OWASP to Unveil New Agentic Research Council Aiming to Bridge AI and Security Gaps
The Open Web Application Security Project (OWASP) is set to make a significant announcement regarding the establishment of the Agentic Research Council on June 4, 2026, during Infosecurity Europe. This initiative is intended to create a coordinated effort focused on addressing the widening gap between the rapidly advancing capabilities of agentic artificial intelligence (AI) and the traditional timelines of security research. The Council’s formation is a continuation of OWASP’s GenAI Security Project and the Agentic Security Initiative, both of which were instrumental in developing widely recognized Top 10 guidelines for securing large language models (LLMs).
John Sotiropoulos, who serves as the co-lead of this initiative, articulated the Council’s vision as one that is expert-driven yet community-oriented. Its main objective is to align research priorities with the pressing operational needs of security professionals in the field. By bringing together a diverse array of stakeholders, including academia, industry players, government entities, and policymakers, the Council aims to facilitate global collaboration. This collective effort will accelerate the transference of academic research into practical safeguards that can be implemented effectively in real-world scenarios.
To achieve these goals, the Council will maintain a public pipeline of research topics, regularly convene working groups, and sponsor doctoral research that is attuned to the needs of practitioners. The initiative seeks to formalize and enhance the linkage between academic discoveries and operational realities. This approach is critical in ensuring that emerging research does not remain detached or lag behind evolving threats. During discussions, Sotiropoulos emphasized that the Council serves to complement existing OWASP efforts rather than replace them, thereby contributing to a broader organizational mission.
A primary technical concern in crafting this initiative lies in the speed at which AI agents operate and interact. These agents are capable of acting at machine speed, rendering traditional governance models that focus on development insufficient. The first research area the Council plans to tackle centers around multi-agent security. This aspect will explore the risks associated with composability when agents interact, not just among themselves but also in discovering new tools and assembling dynamic toolchains.
A preprint paper that surfaced on arXiv on April 29 makes the compelling case that it is no longer sufficient to analyze the behavior of AI agents in isolation. The interactions between multiple agents can lead to emergent behaviors that generate attack surfaces that remain invisible during the design phase. Sotiropoulos has warned that conventional human-in-the-loop assumptions are increasingly being challenged by the realities of multi-agent configurations, which he likens to drone swarms requiring simultaneous responses from a multitude of agents.
The security ramifications of these developments transcend mere technical architecture, impacting fundamental incident response strategies and models for attribution. Sotiropoulos argues that the cybersecurity community must transition from human-in-the-loop validation processes to a framework where humans are on the loop, overseeing agent activities. This change necessitates the introduction of agent-level policy monitors, reducing reliance on slower, human-centered review cycles. The shortening of time-to-impact for vulnerabilities makes it imperative for organizations to adopt runtime governance and observability aimed at monitoring agent interactions and behaviors adeptly.
Sotiropoulos compellingly compares the transformative effect of agentic AI on cybersecurity to the changes brought about by drones in kinetic warfare. He illustrates how agentic capabilities are democratizing tools and technologies that once required expensive and complex setups, thereby reshaping the landscape of cybersecurity.
In tandem with the Council’s announcement, OWASP plans to publish a supplementary paper titled "The State of Agentic AI and Governance" on June 1. This document will provide an overview of adoption patterns, governance models, and relevant regulatory considerations. Additionally, it will feature a practical maturity and risk-tiering framework that maps Top 10 controls to various risk levels, spanning from lightweight AI copilots to intricate manufacturing systems.
Sotiropoulos has emphasized that the recommendations contained in this upcoming paper are intended for immediate application, eliminating the need for organizations to wait for formal standards to be established. Security teams are encouraged to partake in the OWASP GenAI Summit at Infosecurity Europe to prepare for the imminent requirements concerning runtime monitoring and updated governance frameworks that are crucial for keeping pace with the acceleration of agentic systems.
With the establishment of the Agentic Research Council, OWASP is taking a decisive step towards ensuring that security practices evolve in harmony with the rapid developments in artificial intelligence. This initiative promises to create an essential bridge between academic research and real-world security needs, reflecting the urgency of adapting to the new technological landscape.