitoring Stack

Endpoint agents (AriaShield EDR) · Prometheus · Grafana Cloud · Uptime Kuma — unified status with tenant-scoped dashboards.

AriaShieldGrafana Prometheus
Claude-powered

Aria Fleet · 3 Agents on-demand

Invoke Aria Search (discover), Aria Classify (triage), or Aria Respond (contain) on any target. Structured plan returned · ledger-recorded · rule-based fallback when AI is offline.

Claude haiku-4-5 Structured output Ledger-recorded India-region
🇮🇳 India Compliance Hub

Every regulator. One countdown clock.

The same incident routes into CERT-In's Annexure-II, DPDP's §8(6) breach notification, RBI's cyber-framework report, SEBI's CSCRF quarterly, and IRDAI's 48-hour GRO filing — in their format, with your branding, from one detection event.

🇮🇳
CERT-In
6-hour
Auto-draft Annexure-II the moment a SOC alert triggers. 6-hour clock live on every incident.
🔐
DPDP Act 2023
Full 2027
SDF checklist · 12-category data inventory · DSAR state machine · §8(6) breach drafts.
🏦
RBI
2 / 4 / 6h
Severity-based reporter. NBFC controls by SBR layer (base/middle/upper/top).
📊
SEBI CSCRF
Quarterly
Quarterly report draft for 13 intermediary types. VAPT/CCI/audit findings pre-filled.
🛡
IRDAI
48-hour
48-hour amber → red breach countdown with auto-formatted GRO submission.
CERT-In Rule 12 · 6-hour incident mandate DPDP Act 2023 · §8(6) data breach notification RBI Cyber Framework · 2h critical / 4h high / 6h medium SEBI CSCRF · Quarterly submission IRDAI Circular · 48-hour breach window NBFC SBR Layer · Base / Middle / Upper / Top CERT-In Rule 12 · 6-hour incident mandate DPDP Act 2023 · §8(6) data breach notification RBI Cyber Framework · 2h critical / 4h high / 6h medium SEBI CSCRF · Quarterly submission IRDAI Circular · 48-hour breach window NBFC SBR Layer · Base / Middle / Upper / Top
Open the India Compliance Hub →
Aria Fleet · Claude-powered

Three agents do the job of a 10-person SOC.

Aria Search, Classify and Respond are Claude agents with structured output. Every invocation is ledgered — you always know what ran, on what target, and what happened next.

Agent invoke

Point an AI agent at any target.
Get back a plan.

Type a domain, IP, or alert id. Pick Search / Classify / Respond. Structured plan comes back: what to do, which shield endpoints to call next, and the risk signals worth monitoring.

  • Claude haiku-4-5 · fast, reliable, India-region
  • Deterministic rule-based fallback on AI outage
  • Every invocation ledgered for audit
  • Tenant-scoped via JWT org claim
Try the Fleet →
Aria Search · Agent invocation
/aegis/agents/invoke · acme-payroll.co
LIVECLAUDE 4.5
invoke aria_search on acme-payroll.co · new BEC domain? GO
01Newly registered lookalike of your-brand.com with live MX + CT log entry · likely BEC staging
↳ Reverse-resolve MX → find sender infrastructure
↳ Check WHOIS registrant patterns (pii?)
↳ Open takedown (registrar + hosting provider)
↳ Add to Mail shield sender blocklist
↳ Alert CEO office via WhatsApp critical channel
shield_calls: identity.takedown.open · mail.quarantine.domain · soc.ingest
CERT-In automation

Annexure-II drafted
while the clock ticks.

The moment a SOC alert hits Critical, Aria opens the 6-hour CERT-In clock, pulls incident facts, and drafts Annexure-II with your POC info, incident category, containment steps, IOCs — ready for incident@cert-in.org.in.

  • Clock starts at detection, not submission
  • WhatsApp approval before auto-submit
  • Draft JSON + formatted email body
  • Every step lands in the immutable Evidence Vault
See architecture →
CERT-In Incident · UI preview
Drafting flow shown for reference — no live incident
PREVIEW
06:00:00
starts on incident
Clock starts
on first SOC critical
Window
6 hours (CERT-In)
Annexure-II
auto-drafts on trigger
Reports to
incident@cert-in.org.in
5-minute onboarding

From nothing to live SOC
in 5 minutes flat.

A 5-step wizard registers your org, adds your first domain for continuous monitoring, issues a AriaShield agent enrollment key with copy-paste installers for Linux / macOS / Windows, configures WhatsApp alerts for critical events, and confirms each shield is wired and listening.

