About
CRAIG ALLAN-MCWILLIAMS
I build security for AI systems that make decisions and take actions without human supervision — what the industry is starting to call agentic infrastructure, and what I’d argue is one of the least-protected attack surfaces in modern enterprise today.
My flagship product is Raucle — a platform built to secure autonomous AI agents at scale. Alongside it I maintain Raucle-Detect, an open-source detection framework for spotting the behavioural anomalies, privilege escalations, and trust boundary violations that occur when agents operate in production. For organisations deploying agentic systems, Raucle-Detect is a practical starting point for answering the question: how would you know if one was compromised?
The hard questions I work on: how do you set meaningful trust boundaries for autonomous agents? How do you audit their decision-making in real time? How do you stop an AI system becoming a lateral movement vector into critical infrastructure?
These aren’t hypothetical — organisations deploying agents at scale face them now.
As a practitioner I’ve spent 25 years as a security engineer and architect across banking, government, and global enterprise — building CI/CD pipeline security, hardening AWS environments at scale, engineering SIEM and forensics capabilities, and leading security programmes from the ground up. I hold SABSA Chartered Architect, CISSP, AWS Security Specialty, CCSK, and MITRE ATT&CK certifications, and I think about security as a system property, not a bolt-on.
I bring both sides of the table: the technical depth to architect and engineer secure infrastructure, and the commercial fluency to explain why it matters to a board.
What I care about: agentic AI security · open-source tooling · securing systems that organisations don’t yet know how to name · building before the threat arrives
Core Expertise
- Agentic AI Security
- Security Engineering
- AWS Cloud Security
- CI/CD Pipeline Security
- SABSA Security Architecture
- DevSecOps
- Enterprise Risk Management