Skip to Content
Documentation

Arrakis Documentation

Technical reference for the Arrakis platform. For a platform overview, see arrakis.security .

Platform architecture

The diagram below shows how Arrakis sits between your identity, device-management, and SIEM systems while governing developer endpoints that run Claude Code, Claude Cowork, Cursor, and OpenAI Codex. Solid arrows are required data flows; dashed arrows are optional SIEM fan-out paths.

Arrakis platform architecture

Legend:

  • Arrakis SaaS (blue): the multi-tenant control plane — admin UI, policy engine, Groups page, and the OTel ingest endpoint.
  • Customer environment (orange): systems you already own — IdP (SCIM source of truth), MDM (Jamf, Intune, Iru), developer endpoints, and your SIEM.
  • Vendor admin consoles (gray): Anthropic, Cursor, and OpenAI admin APIs that Arrakis calls for user/key lifecycle and quarantine actions.
  • Solid arrows: required day-to-day flows (SCIM in, policy out, telemetry up).
  • Dashed arrows: optional SIEM delivery — Mode A (Arrakis fan-out) or Mode B (your collector ingests directly).

Sections

  • Platform Concepts: Risk scoring, threat taxonomy, security domains, policy engine, posture score, MCP gateway security, and red teaming
  • API Reference: Endpoint specifications, authentication, and request/response shapes
  • Data Model: Core entities and relationships
  • Connectors: Supported agent platforms and integrations
  • Deployment: Per-tool MDM rollout, Anthropic and OpenAI admin-console walkthroughs, OpenTelemetry to the Arrakis collector, and MDM sync cadence.
  • Compliance: Framework mappings and control coverage
  • Glossary: Key technical terms
Last updated on
Overview