Interest and participation in the OWASP GenAI Security Project has exploded over the last two years. Steve Wilson explains why it was important for the project to grow beyond just a Top Ten list and address more audiences than just developers. He also talks about how the growth of AI Agents influences the areas that […]
Inside the OWASP GenAI Security Project – Steve Wilson Read Post »
This week, we chat with Scott Clinton, board member and co-chair of the OWASP GenAI Security Project. This project has become a massive organization within OWASP with hundreds of volunteers and thousands of contributors. This team has been cranking out new tools, reports and guidance for practitioners month after month for over a year now.
The GenAI Security Project’s Threat Defense COMPASS consolidates AI threats, vulnerabilities, defenses, and mitigations into a unified AI Threat Resilience Strategy Dashboard. COMPASS enables organizations to evaluate everything from external adversaries using AI tools to internal deployments of Microsoft Copilot, Google Gemini, and proposed GenAI or Agentic projects. Designed for iterative use, COMPASS serves as
Introduction – OWASP GenAI Security Project – Threat Defense COMPASS Read Post »
Explore the OWASP Agentic AI CTF through a hands-on walkthrough of the FinBot demo. This session highlights the “goal manipulation” challenge, revealing how attackers can exploit agentic AI systems and showcasing strategies to identify and defend against these advanced threats. FinBot is part of the OWASP GenAI Security Project’s Agentic Security Initiative, created to equip
Agentic AI Capture The Flag (CTF) – FinBot DEMO: Goal Manipulation Read Post »
The OWASP Gen AI Security Project – Agentic Security Initiative, brought together community members, experts and contributors virtually and in 4 location around the globe (London, Las Vegas – Black Hat, Athens, and TelAviv to kick-off work of refining the OWASP Agentic Threats and Mitigations, to begin to distil into a prioritized OWASP Top 10
OWASP AI Agentic Top 10 Project Kick-off – Global Livestream Read Post »
As agentic AI systems transition from conceptual models to real-world deployments, MCP (Model Context Protocol) agents are emerging as a critical interface layer — and the next major attack vector. These autonomous, API-driven actors aren’t just executing tasks; they’re reshaping how LLMs interact with tools, data, and infrastructure across enterprise environments. In this webinar, we’ll
Why MCP Agents Are the Next Cyber Battleground Read Post »
Session 3 of 7 The session delves into agentic threat modeling, emphasizing the vulnerabilities in multi-agent AI architectures. It covers attack scenarios like memory manipulation and tool misuse, illustrating how malicious actors can exploit AI agents to cause financial losses or data breaches. MCP-related threats were also explored, including tool description manipulation, prompt injections, and
Agentic Open Workshop – Agentic AI Threat Modeling Read Post »
Session 4 of 7 The session focused on the “Insecure Code Examples” initiative led by Allie Howell, highlighting efforts to identify vulnerabilities in agentic frameworks through hands-on testing and community engagement. The initiative includes a repository of insecure code samples built using frameworks like Langgraph, Autogen, CrewAI, and others. A recent hackathon in New York
Open Agentic Workshop – Insecure Code Examples Read Post »
Session 6 of 7 The session focused on secure agentic applications, led by experts from AWS, Intuit, and Pangea. It outlined a methodology for identifying threats in agentic AI systems, emphasizing development lifecycle stages, key components, architectures, and operational environments. The discussion highlighted key threats such as memory poisoning, tool misuse, and identity spoofing in
Open Agentic Workshop – Securing Agentic Apps Read Post »
Session 4 of 7 The sessions collectively addressed agentic AI threat modeling, focusing on vulnerabilities in multi-agent systems across various platforms, including Palo Alto Networks, Cisco, and the Maestro framework. Key topics included memory manipulation, tool misuse, and identity misconfigurations, with specific attack scenarios illustrating how malicious actors can manipulate agents to perform unauthorized actions,
Agentic Open Workshop – Agentic Threat Modeling Framework Read Post »
