Infosecurity Europe: OWASP Introduces Agentic AI Security Maturity Framework
The OWASP agentic AI security framework helps organizations assess governance maturity vs adoption and adjust governance as needed
Adoption of new technologies can alter an organisation’s attack surface, requiring security controls, testing, and risk management to change.
Search across headline titles and summaries.
Background for this topic.
Adoption is the extent to which people and organizations begin using a security technology, control, policy, or practice and incorporate it into routine work. In cybersecurity, adoption is more than purchasing or deploying a capability: it includes correct configuration, user participation, and continued use. Examples include enabling multifactor authentication, applying security patches, using secure coding practices, and collecting logs from systems that require monitoring.
Adoption matters because uneven or incomplete use leaves exploitable gaps. A partially deployed authentication control may protect some accounts while others remain exposed; delayed patch adoption can leave known vulnerabilities available to attackers; and missing or poorly configured logging can limit detection and investigation. Practitioners therefore assess coverage, exceptions, configuration quality, and whether controls operate as intended. Training, usable workflows, staged rollout, and measured policy compliance can improve adoption without encouraging insecure workarounds or unnecessary collection of personal data.
The OWASP agentic AI security framework helps organizations assess governance maturity vs adoption and adjust governance as needed
Microsoft Detection and Response Team (DART) details how it has uncovered malicious AI applications as cyber criminals manipulate organizations adopting AI tools
CrowdStrike CEO George Kurtz Says Enterprises Are Seeking Controls for AI AgentsCrowdStrike says enterprise adoption of agentic AI is driving demand for AI Detection and Response, as organizations seek visibility, governance and protection against emerging AI-powered threats, non-human identities and expanding autonomous workloads.
AI-powered attacks and shadow AI adoption are creating new security risks inside the browser. Push Security explains why browser visibility is becoming critical for both threat detection and AI governance. [...]
Most organizations now recognize that endpoint protection alone is no longer sufficient