1、Threat Modeling Agentic AI Systems:Proactive Strategies for Security and ResilienceAgentic AI ArchitectureAgentic AI ThreatsAgentic AI Mitigation StrategyTake AwaysWhat is an AI Agent?Perceives&Reasons Autonomous Decision-Making Acts&Uses ToolsSource:OWASP Agentic AI Threats and MitigationsSingle Ag
2、ent ArchitectureSource:OWASP Agentic AI Threats and MitigationsMulti Agent ArchitectureSource:OWASP Agentic AI Threats and MitigationsScenarioThe Rise and Fall of FinBot:An AI Cautionary TaleREPUDIATION&UNTRACEABILITYLack of logs,opaque decision-making,forensic challengesMISALIGNED&DECEPTIVE BEHAVIO
3、RSAI bypassing constraints,misleading outputs,self-preservation risksINTENT BREAKING&GOAL MANIPULATIONAdversarial objectives,prompt injection,unexpected goal shiftsAgency&ReasoningA Shift in PrioritiesCASCADING HALLUCINATION ATTACKSMisinformation reinforcement,false knowledge loops,unreliable decisi
4、onsMEMORY POISONINGCorrupt stored data,malicious long-term memory,false context injectionMemory&ContextThe Memory TrapTOOL MISUSEUnintended API calls,unauthorized tool execution,excessive automation risksPRIVILEGE COMPROMISEEscalated permissions,unauthorized actions,insecure role assignmentsRESOURCE
5、 OVERLOADDenial of service,computational exhaustion,excessive task executionUNEXPECTED RCE&CODE ATTACKSGenerated malicious code,remote execution vulnerabilities,untrusted function callsTools&ExecutionThe Tools Turn Against ThemIDENTITY SPOOFING&IMPERSONATIONFake AI identity,privilege misuse,trust ex
6、ploitationPRIVILEGE ESCALATIONAgent gaining unauthorized access,over-permissive identity tokensIdentity&AuthenticationA Stolen IdentityOVERWHELMING HITLExcessive alerts,decision fatigue,automated approval manipulationHUMAN MANIPULATIONSocial engineering via AI,misleading recommen