In this episode, we sit down with Ken Huang, a core architect behind modern AI security standards, to discuss the revolutionary challenges posed by agentic AI systems. Ken, who chairs the OWASP AIVSS project and co-chairs the AI safety working groups at the Cloud Security Alliance, breaks down how security professionals are writing the rulebook for a future driven by autonomous agents.
Key Takeaways
- AIVSS for Non-Deterministic Risk: The OWASP AIVSS project aims to provide a quantitative measure for core agent AI risks by applying an agent AI risk factor on top of CVSS, specifically addressing the autonomy and non-deterministic nature of AI agents.
- Need for Task-Scoped IAM: Traditional OAuth and SAML are inadequate for agentic systems because they provide coarse-grained, session-scoped access control. New authentication standards must be task-scoped, dynamically removing access once a specific task is complete, and driven by verifying the agent’s intent.
- A2A Security Requires New Protocols: Agent-to-Agent communication (A2A) introduces security issues beyond traditional API security (like BOLA). New systems must utilize protocols for Agent Capability Discovery and Negotiation—validated by digital signatures—to ensure the trustworthiness and promised quality of service from interacting agents.
- Goal Manipulation is a Critical Threat: Sophisticated attacks often utilize context engineering to execute goal manipulation against agents. These attacks include gradually shifting an agent's objective (crescendo attack), using prompt injection to force the agent to expose secrets (malicious goal expansion), and forcing endless processing loops (exhaustion loop/denial of wallet).
Tune in for a deep dive!
Contacting Ken
* LinkedIn: https://www.linkedin.com/in/kenhuang8/
* Company Website: https://distributedapps.ai/
* Substack: https://kenhuangus.substack.com/
* Paper (Agent Capability Negotiation and Binding Protocol): https://arxiv.org/abs/2506.13590
* Book (Securing AI Agents): https://www.amazon.com/Securing-Agents-Foundations-Frameworks-Real-World/dp/3032021294
* AIVSS: https://aivss.owasp.org/
Contacting Anshuman
* LinkedIn: https://www.linkedin.com/in/anshumanbhartiya/
* X: https://x.com/anshuman_bh
* Website: https://anshumanbhartiya.com/
* Instagram: https://www.instagram.com/anshuman.bhartiya
Contacting Sandesh
* LinkedIn: https://www.linkedin.com/in/anandsandesh/
* X: https://x.com/JubbaOnJeans
* Website: https://boringappsec.substack.com/
