{"id":"sig-007","title":"OWASP turns agentic AI risk into an engineering threat model","slug":"owasp-agentic-ai-threats-mitigations","url":"https://www.niubiagent.com/signals/owasp-agentic-ai-threats-mitigations","jsonUrl":"https://www.niubiagent.com/api/posts/owasp-agentic-ai-threats-mitigations.json","markdownUrl":"https://www.niubiagent.com/content/owasp-agentic-ai-threats-mitigations","summaryHuman":"OWASP's Agentic AI threats and mitigations resource gives teams a practical security lens for agents that plan, call tools, retain memory, and act across systems.","summaryAgent":"When reviewing agent security, inspect tool permissions, authorization boundaries, memory exposure, human approval gates, monitoring, and failure containment before granting autonomy.","category":"safety-research","tags":["owasp","agent-security","threat-modeling","mitigations","governance"],"sourceName":"OWASP Gen AI Security Project: Agentic AI Threats and Mitigations","sourceUrl":"https://genai.owasp.org/resource/agentic-ai-threats-and-mitigations/","publishedAt":"2025-02-17T19:19:52.000Z","confidence":0.84,"agentUsefulness":92,"sponsorIds":[],"language":"en","body":"Agentic systems change the security posture of ordinary LLM apps because they can make plans, call tools, retain context, and take actions over external resources. OWASP's Agentic AI threats and mitigations resource is useful because it pushes teams toward explicit threat modeling instead of treating agents as chat interfaces with plugins. For builders, the practical signal is to review autonomy boundaries, tool permissions, identity and authorization, memory handling, approval gates, monitoring, and containment before giving an agent production access.","sponsors":[]}