MACAW is built on peer-reviewed research in distributed systems security. Our core insight: instead of trying to detect AI attacks (which doesn't work), we bound agentic systems deterministically using the same cryptographic techniques that secure distributed systems. The result - breaking your AI requires breaking cryptography, not crafting clever prompts.
Collaborate With Us
We're building in the open. If you're a practitioner or researcher working on agentic AI security, we'd love to connect. research@macawsecurity.com
| Type | Title | |
|---|---|---|
| Paper | Authenticated Workflows: A Systems Approach to Protecting Agentic AI The foundational paper. Why detection-based AI security fails, how to bound agentic systems deterministically, and the four attack surfaces (prompts, tools, data, context) that cover all attack vectors. | |
| Paper | Protecting Context and Prompts: Deterministic Security for Non-Deterministic AI How to make prompts and context cryptographically authentic. Lineage tracking for derived prompts, hash-chained context for tamper-evidence, and why permissions can only narrow as workflows execute. | |
| White Paper | Zero Trust Agentic Identity The missing infrastructure layer for enterprise AI. Why traditional identity fails for AI agents. | |
| Guide | MAPL Policy Guide Complete tutorial for the MACAW Agentic Policy Language. Policy structure, inheritance, parameter constraints, and attestations. | |
| Architecture | Identity Flow Architecture MACAW's layered identity architecture. How JWT tokens flow through adapters and clients with multi-user isolation. | |
| Reference | Claims Mapping Reference Mapping enterprise identity provider claims to MACAW's policy model. Examples for Keycloak, Okta, Azure AD, and Google. | |
| Guide | Delegated Authentication How AI agents act on behalf of users with scoped permissions, audit trails, and cryptographic verification. |