@import url('https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@700;800&family=Share+Tech+Mono&display=swap');
// FIELD NOTES

The ARX Blog

Security automation. AI governance. Compliance infrastructure. Written for the people building and governing the next generation of enterprise security.

INTEGRATION ARXsec + Microsoft Agent Governance Toolkit: Complete Governance for Enterprise Security Agents
INTEGRATION
ARXsec + Microsoft Agent Governance Toolkit: Complete Governance for Enterprise Security Agents
Microsoft governs the agent runtime. ARXsec governs what the agent touches. Together, they answer every question a CISO will ask.
6 min read
 LAUNCH Introducing ARX: The Platform That Lets Your Security Team's Best Work Ship
LAUNCH
Introducing ARX: The Platform That Lets Your Security Team's Best Work Ship
Why we built ARX, what it does, and how to be part of the launch.
4 min read
Read Article →
$ crowdstrike.get_detections() → 47 high_severity events $ correlate_asset_criticality() → prioritized_queue.json $ deploy --production ✗ BLOCKED: No SOC 2 report ✗ BLOCKED: No audit trail ✗ BLOCKED: No compliance pkg SECURITY AUTOMATION Your Security Team's Best Work Is Trapped on a Laptop Somewhere
SECURITY AUTOMATION
Your Security Team's Best Work Is Trapped on a Laptop Somewhere
Why the most effective security automation in your organization never made it to production — and what that costs you.
6 min read
Read Article →
CISO PERSPECTIVE The CISO's AI Agent Problem Nobody Is Talking About
CISO PERSPECTIVE
The CISO's AI Agent Problem Nobody Is Talking About
Shadow automation is the new shadow IT — and it's running on your security stack right now.
5 min read
Read Article →
COMPLIANCE How to Get a SOC 2 Report for Your Internal Security Tool
COMPLIANCE
How to Get a SOC 2 Report for Your Internal Security Tool
The practical guide to getting internally-built security automation through enterprise procurement.
7 min read
Read Article →
AI GOVERNANCE Why "Human in the Loop" Means Nothing Without Infrastructure to Enforce It
AI GOVERNANCE
Why “Human in the Loop” Means Nothing Without Infrastructure to Enforce It
The gap between AI governance policy and AI governance reality — and how to close it.
5 min read
Read Article →
4f 2a 9bc1 e8 3d7a 0f b6 5e 2c 91d4 a7 388b 1f c5 3e 6d a2f0 94 7c2b e1 58 9a 4c d76f 3b 80c8 5a 1e a4 7f 2e 91 b3 d6 0c 58 e9 3c 8a f1 65 47 db 20 7e a6 b9 14 c3 5f 82 0a e4 6b 9d 4df28e a13b7c ENGINEERING Hardcoded API Keys Are the Single Biggest Security Risk in Your Security Program
ENGINEERING
Hardcoded API Keys Are the Single Biggest Security Risk in Your Security Program
The credential exposure problem hiding inside your team's internal security automation tools.
6 min read
Read Article →
2026-04-11T14:32:17Za7f2e91b3d6c058e9...🔒 2026-04-11T14:34:51Zc3f582a0e46b9d14...🔒 2026-04-11T14:35:03Ze94c7a3bf165820d...🔒 2026-04-11T14:36:22Zd720bf19c4e683a5...🔒 2026-04-11T14:38:47Z8a61f3d0c9b2574e...🔒 2026-04-11T14:40:15Z5e29a4c8f7d10b63...🔒 2026-04-11T14:42:33Zb3d6c058e9a7f21e...🔒 AUDIT & COMPLIANCE What an Immutable Audit Trail Actually Means — and Why Your SIEM Is Not One
AUDIT & COMPLIANCE
What an Immutable Audit Trail Actually Means — and Why Your SIEM Is Not One
The difference between logging and compliance-grade audit trails for AI agent activity.
5 min read
Read Article →
MARKET INTELLIGENCE The Agentic Transition in Cybersecurity: What It Means for Security Teams Right Now
MARKET INTELLIGENCE
The Agentic Transition in Cybersecurity: What It Means for Security Teams Right Now
How the shift from AI copilots to AI agents changes everything about how security programs operate.
8 min read
Read Article →
INFRASTRUCTURE PLATFORM SERVICES CONNECTOR LIBRARY CUSTOMER AGENT RUNTIME ENGINEERING How We Built ARX: The Technical Architecture of a Compliance-Native Platform
ENGINEERING
How We Built ARX: The Technical Architecture of a Compliance-Native Security Agent Platform
A look under the hood at the technology decisions behind ARX — and why we made them.
6 min read
Read Article →
PROCUREMENT What Security Procurement Teams Are Actually Asking When They Request a VSQ
PROCUREMENT
What Security Procurement Teams Are Actually Asking When They Request a VSQ
Understanding the vendor security questionnaire so you can answer it — and eventually generate it automatically.
5 min read
Read Article →