@ayurak/aribot-cli 1.0.5 → 1.0.8

package/README.md

@@ -1,66 +1,249 @@
-# Aribot CLI
+# Aribot - Economic, Regulatory & Security APIs for Modern Applications
 
-AI-powered threat modeling from the command line.
+**Analyze your tech stack. Optimize architecture. Model costs. Identify threats dynamically.**
+
+APIs that help you build better systems with practical, actionable recommendations.
+
+[![npm](https://img.shields.io/npm/v/@ayurak/aribot-cli)](https://www.npmjs.com/package/@ayurak/aribot-cli)
+[![Node](https://img.shields.io/node/v/@ayurak/aribot-cli)](https://www.npmjs.com/package/@ayurak/aribot-cli)
+[![License](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
+
+## Why Aribot?
+
+Modern applications need more than just security scanning. They need **intelligent analysis** that understands your architecture, quantifies your risks in dollars, and ensures compliance across 100+ regulatory standards.
+
+**Aribot is the API layer your security, finance, and compliance teams have been waiting for.**
+
+## Platform Capabilities
+
+| Capability | What It Does |
+|------------|--------------|
+| **Advanced Threat Modeling** | Multi-framework analysis: STRIDE, PASTA, NIST, Aristiun Framework |
+| **Cloud Security (CSPM/CNAPP)** | Real-time posture management across AWS, Azure, GCP |
+| **100+ Compliance Standards** | SOC2, ISO27001, PCI-DSS, GDPR, HIPAA, NIST, FedRAMP, CIS... |
+| **Economic Intelligence** | ROI calculations, TCO analysis, risk quantification in real dollars |
+| **FinOps** | Cloud cost optimization with security-aware recommendations |
+| **Red Team Automation** | Simulate attacks before attackers do |
+| **Living Architecture** | Dynamic diagrams that evolve with your infrastructure |
+
+## Advanced Threat Modeling
+
+Aribot goes beyond basic threat analysis. Our AI-powered engine analyzes your architecture using **multiple threat frameworks**:
+
+- **STRIDE** - Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege
+- **PASTA** - Process for Attack Simulation and Threat Analysis
+- **NIST** - National Institute of Standards and Technology threat methodology
+- **Aristiun Framework** - Our proprietary advanced threat intelligence framework
+
+Upload any diagram. Get comprehensive threats mapped across all frameworks in seconds.
 
 ## Installation
 
 ```bash
-npm install -g aribot-cli
+# npm
+npm install @ayurak/aribot-cli
+
+# yarn
+yarn add @ayurak/aribot-cli
+
+# pnpm
+pnpm add @ayurak/aribot-cli
 ```
 
-## Quick Start
+## Quick Start (60 Seconds to Value)
+
+### CLI Usage
 
 ```bash
-# Authenticate
-aribot login
+# 1. Authenticate
+npx aribot login
 
-# Upload and analyze a diagram
-aribot analyze architecture.drawio
+# 2. Analyze your architecture
+npx aribot analyze architecture.png
 
-# List your diagrams
-aribot diagrams
+# 3. See your threats (multi-framework)
+npx aribot threats <diagram-id>
 
-# View threats
-aribot threats <diagram-id>
+# AI-powered multi-framework threat modeling in 3 commands.
+```
+
+### SDK Usage (TypeScript/JavaScript)
+
+```typescript
+import { AribotClient } from '@ayurak/aribot-cli';
+
+const client = new AribotClient({ apiKey: 'ak_...' });
+
+// Upload diagram, get AI threats across all frameworks
+const diagram = await client.threatModeling.upload('architecture.png');
+const threats = await client.threatModeling.getThreats(diagram.id);
+
+console.log(`Found ${threats.length} threats across STRIDE, PASTA, NIST & Aristiun`);
+threats.forEach(t => {
+  console.log(`  [${t.severity.toUpperCase()}] ${t.title} - ${t.category}`);
+});
+
+// Run compliance assessment
+const assessment = await client.compliance.assess(diagram.id, 'SOC2');
+console.log(`SOC2 Score: ${assessment.score}%`);
 
-# Export report
-aribot export <diagram-id> --format pdf
+// Calculate security ROI
+const roi = await client.economics.calculateROI(100000, 50);
+console.log(`3-Year ROI: ${roi.roi_percent}%`);
 ```
 
-## Commands
+## API Coverage
 
-| Command | Description |
-|---------|-------------|
-| `aribot login` | Authenticate with your API key |
-| `aribot logout` | Remove stored credentials |
-| `aribot whoami` | Show current auth status |
-| `aribot diagrams` | List all your diagrams |
-| `aribot analyze <file>` | Upload and analyze a diagram |
-| `aribot threats <id>` | List threats for a diagram |
-| `aribot generate-threats <id>` | Generate AI threats |
-| `aribot export <id>` | Export report (pdf/json/csv) |
+### Threat Modeling (Multi-Framework)
+```typescript
+client.threatModeling.upload(file)           // AI-powered multi-framework analysis
+client.threatModeling.getThreats(id)         // Threats from STRIDE, PASTA, NIST, Aristiun
+client.threatModeling.generateThreats(id)    // On-demand generation
+client.threatModeling.export(id, { format: 'pdf' })  // Executive reports
+```
 
-## Options
+### Compliance (100+ Standards)
+```typescript
+client.compliance.assess(id, 'SOC2')         // Single standard
+client.compliance.runScan(id, ['SOC2', 'GDPR', 'HIPAA'])  // Multi-standard
+client.compliance.getRemediation(findingId)  // Fix guidance
+```
 