  • Step 1 · Org + industry drives regulator applicability
  • Step 2 · First domain registered live on /aegis/recon
  • Step 3 · One-line agent installer · 3 OS tabs
  • Step 4 · CISO WhatsApp opt-in for critical alerts
  • Step 5 · All 7 shields wired and listening for your first event
Register → /onboarding
Onboarding · step 3 of 5
Install the Aria endpoint agent
KEY ISSUED
LINUX MACOS WINDOWS
Copy# one-line install · TLS outbound · no inbound ports curl -sSL https://aria.security/agent/install.sh \ | sudo bash -s -- \ --enrollment-key ARIA-A3B7C9D2-F4E8G1H6 \ --manager edr.aria.in \ --tenant org_f3287153
✓ one-line install TLS outbound only no inbound ports systemd service
📺 LIVE PLATFORM · CAPTURED FROM PRODUCTION

This is what you'll see
after signing up. No mockups.

Every screen below is a real screenshot from the live Aria platform deployed at ariacyber.in. Click any tile to open that section in the platform (sign-in required).

Aegis Ops Console — 7-shield SOC
SHIELD · SOC
Aegis Ops Console
Unified 7-shield console · SOC alerts · Mail · Recon · Comply · Identity · Underwrite · Synthetic. Live KPIs from your tenant.
 DevSec — 11 scanners across one console
DEVELOPER SECURITY
DevSec Suite · 11 Scanners
SAST · SCA · SBOM · Secrets · IaC · Containers · Source-Maps · Doc Metadata · Posture · API Security · Supply Chain.
 Compliance & Risk — GRC framework
SHIELD · COMPLY
GRC & Risk Management
Framework assessment (SOC 2 / DPDP / CERT-In / RBI / IRDAI) · Cyber risk score · FAIR risk · Governance.
 SecOps Center — SOAR Playbooks
SECURITY OPERATIONS
SecOps Center
SOAR playbooks (Malware · Phishing · DDoS · Data Breach) · API Security · Vuln Scanner · Honeypot · Hunt Pack.
 AI Security Suite — LLM Firewall
AI SECURITY
LLM Firewall · NHI Scanner
Prompt-injection detection · Non-Human Identity scan · model security assessment · Claude-powered jailbreak scoring.
 Human Security — Phishing Simulation + India Detector
HUMAN SECURITY
Phishing Sim + India Detector
Phishing campaign generator · 6 training modules · India phishing detector (Aadhaar · UPI · KYC) · BEC / Wire-Fraud · Deepfake Defense.
 Domain Monitor — Attack Surface + EASM
SHIELD · RECON
Domain Monitor Pro
Attack Surface Discovery · Typosquat Detection · Brand Abuse · Full Audit · Compare · Portfolio · EASM.
 Threat Intelligence — Threat Score + Quick Lookups
THREAT INTEL
Threat Intelligence
Threat Score Lookup (URL/IP/Email) · CISA KEV live feed · NVD deep-links · URLhaus · Phishtank · OTX · Shodan.
 Security Dashboard — overview
OVERVIEW
Security Dashboard
Tenant-scoped roll-up: open investigations · messages analyzed · recon targets · posture score · 5-minute onboarding state.
Every tile is a deep, working surface — depth is the moat, not bloat. Sign in to interact with all of them.
A peek inside

Not mockups — this is the actual product.

Click through the tabs. Every screen below is pixel-accurate to what you get after signing up and completing onboarding. No lorem ipsum, no "coming soon" — everything is wired, tenant-scoped, and ledgered.

