Join us in London, 6/2 – 6/4 InfoSecurity Europe – OWASP GenAI and Agentic Security Summit

|

Register Now!

Agentic Security

Agentic Open Workshop – Agentic Threat Modeling Framework

/

Session 4 of 7 The sessions collectively addressed agentic AI threat modeling, focusing on vulnerabilities in multi-agent systems across various platforms, including Palo Alto Networks, Cisco, and the Maestro framework.  Key topics included memory manipulation, tool misuse, and identity misconfigurations, with specific attack scenarios illustrating how malicious actors can manipulate agents to perform unauthorized actions, […]

Agentic Open Workshop – Agentic Threat Modeling Framework Read Post »

Open Agentic Workshop – Agentic Landscape

/

Session 7 of 7 The session on the Agentic AI Security Landscape Report outlined its structure and objectives, targeting CSOs, AI developers, security researchers, and policymakers. The report is divided into four pillars: regulatory context, incident analysis, solutions ecosystem, and future trends. It emphasizes the rapidly evolving landscape of agentic AI, the challenges of fragmented

Open Agentic Workshop – Agentic Landscape Read Post »

Agentic Security Open Workshop – Agentic AI Threats and Mitigations

/

Session 2 of 7 The session outlines a fictional case study involving “Finbot,” an AI finance assistant that was manipulated through prompt injection attacks, leading to fraudulent payments and data breaches. The presentation highlights how attackers poisoned Finbot’s memory, manipulated tools to execute unauthorized actions, and exploited identity misconfigurations to escalate privileges. It underscores the

Agentic Security Open Workshop – Agentic AI Threats and Mitigations Read Post »

Resources, Publications

Agent Name Service (ANS) for Secure Al Agent Discovery v1.0

/ / Resources, Publications

The Agent Name Service (ANS), developed under the OWASP GenAI Security Project – Agentic Security Initiative, introduces a secure, DNS-inspired framework for AI agent discovery. ANS leverages Public Key Infrastructure (PKI) for identity verification, structured JSON schemas for communication, and a protocol adapter layer supporting A2A, MCP, and ACP protocols. The architecture defines a comprehensive

Agent Name Service (ANS) for Secure Al Agent Discovery v1.0 Read Post »

Agentic Security Open Workshop – Introduction

/

Session 1 of 7 The introductory session for the Agentic Workshop outlines the objectives and structure of the Agentic Security Initiative (ASI), emphasizing the importance of community engagement and practical application. Led by project co-leads, the session introduces the initiative’s focus on identifying agentic AI threats, developing security guidelines, and providing practical tools for threat

Agentic Security Open Workshop – Introduction Read Post »

Events

Recap from OWASP Gen AI Security Project’s – NYC Insecure Agents Hackathon

/ / Events /

Creating an insecure agent is surprisingly easy. There are new tools and frameworks available that make creating AI Agents relatively simple. However, AI Agents are prone to several threats outlined in the recent Agentic AI – Threats and Mitigations guide that was released in February. The OWASP Gen AI Security Project’s recently put on a hackathon in NYC with the goal of building insecure agents. In this blog post we recap the event and the most common security findings we saw from the submissions.

Recap from OWASP Gen AI Security Project’s – NYC Insecure Agents Hackathon Read Post »

Publications

Multi-Agentic system Threat Modeling Guide v1.0

/ / Publications /

This guide builds on the OWASP Agentic AI – Threats and Mitigations publication, our master agentic threat taxonomy, by applying its threat taxonomy to real-world multi-agent systems (MAS). These systems, characterized by multiple autonomous agents coordinating to achieve shared or distributed goals, introduce additional complexity and new attack surfaces.

Multi-Agentic system Threat Modeling Guide v1.0 Read Post »

Article

Securing AI’s New Frontier: The Power of Open Collaboration on MCP Security

/ / Article / ,

As AI systems begin interacting with live tools and data via the Model Context Protocol (MCP), new security risks emerge that traditional approaches can’t fully address. This post summarizes key insights from the OWASP GenAI Security Project’s latest research on securing MCP, offering practical, defense-in-depth strategies to help developers and defenders build safer agentic AI applications in real time.

Securing AI’s New Frontier: The Power of Open Collaboration on MCP Security Read Post »

Uncategorized

Insecure Agent Samples

/ / Uncategorized

GenAI Project – Agentic Security Initiative (ASI) – Insecure Agent Samples   Warning   The sample applications here are deliberately insecure to demonstrate Agent security risks. Please exercise caution when deploying in your environment. Objective   We aim to demonstrate security risks in well-known Agentic AI (also known as Agents) frameworks, particularly how Agent misconfigurations

Insecure Agent Samples Read Post »

OWASP and the OWASP logo are trademarks of the OWASP Foundation, Inc. Unless otherwise specified, all content on the site is Creative Commons Attribution-ShareAlike v4.0 and provided without

warranty of service or accuracy. For more information, please refer to our General Disclaimer.  – Copyright © 2025 OWASP Foundation, Inc.

Scroll to Top