Session 3 of 7 The session delves into agentic threat modeling, emphasizing the vulnerabilities in multi-agent AI architectures. It covers attack scenarios like memory manipulation and tool misuse, illustrating how malicious actors can exploit AI agents to cause financial losses or data breaches. MCP-related threats were also explored, including tool description manipulation, prompt injections, and

Session 4 of 7 The session focused on the “Insecure Code Examples” initiative led by Allie Howell, highlighting efforts to identify vulnerabilities in agentic frameworks through hands-on testing and community engagement. The initiative includes a repository of insecure code samples built using frameworks like Langgraph, Autogen, CrewAI, and others. A recent hackathon in New York

Session 6 of 7 The session focused on secure agentic applications, led by experts from AWS, Intuit, and Pangea. It outlined a methodology for identifying threats in agentic AI systems, emphasizing development lifecycle stages, key components, architectures, and operational environments. The discussion highlighted key threats such as memory poisoning, tool misuse, and identity spoofing in

Session 4 of 7 The sessions collectively addressed agentic AI threat modeling, focusing on vulnerabilities in multi-agent systems across various platforms, including Palo Alto Networks, Cisco, and the Maestro framework.  Key topics included memory manipulation, tool misuse, and identity misconfigurations, with specific attack scenarios illustrating how malicious actors can manipulate agents to perform unauthorized actions,

Session 7 of 7 The session on the Agentic AI Security Landscape Report outlined its structure and objectives, targeting CSOs, AI developers, security researchers, and policymakers. The report is divided into four pillars: regulatory context, incident analysis, solutions ecosystem, and future trends. It emphasizes the rapidly evolving landscape of agentic AI, the challenges of fragmented

Session 2 of 7 The session outlines a fictional case study involving “Finbot,” an AI finance assistant that was manipulated through prompt injection attacks, leading to fraudulent payments and data breaches. The presentation highlights how attackers poisoned Finbot’s memory, manipulated tools to execute unauthorized actions, and exploited identity misconfigurations to escalate privileges. It underscores the

Session 1 of 7 The introductory session for the Agentic Workshop outlines the objectives and structure of the Agentic Security Initiative (ASI), emphasizing the importance of community engagement and practical application. Led by project co-leads, the session introduces the initiative’s focus on identifying agentic AI threats, developing security guidelines, and providing practical tools for threat