The release of the OWASP Agentic Applications Top 10 marks a significant turning point in how the industry understands AI risk.
As AI moves from model experimentation to operational agents that plan, reason, access tools, and execute real-world actions, the security conversation must evolve. Agents introduce risks that traditional model-centric controls were never designed to manage — from goal hijacking and tool misuse to identity abuse, memory poisoning, and rogue agent behaviour.
The OWASP Agentic Applications Top 10 provides the first structured, community-driven framework focused specifically on these operational risks. It gives security leaders a shared language to assess how autonomous and semi-autonomous systems behave inside production environments.
Zenity was proud to contribute to this effort, with team members serving as reviewers and entry leads alongside a panel of AI security experts. The framework formalises a category the industry has already been experiencing in practice: AI Agent Security as its own discipline.
Importantly, this isn’t about ownership — it’s about alignment. The risks outlined in the OWASP Agentic Applications Top 10 reflect the same operational behaviours organisations are already encountering as agents interact with SaaS, cloud, browsers, and enterprise systems.
Zenity’s platform was architected from day one to govern agent behaviour, enforce policy inline, and provide real-time oversight into what agents do — capabilities that directly map to the risk categories now articulated in the framework.
As adoption accelerates, security teams need clarity, structure, and operational controls — not just awareness.
Meet Zenity at CxO Institute Boston
Discuss with the team at Zenity, how enterprises can align with the OWASP Agentic Applications Top 10 and implement practical controls to govern agentic AI safely at scale.
👉🏻 Join the conversation.