The ARMR Platform
The ARMR Platform is comprised of two parts: a Domain-Specific Language (DSL) designed to allow users to express application extensions and security controls, and a RASP Agent that interprets the ARMR DSL to apply the programmed extensions and security controls. Here are some of the common ARMR terms used throughout this document.
| Term | Definition |
|---|---|
| ARMR DSL/Language | The language used to program extensions and security controls. |
| ARMR Rule | One of many runtime types that can be programmed to apply enhancements or security controls for specific behaviors of the application (i.e. HTTP queries, SQL transactions, file-system operations, etc.) |
| ARMR Mod | A self-sufficient ARMR program comprising one or more ARMR rules. An ARMR rule is always a member of one, and only one, ARMR Mod. |
| ARMR Rules File | A plain-text file with an extension of .armr that contains one or more ARMR mods. |
| RASP Agent | A runtime agent that supports the ARMR platform, interprets and executes ARMR Rules, and enforces security protections within the running application. |
The ARMR Language Specification defines the structure of the DSL itself and the reprogrammable behaviors of an application's runtime components, such as networking operations, HTTP transaction, SQL queries, and many others. These reprogrammable behaviors form the basis for ARMR Rules, which enable users to eloquently describe how they would like to apply behavior enhancements or enforce bespoke security policies for any desired target application.
Once a Waratek Agent is attached to an underlying runtime, ARMR Mods can be loaded, reloaded, and unloaded dynamically at runtime without requiring the application or underlying runtime to be restarted.