- GEN AI SECURITY
- Initiatives
Agentic Security Initiative
Securing autonomous agents and multi-step AI workflows
The Agentic Security Research Initiative explores the emerging security implications of agentic systems, particularly those utilizing advanced frameworks (e.g., LangGraph, AutoGPT, CrewAI) and novel capabilities like Llama 3’s agentic features.
Resource Links:
- #team-genai-agentic-security-initiative
- GEN AI SECURITY
- Initiatives
Gen AI Data Security
The GenAI Data Security Initiative for AI & Agentic applications is a focused workstream within the OWASP GenAI Security Project dedicated to securing data across the full lifecycle of generative and agentic AI systems. It addresses the unique security challenges introduced when LLMs, RAG pipelines, embeddings, vector stores, tool integrations, and autonomous agents aggregate and act on data across multiple trust domains.
GenAI systems introduce a fundamental architectural shift: system prompts, user inputs, retrieved documents (RAG), tool outputs, embeddings, and agent memory are aggregated into a single context window without internal access controls. This fusion of trust domains creates new categories of data exposure, integrity risk, identity sprawl, and governance failure that traditional data security frameworks were not designed to address
GEN AI SECURITY Initiatives The GenAI Data Security Initiative for AI & Agentic applications is a focused workstream within the OWASP GenAI Security Project dedicated to securing data across the full lifecycle of generative and agentic AI systems. It addresses the unique security challenges introduced when LLMs, RAG pipelines, embeddings, vector stores, tool integrations, and […]
Resource Links:
- #team-genai-agentic-security-initiative
What’s New
AI Security Solutions Landscape for Agentic AI Q2 2026
The Solutions Landscape monitors and maps the full Agentic AI lifecycle, focusing on the DevOps–SecOps intersection to meet evolving security needs. Guided by the Agentic AI
A Practical Guide for Secure MCP Server Development
A Practical Guide for Secure MCP Server Development provides actionable guidance for securing Model Context Protocol (MCP) servers—the critical connection point between AI assistants and external
OWASP Top 10 for Agentic Applications for 2026
The OWASP Top 10 for Agentic Applications 2026 is a globally peer-reviewed framework that identifies the most critical security risks facing autonomous and agentic AI systems.
CheatSheet – A Practical Guide for Securely Using Third-Party MCP Servers 1.0
The Practical Guide for Securely Using Third-Party MCP Servers from the OWASP GenAI Security Project provides a detailed framework for safely deploying and managing external Model
FinBot Agentic AI Capture The Flag (CTF) Application
FinBot is part of the OWASP GenAI Security Project’s Agentic Security Initiative, created to equip builders and defenders with hands-on tools for understanding and mitigating agentic
AI Security Solutions Landscape for Agentic AI Q3 2025
The Solutions Landscape monitors and maps the full Agentic AI lifecycle, focusing on the DevOps–SecOps intersection to meet evolving security needs. Guided by the Agentic AI
- Project
GenAI Security Agentic Security Summit, Europe – Livestream
- OWASP GenAI Security Project
- Audience - All
- Topics - Agentic Security
- Events
The State Of Agentic AI Security: Risks, Governance, and Global Regulation
- Keren Katz, Rock Lambros,
- OWASP Generative AI Security Project
- Audience - All
- Topics - Agentic Security
- Training
Agentic AI Capture The Flag (CTF) – FinBot DEMO: Goal Manipulation
- Helen Oakley,
- Audience - Practitioners, Developers, AI/Data Scientists
- Topics - Agentic Security
- Events
OWASP AI Agentic Top 10 Project Kick-off – Global Livestream
- John Sotiropoulos, Agentic Security Co-Lead,
- OWASP GenAI Security Project
- Audience - Architects, Practitioners, Developers, AI/Data Scientists
- Topics - Agentic Security
- Webinar
Why MCP Agents Are the Next Cyber Battleground
- Akram Ageriff, Ophir Dror, Or Oxenberg, Jason Ross,
- OWASP GenAI Security Project
- Audience - Practitioners, Developers, AI/Data Scientists, Architects
- Topics - Agentic Security
- Events
Agentic Open Workshop – Agentic AI Threat Modeling
- OWASP GenAI Security Project
- Audience - All
- Topics - Agentic Security
OWASP Agentic AI Taxonomy in Action: From Theory to Tools
As OWASP’s Agentic Security Initiative (ASI) gains momentum, its impact is already being felt across the AI security landscape. The Agentic AI – Threats and Mitigations
Recap from OWASP Gen AI Security Project’s – NYC Insecure Agents Hackathon
Creating an insecure agent is surprisingly easy. There are new tools and frameworks available that make creating AI Agents relatively simple. However, AI Agents are prone
Securing AI’s New Frontier: The Power of Open Collaboration on MCP Security
As AI systems begin interacting with live tools and data via the Model Context Protocol (MCP), new security risks emerge that traditional approaches can’t fully address.
