The OWASP AIBOM Generator is an open-source tool designed to enhance AI supply chain transparency and security by generating AI Bills of Materials (AIBOMs) — also known as AI Software Bills of Materials (AI SBOMs), ML-BOMs, or SBOMs for AI. The tool supports AI models hosted on Hugging Face and produces output in CycloneDX format, […]
OWASP AIBOM Generator Read Post »
The OWASP Top 10 for Agentic Applications 2026 is a globally peer-reviewed framework that identifies the most critical security risks facing autonomous and agentic AI systems. Developed through extensive collaboration with more than 100 industry experts, researchers, and practitioners, the list provides practical, actionable guidance to help organizations secure AI agents that plan, act, and make decisions across complex workflows. By distilling a broad ecosystem of OWASP GenAI Security guidance into an accessible, operational format, the Top 10 equips builders, defenders, and decision-makers with a clear starting point for reducing agentic AI risks and supporting safe, trustworthy deployments.
OWASP Top 10 for Agentic Applications for 2026 Read Post »
Explore the OWASP Agentic AI CTF through a hands-on walkthrough of the FinBot demo. This session highlights the “goal manipulation” challenge, revealing how attackers can exploit agentic AI systems and showcasing strategies to identify and defend against these advanced threats. FinBot is part of the OWASP GenAI Security Project’s Agentic Security Initiative, created to equip
Agentic AI Capture The Flag (CTF) – FinBot DEMO: Goal Manipulation Read Post »
The OWASP Gen AI Security Project – Agentic Security Initiative, brought together community members, experts and contributors virtually and in 4 location around the globe (London, Las Vegas – Black Hat, Athens, and TelAviv to kick-off work of refining the OWASP Agentic Threats and Mitigations, to begin to distil into a prioritized OWASP Top 10
OWASP AI Agentic Top 10 Project Kick-off – Global Livestream Read Post »
As agentic AI systems transition from conceptual models to real-world deployments, MCP (Model Context Protocol) agents are emerging as a critical interface layer — and the next major attack vector. These autonomous, API-driven actors aren’t just executing tasks; they’re reshaping how LLMs interact with tools, data, and infrastructure across enterprise environments. In this webinar, we’ll
Why MCP Agents Are the Next Cyber Battleground Read Post »
warranty of service or accuracy. For more information, please refer to our General Disclaimer. – Copyright © 2025 OWASP Foundation, Inc.