-### analyze
-- `-n, --name <name>` - Set diagram name
-- `--auto-threats` - Auto-generate AI threats (default: true)
+### Economic Intelligence
+```typescript
+client.economics.calculateROI(investment)    // Security ROI
+client.economics.calculateTCO('aws')         // Total cost of ownership
+client.economics.getMarketIntelligence()     // Industry benchmarks
+```
 
-### threats
-- `-s, --severity <level>` - Filter by severity
+### Cloud Security
+```typescript
+client.cloudSecurity.scanPosture()           // CSPM scan
+client.cloudSecurity.getFindings({ severity: 'critical' })  // Priority findings
+client.cloudSecurity.remediate(id, true)     // Auto-fix
+```
 
-### export
-- `-f, --format <format>` - Export format (pdf, json, csv)
-- `-o, --output <file>` - Output file path
+### Red Team & Attack Simulation
+```typescript
+client.threatEngine.listMethodologies()        // STRIDE, PASTA, NIST, etc.
+client.threatEngine.getThreatIntelligence()    // Real-time threat intel
+client.threatEngine.analyzeAttackPaths(id)     // AI attack path analysis
+client.threatEngine.comprehensiveAnalysis(id)  // Full threat analysis
+client.threatEngine.generateRequirements(id)   // Security requirements
+```
 
-## Get API Key
+## TypeScript Support
+
+Full TypeScript support with exported types:
+
+```typescript
+import {
+  AribotClient,
+  AribotConfig,
+  Diagram,
+  Threat,
+  ComplianceAssessment,
+  SecurityFinding,
+  PaginatedResponse,
+  AribotError,
+  AuthenticationError,
+  RateLimitError,
+  APIError,
+} from '@ayurak/aribot-cli';
+```
 
-Get your API key at [developer.ayurak.com](https://developer.ayurak.com)
+## Supported Compliance Standards
 
-## Documentation
+**Financial**: SOC2, PCI-DSS, SOX, GLBA
+**Healthcare**: HIPAA, HITRUST
+**Privacy**: GDPR, CCPA, LGPD, PIPEDA
+**Government**: FedRAMP, FISMA, NIST 800-53, NIST 800-171
+**Cloud**: CIS AWS, CIS Azure, CIS GCP, CIS Kubernetes
+**Security**: ISO27001, ISO27017, ISO27018, NIST CSF, CSA CCM, MITRE ATT&CK
 
-Full documentation: [developer.ayurak.com/docs](https://developer.ayurak.com/docs)
+## Environment Variables
+
+```bash
+# Set API key via environment variable
+export ARIBOT_API_KEY=ak_your_api_key_here
+
+# Then use without passing apiKey
+const client = new AribotClient();
+```
+
+## Error Handling
+
+```typescript
+import { AribotClient, AuthenticationError, RateLimitError, APIError } from '@ayurak/aribot-cli';
+
+try {
+  const client = new AribotClient({ apiKey: 'ak_...' });
+  const diagrams = await client.threatModeling.list();
+} catch (error) {
+  if (error instanceof AuthenticationError) {
+    console.error('Invalid API key');
+  } else if (error instanceof RateLimitError) {
+    console.error(`Rate limited. Retry after ${error.retryAfter}s`);
+  } else if (error instanceof APIError) {
+    console.error(`API Error: ${error.statusCode} - ${error.message}`);
+  }
+}
+```
+
+## CLI Commands
+
+### Authentication & Status
+```bash
+aribot login              # Authenticate with API key
+aribot logout             # Clear credentials
+aribot whoami             # Current user info
+aribot status             # API limits & usage
+```
+
+### Threat Modeling
+```bash
+aribot diagrams           # List your diagrams
+aribot analyze <file>     # Upload & analyze diagram
+aribot threats <id>       # View threats for diagram
+aribot generate-threats <id>  # AI threat generation
+aribot export <id>        # Export report (JSON/CSV/PDF)
+```
+
+### Red Team & Attack Simulation
+```bash
+aribot redteam --methodologies           # List threat modeling methodologies
+aribot redteam --intelligence            # Get threat intelligence summary
+aribot redteam --attack-paths -d <id>    # Analyze attack paths for diagram
+aribot redteam --analyze <id>            # Comprehensive threat analysis
+aribot redteam --requirements <id>       # Generate security requirements
+```
+
+### Compliance & Security
+```bash
+aribot compliance --list-standards       # List 100+ compliance standards
+aribot compliance --assess <id>          # Run compliance assessment
+aribot cloud-security --scan             # Cloud security scan (CSPM/CNAPP)
+aribot cloud-security --findings         # View security findings
+```
+
+### Economic Intelligence
+```bash
+aribot economics --dashboard             # View economic dashboard
+aribot economics --roi                   # Calculate security ROI
+aribot economics --tco                   # Total cost of ownership
+```
+
+## Resources
+
+- **Platform**: [aribot.ayurak.com](https://aribot.ayurak.com)
+- **Developer Portal**: [developer.ayurak.com](https://developer.ayurak.com)
+- **API Docs**: [developer.ayurak.com/docs](https://developer.ayurak.com/docs)
+- **Support**: support@ayurak.com
 
 ## License
 
-MIT
+MIT License - Copyright (c) 2025 Ayurak AI
+
+---
+
+**Built for teams who take security seriously.** Start analyzing in 60 seconds.