ariacyber.in/aegis UI PREVIEW
Aria Aegis — One AI. Seven Shields.
Unified cyber-defense OS · 7 shields · SOC · Comply · Mail · Recon · Identity · Underwrite · Synthetic (KPIs populate from your tenant)
Shield · SOC
open investigations
Shield · Mail
messages analyzed
Shield · Recon
targets monitored
Shield · Comply
controls tracked
Shield · Identity
open takedowns
Shield · Underwrite
posture score
Shield · Synthetic
deepfakes blocked
OverviewSOCMailReconComplyIdentityUnderwriteSyntheticFleet
T+0First AriaShield EDR alert lands here once you wire the agent installerawaiting ingest
T+3saria_classify runs on every ingested alert · verdict + confidenceon alert
T+6saria_respond proposes containment playbook · WhatsApp approval for destructiveon alert
T+12sCERT-In Annexure-II drafts the moment severity ≥ critical · 6h clock startson critical
ariacyber.in/compliance#india 🇮🇳 5 regulators
🇮🇳 India Compliance Hub
Posture across CERT-In · DPDP · RBI · SEBI · IRDAI — one click each
CERT-In6-hour
incidents (per tenant)
180d retention
DPDP2027
SDF readiness
populates after data inventory
RBI2/4/6h
Ready
incident reporter
SBR layer auto-detected
SEBICSCRF
Ready
quarterly draft
drafts at quarter-end
IRDAI48h
Standby
48-hour clock
— no active —
Compliance calendar · next 90 days
2026-05-13DPDPData inventory mid-year review
2026-06-30SEBIQ4 CSCRF report filing deadline
2026-07-15RBICyber-framework self-assessment
ariacyber.in/devsec SCA · requests==2.20.0
DevSec · Dependency SCA scanner
total_packages · 1 vulnerable · 1 5 CVEs
SeverityPackageVersionCVESummary
CRITICALrequests2.20.0CVE-2024-47081.netrc credentials leak via malicious URLs
CRITICALrequests2.20.0CVE-2024-35195Session certificate verification bypass
HIGHrequests2.20.0CVE-2023-32681Proxy-Authorization leak on redirect
HIGHrequests2.20.0CVE-2026-25645Header injection via URL
MEDIUMrequests2.20.0CVE-2023-32681Cookie persistence via redirect
SAST SCA SBOM Secrets IaC Container
ariacyber.in/threat-intel 1,569 CVEs · CISA KEV
CISA Known Exploited Vulnerabilities
catalog 2026.04.16 · filter "log4"
CVE-2021-44228
Apache Log4j2 Remote Code Execution Vulnerability
Apache · Log4j2
2021-12-10 RANSOMWARE
CVE-2021-45046
Apache Log4j2 Deserialization of Untrusted Data
Apache · Log4j2
2021-12-10 RANSOMWARE
CVE-2023-49897
FXC AE1021 Command Injection Vulnerability
FXC · AE1021
2024-03-15
CVE-2024-21887
Ivanti Connect Secure Command Injection
Ivanti · Connect Secure
2024-01-10 RANSOMWARE
Showing 4 of 1,569 · filter narrowed by "log4"
ariacyber.in/aegis#fleet CLAUDE 4.5
Aria Fleet · 3 agents on-demand
Aria Search
DISCOVER
Find lookalike domains, rogue apps, impersonators across CT logs, social, app stores, ad libs.
Aria Classify
TRIAGE
Score, cluster, and connect related threats. Claude + deterministic rules.
example.com · invoke →
Aria Respond
CONTAIN
Execute the steps to disrupt and resolve — isolate, quarantine, takedown.
Plan for · acme-payroll.coAI
01Reverse-resolve MX → sender infrastructure
02WHOIS registrant pattern check
03Open takedown (registrar + hosting)
04Add to Mail shield blocklist
05Alert CEO office via WhatsApp
shield_calls: identity.takedown.open · mail.quarantine.domain · soc.ingest
ariacyber.in/compliance#india · evidence vault HASH-CHAINED
Evidence Vault · 29 ledger entries · tenant org_f3287153
filter ":" · CSV export ready
led_fe9695d22e93certin.incident_registered09:28:34
led_b2a4c811d7f2certin.report_drafted09:28:41
led_9d3f12acbe55dpdp.inventory_updated10:02:15
led_445aeb71c829dpdp.dsar_created10:14:28
led_81cf1ed3990aidentity.takedown.open10:47:55
led_7e0a3b221f86agent.invoked11:03:12
led_3312f9ce8714recon.finding11:22:49
led_c17d8a4e5f32mail.analyzed11:38:06
↓ Export CSV 📄 Audit Pack PDF Hash-chained · immutable · auditor-ready
Compare

Global tools leave Indian compliance to you.

CrowdStrike, Palo Alto, SentinelOne don't know CERT-In Annexure-II. They don't have DPDP SDF checklists. Their price is in USD. Their data isn't in Mumbai.

Capability
Aria CyberShield
CrowdStrike
SentinelOne
CERT-In 6h Annexure-II auto-draft
One-click
DPDP §5 inventory + §8(6) breach drafts
RBI 2/4/6h severity reporter + NBFC SBR
SEBI CSCRF quarterly draft
IRDAI 48-hour countdown + GRO filing
Data residency · Mumbai (asia-south1)
native
add-on
partial
INR pricing · Razorpay · GST invoice
USD only
USD only
MSME / DPIIT vendor · govt procurement
India-localised billing (INR · GST · Razorpay)
Show, don't tell

From detection to regulator filing,
in one thread.

The path a critical alert will follow once your tenant is wired — deduped, investigated, classified, contained, drafted for CERT-In, logged to the evidence vault. No analyst handoffs. No tool-switching. No paperwork at 02:00. Walk-through below uses an illustrative ransomware example.

