- GEN AI SECURITY
- Getting Started
- Resources
Resources Library
Get the latest on the Top 10 for LLMs and Generative AI application security developments from OWASP and InfoSec publications. Discover how leaders in tech are leveraging the projects resources to build trustworthy and secure generative AI applications.
Subscribe with RSS to keep up with the latest from the community.
OWASP Top 10 for Agentic Applications for 2026
CheatSheet – A Practical Guide for Securely Using Third-Party MCP Servers 1.0
The Practical Guide for Securely Using Third-Party MCP Servers from the OWASP GenAI Security Project provides a detailed framework for safely deploying and managing external Model Context Protocol (MCP) servers. It outlines the unique security
FinBot Agentic AI Capture The Flag (CTF) Application
FinBot is part of the OWASP GenAI Security Project’s Agentic Security Initiative, created to equip builders and defenders with hands-on tools for understanding and mitigating agentic AI risks. FinBot is an Agentic Security Capture The
AI Security Solutions Landscape for Agentic AI Q3 2025
The Solutions Landscape monitors and maps the full Agentic AI lifecycle, focusing on the DevOps–SecOps intersection to meet evolving security needs. Guided by the Agentic AI Threats and Mitigations guide and SecOps tasks, it highlights
OWASP Gen AI – Agentic Security Top 10 Global Kickoff Presentation
The OWASP Gen AI Security Project – Agentic Security Initiative, brought together community members, experts and contributors virtually and in 4 location around the globe (London, Las Vegas – Black Hat, Athens, and TelAviv to
State of Agentic AI Security and Governance 1.0
The State of Agentic AI Security and Governance provides a comprehensive view of today’s landscape for securing and governing autonomous AI systems. It explores the frameworks, governance models, and global regulatory standards shaping responsible Agentic
Securing Agentic Applications Guide 1.0
This guide aims to provide practical and actionable guidance for designing, developing, and deploying secure agentic applications powered by large language models (LLMs). It complements the OWASP Agentic AI Threats and Mitigations (ASI T&M) document
Agent Name Service (ANS) for Secure Al Agent Discovery v1.0
The Agent Name Service (ANS), developed under the OWASP GenAI Security Project – Agentic Security Initiative, introduces a secure, DNS-inspired framework for AI agent discovery. ANS leverages Public Key Infrastructure (PKI) for identity verification, structured
Multi-Agentic system Threat Modeling Guide v1.0
This guide builds on the OWASP Agentic AI – Threats and Mitigations publication, our master agentic threat taxonomy, by applying its threat taxonomy to real-world multi-agent systems (MAS). These systems, characterized by multiple autonomous agents
Insecure Agent Samples
GenAI Project – Agentic Security Initiative (ASI) – Insecure Agent Samples Warning The sample applications here are deliberately insecure to demonstrate Agent security risks. Please exercise caution when deploying in your environment. Objective
OWASP Gen AI Security Project – Agentic Threats Navigator
The Agentic Threats Navigator is a guide that outlines key attack surfaces in agentic AI systems, including reasoning, memory, tools, identity, human oversight, and multi-agent interactions. It provides threats and examples to help security teams
Agentic AI – Threats and Mitigations
Agentic AI represents an advancement in autonomous systems, increasingly enabled by large language models (LLMs) and generative AI. While agentic AI predates modern LLMs, their integration with generative AI has significantly expanded their scale, capabilities,
