Join us in London, 6/2 – 6/4 InfoSecurity Europe – OWASP GenAI and Agentic Security Summit

|

Register Now!

Agentic Security

Uncategorized

State of Agentic AI Security and Governance 1.0

/ / Uncategorized

The State of Agentic AI Security and Governance provides a comprehensive view of today’s landscape for securing and governing autonomous AI systems. It explores the frameworks, governance models, and global regulatory standards shaping responsible Agentic AI adoption. Designed for developers, security professionals, and decision-makers, the report serves as a practical guide for navigating the complexities […]

State of Agentic AI Security and Governance 1.0 Read Post »

Resources

Securing Agentic Applications Guide 1.0

/ / Resources /

This guide aims to provide practical and actionable guidance for designing, developing, and deploying secure agentic applications powered by large language models (LLMs). It complements the OWASP Agentic AI Threats and Mitigations (ASI T&M) document by focusing on concrete technical recommendations that builders and defenders can apply directly.

Securing Agentic Applications Guide 1.0 Read Post »

Article, Featured

OWASP Agentic AI Taxonomy in Action: From Theory to Tools

/ / Article, Featured / ,

As OWASP’s Agentic Security Initiative (ASI) gains momentum, its impact is already being felt across the AI security landscape. The Agentic AI – Threats and Mitigations taxonomy is now powering real-world developer tools that embed security into the workflows of AI builders and red teams. In this post, we highlight three standout tools—PENSAR, SPLX.AI Agentic Radar, and AI&ME—that are adopting the OWASP ASI taxonomy to help teams test, defend, and build secure agentic systems. This growing ecosystem is also informing the development of the forthcoming OWASP Top 10 for Agentic AI. Join us at DEF CON and Black Hat to help shape what’s next.

OWASP Agentic AI Taxonomy in Action: From Theory to Tools Read Post »

Why MCP Agents Are the Next Cyber Battleground

/

As agentic AI systems transition from conceptual models to real-world deployments, MCP (Model Context Protocol) agents are emerging as a critical interface layer — and the next major attack vector. These autonomous, API-driven actors aren’t just executing tasks; they’re reshaping how LLMs interact with tools, data, and infrastructure across enterprise environments. In this webinar, we’ll

Why MCP Agents Are the Next Cyber Battleground Read Post »

Agentic Open Workshop – Agentic AI Threat Modeling

/

Session 3 of 7 The session delves into agentic threat modeling, emphasizing the vulnerabilities in multi-agent AI architectures. It covers attack scenarios like memory manipulation and tool misuse, illustrating how malicious actors can exploit AI agents to cause financial losses or data breaches. MCP-related threats were also explored, including tool description manipulation, prompt injections, and

Agentic Open Workshop – Agentic AI Threat Modeling Read Post »

Open Agentic Workshop – Insecure Code Examples

/

Session 4 of 7 The session focused on the “Insecure Code Examples” initiative led by Allie Howell, highlighting efforts to identify vulnerabilities in agentic frameworks through hands-on testing and community engagement. The initiative includes a repository of insecure code samples built using frameworks like Langgraph, Autogen, CrewAI, and others. A recent hackathon in New York

Open Agentic Workshop – Insecure Code Examples Read Post »

Open Agentic Workshop – Securing Agentic Apps

/

Session 6 of 7 The session focused on secure agentic applications, led by experts from AWS, Intuit, and Pangea. It outlined a methodology for identifying threats in agentic AI systems, emphasizing development lifecycle stages, key components, architectures, and operational environments. The discussion highlighted key threats such as memory poisoning, tool misuse, and identity spoofing in

Open Agentic Workshop – Securing Agentic Apps Read Post »

OWASP and the OWASP logo are trademarks of the OWASP Foundation, Inc. Unless otherwise specified, all content on the site is Creative Commons Attribution-ShareAlike v4.0 and provided without

warranty of service or accuracy. For more information, please refer to our General Disclaimer.  – Copyright © 2025 OWASP Foundation, Inc.

Scroll to Top