Argy
Request a demo

Security Model

SSO, RBAC, audit logs, and governance: DevSecOps and platform security by design.

Argy is not a "cyber product" in the traditional sense. Security is approached as a platform pillar: access control, traceability, guardrails, and governance. We apply the principle of DevSecOps by default—security and compliance are embedded into delivery and operations workflows.

Identity and Access (SSO & RBAC)

Authentication (SSO)

Argy integrates with your corporate identity providers (Microsoft Entra ID/Azure AD, Okta, Google Workspace) via SAML or OIDC.

Authorization (RBAC)

The granular authorization model allows defining who can:

  • Create or modify module definitions.
  • Provision new products.
  • Access production environment configurations.

Traceability and Audit

Every action performed via the Argy portal, API, or CLI is logged. Audit Logs help meet compliance requirements by knowing exactly who deployed which module, with what configuration, and when.

Governance through Code (Policy-as-Code)

Argy allows integrating tools like OPA (Open Policy Agent) or Kyverno to validate that deployments comply with your security standards before they are even applied.

  • Validation of IaC configurations.
  • Container image provenance control.
  • Resource tag compliance checking.

Data Security

All data is securely hosted on Microsoft Azure in the Europe region, ensuring compliance with GDPR.

To see how governance and guardrails translate into outcomes, browse the use cases.