AI security research, grounded in standards

This site collects original research on the protocols, standards, and frameworks that will define how AI agents operate in production systems.

The work here is not vendor advocacy. It starts with standards bodies, threat models, and first principles — then asks what those mean for systems that act autonomously at scale.

Research

Properties

Five research properties, each focused on a distinct problem domain in AI security and identity. Each publishes independently at its own subdomain.

  • AI Governance Navigator ai-governance.cyberdaemon.ai

    Maps 26 AI governance frameworks against NHI coverage gaps and behavioral authorization controls. The Navigator treats governance not as compliance theater but as the load-bearing structure that determines what AI systems are permitted to do — and what happens when they don't.

  • LLM Security Harnesses harnesses.cyberdaemon.ai

    Evaluation harnesses for LLM security properties across 200/300/400 difficulty levels, with pipeline architecture for agentic evaluation patterns. Covers how you actually test whether a model behaves safely under adversarial conditions — not just what benchmarks say about it.

  • Agentic Identity identity.cyberdaemon.ai

    Non-human identity architecture for agentic AI systems: workload identity standards, the behavioral authorization gap, and the question of what controls are needed when a principal has no face and no signature.

  • DIRA dira.cyberdaemon.ai

    Dual-Intent Runtime Authorization is an original framework and threat model for authorizing AI agent actions at runtime based on inferred intent, not just role membership. Authorization systems built for human users ask who are you? — DIRA adds what are you actually trying to do right now?

  • SPIFFE/SPIRE and Workload Identity spiffe.cyberdaemon.ai

    An in-depth technical explainer on SPIFFE, SPIRE, and the CNCF workload identity stack as it applies to AI agents. Covers the standard in depth: SVIDs, trust domains, attestation, federation, implementation patterns, and why cryptographic workload identity is the non-negotiable baseline for agentic systems operating at scale.

Updates

Recent publications

  • 2026-06-16 DIRA Initial publication of DIRA: Dual-Intent Runtime Authorization framework and threat model
  • 2026-06-16 Identity Securing Agentic Identity published — workload identity standards, behavioral authorization gap, runtime authorization problem
  • 2026-06-16 Governance AI Governance Framework Navigator live — 26 frameworks, NHI gap analysis, behavioral authorization coverage matrix
  • 2026-06-16 Harnesses AI Evaluation Harness Explainer published — 200/300/400 levels, pipeline architecture, agentic evaluation patterns
  • 2026-06-25 SPIFFE SPIFFE/SPIRE and Workload Identity explainer published as standalone property at spiffe.cyberdaemon.ai — SVIDs, attestation, federation, AI agent implementation patterns
  • 2026-06-16 Platform cyberdaemon.ai launched as independent AI security research hub