---
title: "Secure Caracal"
url: "https://docs.caracal.run/security/"
markdown_url: "https://docs.caracal.run/markdown/security.md"
description: "Review Caracal security boundaries, harden production deployments, and report vulnerabilities responsibly."
page_type: "landing"
concepts: []
requires: []
---

# Secure Caracal

Canonical URL: https://docs.caracal.run/security/
Markdown URL: https://docs.caracal.run/markdown/security.md
Description: Review Caracal security boundaries, harden production deployments, and report vulnerabilities responsibly.
Page type: landing
Concepts: none
Requires: none

---

Security in Caracal centers on pre-execution authority: STS issues scoped mandates, Gateway enforces protected-resource access, Coordinator tracks agent/delegation state, Audit preserves evidence, and Operations keeps storage, streams, secrets, and releases recoverable.

## Security Model

```mermaid
flowchart LR
  Operator[Operator] --> API[API and Console]
  Workload[Workload] --> STS[STS]
  Request[Protected request] --> Gateway[Gateway]
  Agent[Agent SDK] --> Coordinator[Coordinator]
  API --> Audit[Audit evidence]
  STS --> Audit
  Gateway --> Audit
  Coordinator --> Audit
  Audit --> Postgres[(Append-only audit)]
```

## Security Review Path

| Need | Page |
| --- | --- |
| Understand assets, boundaries, threats, and mitigations | [Review the Threat Model](/security/threat-model/) |
| Harden a production deployment | [Harden Security Posture](/security/hardening/) |
| Verify a release before installing | [Verify a Release](/security/verify-releases/) |
| Demonstrate assurance to a reviewer or auditor | [Generate an Evidence Pack](/security/evidence-pack/) |
| Report a vulnerability privately | [Report a Vulnerability](/security/disclosure/) |
| Operate a security incident | [Respond to Incidents](/operations/incident-response/) |
| Evaluate the project for enterprise adoption | [Enterprise Security Readiness](/security/enterprise-readiness/) |

## Core Invariants

- STS must fail closed on policy, key, session, revocation, replay, step-up, and signing errors.
- Gateway must never trust caller-supplied destinations and must deny before upstream dispatch when authority or routing is unsafe.
- Redis stream messages require HMAC signing in published modes where configured.
- Audit evidence must remain append-only, tamper-evident, and recoverable through replay/DLQ paths.
- Secrets must come from secret files or platform secret managers in production.
- The open-source product must not depend on enterprise-only code or controls.

## Next Step

Read [Review the Threat Model](/security/threat-model/) before hardening a deployment.

## Related Sections

- [Enforce Boundaries](/architecture/trust-boundaries/)
- [Harden Production](/operations/tls-hardening/)
- [Rotate Keys and Secrets](/operations/key-management/)
- [Configure Alerts](/operations/alerts/)
- [Compare Editions](/enterprise/)
