OWASP Launches Agentic Security Research Council at Infosecurity Europe

The OWASP Agentic Security Research Council made its official debut at Infosecurity Europe, marking a significant step toward bridging the gap between academic research and real-world operational needs in the field of agentic AI security. This new initiative is designed to ensure that theoretical advances in AI safety translate directly into practical, deployable solutions for organizations facing growing threats from autonomous systems.

The council’s primary mission is to foster collaboration between researchers, industry practitioners, and security professionals. By aligning academic insights with the practical challenges of securing agentic AI, OWASP aims to produce actionable guidance that addresses vulnerabilities in autonomous decision-making, tool use, and multi-agent coordination. This is especially critical as enterprises increasingly deploy AI agents that act independently, raising new risk vectors around prompt injection, privilege escalation, and unintended behavior.

At the launch, OWASP emphasized that the council will prioritize open-source frameworks, standardized testing methodologies, and real-world case studies. The goal is not just to identify problems but to deliver concrete tools that security teams can implement immediately. Early focus areas include agent identity management, sandboxing strategies, and audit logging for agent actions.

This initiative comes at a time when many organizations struggle to keep pace with the rapid evolution of autonomous AI systems. Traditional security models often fail to account for the dynamic, context-aware nature of agents, leaving gaps that attackers can exploit. OWASP’s council intends to fill that void by producing peer-reviewed research, practical playbooks, and community-driven best practices.

By grounding its work in both academic rigor and operational reality, the Agentic Security Research Council positions itself as a crucial resource for any organization adopting agentic AI. Its success will depend on how effectively it can translate complex research into clear, actionable security measures that scale across industries.