About OpenA2A

Open-source security infrastructure for AI agents — not humans or services repurposed as agents.

The Problem

AI agents are already making decisions, calling APIs, and accessing production data — without identity, visibility, or accountability. One compromised or misaligned agent can silently exfiltrate data, escalate privileges, or delete critical systems, and most organizations won't notice until damage is done.

What We Do

We build open-source security infrastructure for AI agents — not humans or services repurposed as agents. 4 npm packages published, 17,000+ downloads, 7 security PRs accepted into OpenClaw (205K+ stars), and 2,500+ lines of security code merged into projects used by millions.

AI agents should be powerful — but never unaccountable.

What We Build

OpenA2A CLI

Unified security platform. One command to scan, protect, and monitor AI agents across the entire OpenA2A ecosystem.

HackMyAgent

Security scanner, red-team toolkit, OASB benchmarking, and ARP runtime protection -- all in one package. 199 security checks, 75 adversarial attack payloads, and auto-fix with rollback.

Secretless AI

Keeps secrets out of AI context windows. PreToolUse hooks block credential access across Claude Code, Cursor, Copilot, and Windsurf.

AIMAgent Identity Management

Cryptographic identity, MCP server attestation, trust scoring, capability-based access control, and tamper-proof audit trails. One line of code.

Browser Guard

Chrome extension for detecting and controlling browser-based AI agents. 4-layer detection, delegation engine, and session timeline.

DVAADamn Vulnerable AI Agent

10 intentionally vulnerable agents, 8 attack classes, and CTF challenges for learning and red-teaming.

Leadership

Abdel Fane

Founder & CEO

Abdel Fane

I build the tools and teams that secure AI agents.

CEO & Founder, OpenA2A

I lead the team building the open-source security infrastructure for AI agents. Our ecosystem — the OpenA2A CLI, HackMyAgent, Secretless AI, AIM, Browser Guard, and DVAA — answers the three questions every organization deploying AI agents must address: Who is this agent? What is it allowed to do? What did it actually do?

Executive Director, CyberSecurity NonProfit (CSNP)

I oversee a 12,500+ member global community across 16 chapters dedicated to making cybersecurity education accessible to everyone — from families and seniors to schools and small businesses.

Co-Creator, QRAMMQuantum Readiness Assurance Maturity Model

Our team developed the enterprise framework organizations use to assess and prepare for the post-quantum cryptographic transition.

Background

20 years of technology and cybersecurity leadership across healthcare, financial services, technology, government, energy, consulting, insurance, and pharmaceuticals.

MetaNorthwestern MutualMerckBHP MiningBooz Allen HamiltonAllstateEquifaxU.S. Dept. of Veterans Affairs

Masters in Cyber Forensics & Security

CSNP.orgQRAMM.org

Why Open Source?

Transparency

Security tools should be auditable. You can inspect every line of code that protects your AI infrastructure.

Community

The best security comes from collective knowledge. We build with the community, not in isolation.

No Lock-in

Self-host forever. Your security shouldn't depend on a vendor's business model or pricing changes.

Our core tools are open source, Apache-2.0 licensed. From the founders of CyberSecurity NonProfit (CSNP), serving 12,500+ security professionals across 16 chapters.

If you're building AI agents, secure them. If you're deploying them, verify them. If you're auditing them, verify the trail.

Get StartedRead the Docs

Get in Touch

Questions about AIM? Want to contribute? We'd love to hear from you.

info@opena2a.orgGitHub