OWASP has published a new report titled “State of Agentic AI Security and Governance v2.01,” providing a comprehensive framework for security teams tasked with managing the fast-growing landscape of autonomous AI agents in production environments.
Reimagining AI Security
The OWASP GenAI Security Project’s Agentic Security Initiative positions AI security as a practical concern, supported by real-world incidents and a robust open-source community focused on agent frameworks and coding agents.
OWASP emphasizes the integration of AI safety and security as systems become autonomous, challenging traditional boundaries where safety and security were managed independently.
The convergence of these disciplines is critical when AI agents autonomously interact with APIs, modify code, and access production data, turning permissive design choices into vulnerabilities.
Strategies for Comprehensive Governance
The report advocates for unified governance, monitoring, and incident response strategies to manage both safety and security failures within agentic systems, moving away from isolated risk taxonomies.
It provides a taxonomy for classifying agentic systems based on their operational roles such as enterprise, client-facing, and infrastructure, as well as their implementation and composition patterns.
OWASP warns of the potential for cross-tenant supply chain risks due to shared AI agent contexts and recommends mapping agent autonomy levels and implementing controls like circuit breakers for high-autonomy deployments.
Insights into High-Velocity Projects
The report includes a survey of high-velocity agentic projects, highlighting key areas where security teams should focus their monitoring efforts.
Projects like Gravitas and n8n, with significant GitHub engagement, are noted for their advancements in autonomous frameworks and orchestration, respectively.
Other projects like Claude Code and Gemini CLI demonstrate rapid growth in coding-agent capabilities and vulnerability discovery, underlining the need for continuous oversight in these areas.
Emerging tools and frameworks such as Zed, OpenHands, and crewAI are also featured for their contributions to semi-autonomous and autonomous agent development.
Future Outlook
OWASP’s report underscores the importance of treating agentic AI as a primary security domain. Organizations are encouraged to maintain an inventory of AI agents, track advisories, and align their security measures with OWASP’s guidelines.
With autonomous agents increasingly integrated into production systems, the report calls for a shift from periodic model assessments to ongoing runtime monitoring and supply chain integrity checks for AI components.
Implementing strong identity controls for non-human actors is crucial to mitigating risks associated with malicious agents and potential attackers.