T+0AriaShield · SOC
Critical alert lands
AriaShield rule 100210 fires — SMB share on hr-fileserver-01 mass-encrypting with .locky extension. Deduper suppresses 14 follow-on events.
T+3sAria Classify
Verdict + score
Claude agent returns malicious / ransomware / critical · 0.94 confidence. Indicators extracted: ransom note hash, encrypted extension, C2 domain evilco.click.
T+6sAria Respond
Containment proposed
3 playbook actions queued: isolate host · rotate privileged creds · block C2 at perimeter. Destructive ones require CISO WhatsApp approval — sent instantly.
T+12sComply · CERT-In
6-hour clock starts · Annexure-II drafted
Incident auto-registered. 6-hour CERT-In window begins. Annexure-II pre-filled with POC from session, category Category 10 · Ransomware, containment steps, affected systems, IOCs.
T+5h 40mApproved · Filed
Filed · evidence locked in vault
CISO approves via WhatsApp. Annexure-II emails to incident@cert-in.org.in. Every step (detection · investigation · approval · submission) is signed and appended to the immutable evidence ledger. Auditor-ready.
Under the hood

One ledger. One tenant boundary. Zero shadow state.

Every shield reads and writes the same per-tenant ledger. Every agent invocation, scan, incident, approval, and submission lands there — hash-chained, immutable, export-ready. That's how audit becomes trivial and every feature stays accountable.

Layer 0 · AriaShield Endpoint Sensor (Garuda)
eBPF kernel telemetry · Linux Endpoint Security · macOS Minifilter driver · Windows (roadmap) gRPC + Noise XX + mTLS upstream
Layer 1 · Auth & Tenant
JWT · RS256 · org claim 2h access · 7d refresh RBAC · admin / analyst / viewer Google + Microsoft SSO
Layer 2 · Six Aegis Shields
🛡 SOC ✉ Mail 🔍 Recon 📜 Comply 🆔 Identity 💰 Underwrite
Layer 3 · Aria Fleet · Claude-powered
Aria Search · discover Aria Classify · triage Aria Respond · contain Claude haiku-4-5 · India region
Layer 4 · Immutable Evidence Ledger
Hash-chained appends Per-tenant · per-kind query CSV / PDF audit export 5-second snapshot flusher
Layer 5 · Runtime · asia-south1
Google Cloud Run · Mumbai FastAPI + Pydantic v2 AriaShield manager · WhatsApp gateway min-instances=1 · warm start
0
live Aegis endpoints
0
ledger event kinds
0
Indian languages supported
0%
tenant-scoped requests
Frequently asked

Everything you want to know.

Is Aria open for customers today?
We're in early access. You can register, onboard, and run the full platform against your tenant today — no card needed, no sales call. We're intentionally small-batch while we harden the India-regulator flows with founding customers.
How does the 5-minute setup actually work?
Register → /onboarding wizard: (1) confirm org + industry, (2) register your first domain for monitoring, (3) copy-paste the AriaShield agent installer for your OS, (4) add a CISO WhatsApp number, (5) Aegis auto-seeds with 6 SOC alerts + 4 mail samples + 2 recon targets + 3 takedown cases. Then /aegis opens with live KPIs.
What exactly do the AI agents do?
Aria Search finds unauthorized use of your brand. Aria Classify triages and scores threats. Aria Respond executes containment. Each is a Claude agent with structured output — you see the plan, the shield calls recommended, and the risk signals to monitor. Every invocation is recorded in the immutable Evidence Vault.
Is the CERT-In 6-hour clock real?
Yes. The moment a SOC alert is classified Critical, we open an incident record, start the 6-hour clock, and auto-draft Annexure-II with your POC info from the session. You can submit via email to incident@cert-in.org.in or via API. Every draft, review and submit lands in the evidence vault.
What about DPDP — rules are only partially notified?
We track the full staging: rules notified 2025-11-13, Consent Manager framework 2026-11-13, full compliance 2027-05-13. Today the SDF checklist (10 controls), §5 data inventory (12-category enum), DSAR queue (6-state machine), and §8(6) breach drafts all work. We add board-published requirements the week they drop.
Who owns the data we put into Aria?
You do. Every tenant is isolated with a JWT org_id boundary, every write lands in your hash-chained ledger, and every export (CSV of evidence vault, PDF of incident reports, Mermaid data-flow diagrams) is yours to take. If you ever leave, export the ledger and you walk out with a complete audit record.

Your next incident is already brewing.
Start defending in 5 minutes.

Early access is open. No card, no sales call — register and the console is yours.

Claim your tenant → 💬 WhatsApp the founders Email the founders