State of Agentic AI Security and Governance

An OWASP white paper analyzing the security, governance, and risk management considerations surrounding agentic AI systems, including autonomous decision-making, tool access, prompt injection, data protection, and organizational oversight. This is version 2.01...

Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It

Over the past several weeks, the cybersecurity community has been reminded how quickly frontier and agentic AI in defense networks can challenge our assumptions. When Anthropic's Claude Mythos model was made available to a limited set of organizations as a technical preview, it was reported that ...

OWASP FinBot CTF 0.2

FinBot is an Agentic AI security CTF platform from OWASP. Interact with AI agents, exploit real vulnerabilities, and learn to secure agentic systems. All from your browser...

Why Agentic AI Is Security's Next Blind Spot

Agentic AI is already running in production environments across many organizations today. It is executing tasks, consuming data, and taking actions — most likely without meaningful involvement from the security team. The industry conversation has largely framed this as a question of policy: allow...

From Stateless Queries to Autonomous Actions: A Layered Security Framework for Agentic AI Systems

Agentic AI systems face security challenges that stateless large language models do not. They plan across extended horizons, maintain persistent memory, invoke external tools, and coordinate with peer agents. Existing security analyses organize threats by attack type prompt injection, jailbreakin...

Deterministic + Agentic AI: The Architecture Exposure Validation Requires

Few technologies have moved from experimentation to boardroom mandate as quickly as AI. Across industries, leadership teams have embraced its broader potential, and boards, investors, and executives are already pushing organizations to adopt it across operational and security functions. Pentera’s...

Foundations for Agentic AI Investigations from the Forensic Analysis of OpenClaw

Agentic Al systems are increasingly deployed as personal assistants and are likely to become a common object of digital investigations. However, little is known about how their internal state and actions can be reconstructed during forensic analysis. Despite growing popularity, systematic forensi...

SoK: The Attack Surface of Agentic AI -- Tools, and Autonomy

Recent AI systems combine large language models with tools, external knowledge via retrieval-augmented generation RAG, and even autonomous multi-agent decision loops. This agentic AI paradigm greatly expands capabilities - but also vastly enlarges the attack surface. In this systematization, we m...

Secure agentic AI end-to-end

Next week, RSAC™ Conference celebrates its 35-year anniversary as a forum that brings the security community together to address new challenges and embrace opportunities in our quest to make the world a safer place for all. As we look towards that milestone, agentic AI is reshaping industries...

Formal Analysis and Supply Chain Security for Agentic AI Skills

The rapid proliferation of agentic AI skill ecosystems -- exemplified by OpenClaw 228,000 GitHub stars and Anthropic Agent Skills 75,600 stars -- has introduced a critical supply chain attack surface. The ClawHavoc campaign January-February 2026 infiltrated over 1,200 malicious skills into the...

Can AI Lower the Barrier to Cybersecurity? A Human-Centered Mixed-Methods Study of Novice CTF Learning

Capture-the-Flag CTF competitions serve as gateways into offensive cybersecurity, yet they often present steep barriers for novices due to complex toolchains and opaque workflows. Recently, agentic AI frameworks for cybersecurity promise to lower these barriers by automating and coordinating...

Intellicise Wireless Networks Meet Agentic AI: A Security and Privacy Perspective

Intellicise Intelligent and Concise wireless network is the main direction of the evolution of future mobile communication systems, a perspective now widely acknowledged across academia and industry. As a key technology within it, Agentic AI has garnered growing attention due to its advanced...

ICYMI: Experts on Experts – Season One Roundup

In 2025, we launched Experts on Experts: Commanding Perspectives as a pilot video series designed to spotlight the ideas shaping cybersecurity, directly from the people driving them. Over five episodes, Rapid7 leaders shared short, candid conversations on topics like agentic AI, MDR ROI,...

ROC vs. CTEM: How a Risk Operations Center Evolves Beyond Continuous Threat Exposure Management in 2026

Key Takeaways: The Essentials of ROC vs. CTEM What is a ROC? A risk operations center ROC is a centralized command hub that unifies cyber risk management across security, IT, and compliance. It uses agentic AI to provide a real-time view of business risk, prioritize what matters, and then automat...

Master-Engine-POC---Proprietary-Agentic-AI-Solution

Master Engine POC - Proprietary Agentic AI Solution !Pyth...

Multi-Agent Collaborative Intrusion Detection for Low-Altitude Economy IoT: An LLM-Enhanced Agentic AI Framework

The rapid expansion of low-altitude economy Internet of Things LAE-IoT networks has created unprecedented security challenges due to dynamic three-dimensional mobility patterns, distributed autonomous operations, and severe resource constraints. Traditional intrusion detection systems designed fo...

Secure Intellicise Wireless Network: Agentic AI for Coverless Semantic Steganography Communication

Semantic Communication SemCom, leveraging its significant advantages in transmission efficiency and reliability, has emerged as a core technology for constructing future intellicise intelligent and concise wireless networks. However, intelligent attacks represented by semantic eavesdropping pose...

AI & Humans: Making the Relationship Work

Leaders of many organizations are urging their teams to adopt agentic AI to improve efficiency, but are finding it hard to achieve any benefit. Managers attempting to add AI agents to existing human teams may find that bots fail to faithfully follow their instructions, return pointless or obvious...

Rethinking Secure Semantic Communications in the Age of Generative and Agentic AI: Threats and Opportunities

Semantic communication SemCom improves communication efficiency by transmitting task-relevant information instead of raw bits and is expected to be a key technology for 6G networks. Recent advances in generative AI GenAI further enhance SemCom by enabling robust semantic encoding and decoding und...

Agentic AI for Autonomous Defense in Software Supply Chain Security: Beyond Provenance to Vulnerability Mitigation

The software supply chain attacks are becoming more and more focused on trusted development and delivery procedures, so the conventional post-build integrity mechanisms cannot be used anymore. The available frameworks like SLSA, SBOM and in toto are majorly used to offer provenance and traceabili...