OWASP Agentic

OWASP Top 10 for Agentic Applications

Official standard (2025) defining the top 10 security risks for AI agent systems. Published by the OWASP Foundation as part of the Agentic Security Initiative, it establishes the baseline security criteria every organization deploying AI agents should evaluate against.

Published by
OWASP Foundation
Year
2025
Coverage
Brigs provides full coverage of all 10 criteria (ASI01–ASI10) with 13+ controls.

Who needs this

Any organization deploying AI agents — whether internal developer tooling, customer-facing copilots, or autonomous agent pipelines. If your software calls an LLM and takes action on its output, OWASP Agentic applies to you.

Brigs controls mapping

Framework criterionBrigs control(s)
ASI01 — Excessive Agency
AGENT_DATA_EGRESS
ASI02 — Supply Chain Vulnerabilities
AGENT_PR_GATEAGENT_TOOL_ALLOWLIST
ASI03 — Insufficient Access Controls
AGENT_LEAST_PRIVILEGEMCP_LEAST_PRIVILEGE
ASI04 — Insecure Credential Management
DEP_SUPPLY_CHAINMCP_NO_CREDENTIAL_LEAK
ASI05 — Unsafe Code Execution
AGENT_CODE_EXECUTION
ASI06 — Context Poisoning
AGENT_CONTEXT_POISONING
ASI07 — Inter-Agent Communication
AGENT_INTER_AGENT_COMMS
ASI08 — Cascading Failures
AGENT_CASCADING_FAILURES
ASI09 — Insufficient Human Oversight
AGENT_ACTION_GATINGAGENT_PR_GATE
ASI10 — Insufficient Audit Logging
AGENT_AUDIT_LOGGING

Frequently asked questions

What is the OWASP Agentic Top 10?

The OWASP Top 10 for Agentic Applications is a 2025 standard published by the OWASP Foundation that defines the ten most critical security risks for AI agent systems. It covers risks from excessive agency and supply chain vulnerabilities to insufficient audit logging.

How do I comply with OWASP Agentic?

Compliance requires evaluating your AI agent systems against all 10 criteria (ASI01–ASI10). This includes access control, credential management, code execution safety, human oversight, and audit logging. Brigs automates this evaluation across your entire codebase.

Which tools evaluate OWASP Agentic compliance?

Brigs is the first platform with full ASI01–ASI10 coverage. It scans your repositories for agent frameworks (Claude Code, LangChain, CrewAI, AutoGen, MCP) and evaluates each against all 10 OWASP Agentic criteria with automated remediation.

Start evaluating OWASP Agentic compliance

Connect your repositories and get automated OWASP Agentic control evaluation in minutes.

Get Started Free

Sources & citations

OWASP Agentic Security Initiative·OWASP Foundation, 2025