Catalog
The full PRESIDIO catalog.
One storyline, read top-to-bottom: hardened infrastructure runs the workloads, cloud posture and translucency watch them, IKI-Gov governs the AI use cases, and the flagship platforms gate agent payments and close the books — each with cryptographic evidence.
Flagships
The two spearheads, one thesis: pre-execution compliance gating with cryptographic evidence — one for agent payments, one for AI use cases.
presidio-hardened-x402
FlagshipSecurity middleware for the x402 agent-payment protocol: pre-payment PII and policy screening before a request is signed. Live screening API at screen.presidio-group.eu.
presidio-hardened-ikigov-assess
FlagshipAssess and gate AI use cases against the IKI-Gov reference model — lifecycle, six domains, six quality gates — with ISO/IEC 42001 and EU AI Act mappings. Companion to the forthcoming Springer book.
Platforms & payments
The platforms an organisation operates around the flagships — the pre-payment screener and audit-grade treasury close.
presidio-hardened-x402-mcp
ComponentMCP pre-payment screener — agents call it to catch emails, phone numbers, names, and other PII in payment metadata before signing.
Audit-grade treasury close for crypto-first organizations — deterministic, verifiable books that hold up under audit.
Cloud posture & translucency
Continuous audit of cloud workloads and architectural transparency over what is actually running.
Architectural translucency (Stantchev, ~2005): monitor running systems against their intended deployment structure — observable, bounded behaviour under load.
presidio-hardened-scoutsuite
ComponentSecurity-hardened ScoutSuite distribution for continuous cloud-posture assessment; feeds evidence into the governance story.
Hardened infrastructure
Drop-in hardened replacements for standard Python libraries and runtimes — the secure substrate. Published to PyPI, maintained security-fixes-only. Independent of Microsoft Presidio.
presidio-hardened-requests
Maintained100% drop-in replacement for Python requests: TLS enforced, timeouts required, audit-friendly logging.
presidio-hardened-fastapi
MaintainedHardened, near drop-in replacement for FastAPI with strong security defaults.
presidio-hardened-flask
MaintainedDrop-in Flask replacement that applies production-grade security defaults from a single import change.
presidio-hardened-opcua
MaintainedHardened OPC UA client and server, aligned to OPC UA security profiles. NIS2 / IEC 62443 adjacent.
presidio-hardened-esp32
MaintainedHardened ESP-IDF primitives for embedded systems; on the ESP Component Registry.
presidio-hardened-crypto-channel
MaintainedReference secure channel — ECDH key exchange with AES-256-GCM. Educational, not a production cryptographic library.
presidio-hardened-vuln-scanner
MaintainedWeb-application vulnerability scanner shipped with a deliberately vulnerable demo app. Educational.
Research & publications
Publication-backed reference implementations that underpin the platforms with models, proofs, and frameworks.
presidio-hardened-vol-assign
ResearchPython CLI (pva) implementing a multi-objective volunteer-assignment model for catastrophic, out-of-bound disaster-response scenarios.
presidio-hardened-fl
MaintainedPrivacy-preserving federated-learning simulation. Course asset (PRES-EDU-CS-101), kept installable.
presidio-hardened-ids
MaintainedML-based intrusion-detection system with adversarial evasion and hardening. Course asset, kept installable.
Naming convention
Libraries prefixed presidio-hardened-* follow the hardened defaults described on the home page. Tools prefixed presidio-* are assessment and orchestration utilities that support the hardened catalog.