layout: central

Top 10 AI Agent Security and Governance Controls (Based on OWASP)

ASI01. Agent Goal Hijack

Runtime enforcement & guardian agents

Observability, audit trails & explainability

Policy-as-code, escalation rules & HITL frameworks

Continuous security testing & adversarial evaluation


ASI02. Tool Misuse & Exploitation

Runtime enforcement & guardian agents

Ephemeral execution & environment isolation (sandboxing)

[AI Agent Sandboxing and Isolation 👍

Continuous security testing & adversarial execution


ASI03. Identity & Privilege Abuse

Agent discovery & inventory (continuous)

Treat agents as first-class identities (Traditional IAM will not work, least privilege, JIT)

Scoped data access & information governance

Policy-as-code, escalation rules & HITL frameworks


ASI04: Agentic Supply Chain Vulnerabilities

Secure supply chain & model integrity

Continuous security testing & adversarial evaluation


ASI05: Unexpected Code Execution (RCE)

Ephemeral execution & environment isolation

Runtime enforcement & guardian agents

Continuous security testing & adversarial evaluation


ASI06: Memory & Context Poisoning

Scoped data access & information governance

Observability, audit trails & explainability

[How to explain Accuracy vs Explainability to CTOs and CIOs


ASI07: Insecure Inter-Agent Communication

Runtime enforcement & guardian agents

Observerability & audit trails


ASI08: Cascading Failures

Runtime enforcement & guardian agents

Observerability & audit trails


ASI09: Human-agent trust exploitation

Scoped data access & information governance

Policy-as-code, escalation rules & HITL frameworks

FinOps, metering & governance for cost-risk transparency


ASI10: Rogue Agents

Agent discovery & inventory (continuous)

Treat agents as first-class identities (privilege boundaries)

Runtime enforcement & guardian agents

Ephemeral execution & environment isolation