AI Security for Agentic Systems. Open source. Self-hostable.
Start Shipping AI Agents
You Can Trust
Verify Agent and MCP identity in <1ms. Block impostors at the boundary.
Think Let's Encrypt, but for AI.
pip install capiscio-sdkKnow Who's Calling
Ed25519 signatures prove agent identity
Block Tampering
SHA-256 body hash detects modifications
Stop Replays
60-second window rejects stale requests
Addresses 6 of the OWASP Top 10 for Agentic Applications 2026
Direct coverage for AG01 (Identity Spoofing), AG06 (Communication Tampering), AG07 (Replay Attacks), AG10 (Audit Gaps). Partial coverage for AG02 (Tool Misuse), AG03 (Excessive Agency).
View full OWASP mapping →Common Failure Modes We Help Prevent
These are real incidents from teams running agents in production
Third-party agent changed their schema
No validation gate. 4 hours of errors before engineering noticed.
→ CLI validates agent cards in CI before they hit production
Validate before deploy →Valid request captured, replayed 100+ times overnight
No timestamp validation. Compute budget drained.
→ Guard enforces 60-second replay windows. Same request twice? Blocked.
Block replay attacks →Logs showed an API call. But which agent?
Impersonation? Delegation? Unknown. Incident review stalled.
→ Guard logs verified agent identity on every request
View security guarantees →The Difference
Two protection points for your AI stack
- ✗Agent B can't verify Agent A's identity
- ✗MCP server can't limit which agents call which tools
- ✗No audit trail of who did what
- ✓Agent Guard: Verified DID on every A2A call
- ✓MCP Guard: Scoped tool access per agent
- ✓Full chain logged with verified identities
Drop-in Protection
Two lines to protect your A2A endpoints. One package for MCP tool servers.
pip install capiscio-sdkpip install capiscio-mcpdocker pull capiscio/guardnpm install -g capiscioAgent Guard: A2A Protection
from fastapi import FastAPI
from capiscio_sdk import SimpleGuard
app = FastAPI()
# Add a protocol aware guard in two lines.
guard = SimpleGuard(app)CLI: Validate in CI
capiscio validate ./agent-card.json --test-liveSSL Trust Levels Meet Short-Lived Tokens
Five verification tiers (Self-Signed → Extended Validation) like SSL certificates, but with 5-minute TTLs like access tokens. Stolen credentials expire before they're useful.
Learn about trust levels →Start Free. Scale When Ready.
Open source tools run locally. Hosted registry when you need managed infrastructure.
Open Source
- CLI, SDK, MCP Guard — unlimited
- Self-hosted trust store
- Offline verification mode
Hosted Registry
- Managed badge issuance
- Key rotation & revocation
- 14-day free trial
Building with AI Agents? Let's Talk.
I'm looking for design partners: teams running agents in production who want to co-develop the identity and governance features that matter most. No sales pitch—just problem-solving together.
— Beon de Nood, Founder
Become a Design PartnerProtocol-Agnostic Enforcement
A2A is the first standard. Your stack will be multi-standard.
CapiscIO started by enforcing the A2A Protocol (Google/Linux Foundation) and applies the same guard pattern to any agent traffic.
Same verification semantics work for A2A, MCP, custom protocols, and whatever emerges next.
Latest Insights
Learn about A2A Protocol, agent validation, and trust infrastructure
Your Agents Are Already in Production.
Give Them an Identity They Can Prove.
Start with the CLI. Validate your agent cards. Add Guard when you're ready for runtime enforcement.
pip install capiscio · pip install capiscio-sdk · pip install capiscio-mcp