Announcing the OWASP LLM and Gen AI Security Project Initiative for Securing Agentic Applications
The OWASP Foundation is thrilled to announce the launch of the Agentic Security Initiative from the LLM and Generative AI Security Project to tackle the unique
Get Started
Quick access to meetings and collaboration groups
Day of the Week
Mondays
12:00 PM (EST)
Open Meeting – Gen AI Data Security Working Group
Every other Monday (Starting Feb 23)
Add to Calendar
- Outlook
Day of the Week
Mondays
12:00 PM (EST)
OWASP Gen AI Data Security
Every other Monday (Starting Feb 23)
Add to Calendar
- Outlook
Related Sub-groups and Slack Channels
| Slack Channel Sub-Groups | Slack Channels |
|---|---|
| Securring Agentic Apps Working Group | #team-genai-asi-securing-agentic-apps-guide |
| Agentic State of the Market Working Group | #team-genai-agentic-landscape-report |
| Agentic Emerging Topics and Research | #team-genai-agentic-research |
| Cheatsheet Development Working Group | #team-genai-asi-cheatsheets |
| Securring Agentic Apps Working Group | #team-genai-asi-securing-agentic-apps-guide |
| Initiative Related Slack Channels Group | Initiative Related Slack Channels Channel |
|---|---|
| Securring Agentic Apps Working Group | #team-genai-asi-securing-agentic-apps-guide |
| Agentic State of the Market Working Group | #team-genai-agentic-landscape-report |
| Agentic Emerging Topics and Research | #team-genai-agentic-research |
| Cheatsheet Development Working Group | #team-genai-asi-cheatsheets |
| Securing Agentic Applications Guide | #team-genai-asi-securing-agentic-apps-guide |
| Sub-initiative slack channel reverence for FinBot CTF | #team-genai-asi-finbot |
Initiative Experts Review Group
| Group Name | Group Title | Group Companyaffiliation | Group Profile Link |
|---|---|---|---|
| Hyrum Anderson | Sr. Director of Engineering, AI | Cisco | https://www.linkedin.com/in/hyrumanderson/ |
| Pete Bryan | Principal AI Security Research Lead- AI Red Team | Microsoft | https://www.linkedin.com/in/pete-bryan-77588473/ |
| Michael Bargury | Co-Founder and CTO | Zenity | https://www.linkedin.com/in/michaelbargury/ |
| Scott Clinton | Founder | SCVentures | https://www.linkedin.com/in/scottjclinton/ |
| Josh Collyer | Principal Researcher - AI SecurityPrincipal Researcher - AI Security | Alan Turing Institute | https://www.linkedin.com/in/joshcollyer/ |
| Dan Jones | Researcher AI Red Teaming | Microsoft | https://www.linkedin.com/in/daniel-jones-429418ba/ |
| Vasilios Mavroudis | Principal Research Scientist | Alan Turing Institute | https://www.linkedin.com/in/mavroudisv/ |
| Egor Pushkin | Chief Architect, Data and AI at Oracle Cloud | Oracle | https://www.linkedin.com/in/egorpushkin/ |
| Alejandro Saucedo | Director of Engineering, Applied Science | Zalando | https://www.linkedin.com/in/axsaucedo/ |
| Apostol Vassilev | Research Team Supervisor - Adversarial AI | National Institute of Standards and Technology (NIST) | https://www.linkedin.com/in/avassilev/ |
| Steve Wilson | Chief Product Officer | Exabeam | https://www.linkedin.com/in/wilsonsd/ |
| Initiative Experts Group Name | Initiative Experts Group Title | Initiative Experts Group Companyaffiliation | Initiative Experts Group Profile Link |
|---|---|---|---|
| Hyrum Anderson | Sr. Director of Engineering, AI | Cisco | https://www.linkedin.com/in/hyrumanderson/ |
| Pete Bryan | Principal AI Security Research Lead- AI Red Team | Microsoft | https://www.linkedin.com/in/pete-bryan-77588473/ |
| Michael Bargury | Co-Founder and CTO | Zenity | https://www.linkedin.com/in/michaelbargury/ |
| Scott Clinton | Founder | SCVentures | https://www.linkedin.com/in/scottjclinton/ |
| Josh Collyer | Principal Researcher - AI SecurityPrincipal Researcher - AI Security | Alan Turing Institute | https://www.linkedin.com/in/joshcollyer/ |
| Dan Jones | Researcher AI Red Teaming | Microsoft | https://www.linkedin.com/in/daniel-jones-429418ba/ |
| Vasilios Mavroudis | Principal Research Scientist | Alan Turing Institute | https://www.linkedin.com/in/mavroudisv/ |
| Egor Pushkin | Chief Architect, Data and AI at Oracle Cloud | Oracle | https://www.linkedin.com/in/egorpushkin/ |
| Alejandro Saucedo | Director of Engineering, Applied Science | Zalando | https://www.linkedin.com/in/axsaucedo/ |
| Apostol Vassilev | Research Team Supervisor - Adversarial AI | National Institute of Standards and Technology (NIST) | https://www.linkedin.com/in/avassilev/ |
| Steve Wilson | Chief Product Officer | Exabeam | https://www.linkedin.com/in/wilsonsd/ |
Community of Contributors
Explore a global network of volunteers improving evaluations, patterns, and defenses for autonomous systems.
