Securing Agentic AI: Threat trends, OWASP Top 10 patterns and a FinBot CTF demo
Details
Securing Agentic AI: Threat trends, OWASP Top 10 patterns and a FinBot CTF demo
Make sure to register through Zoom Platform vi following link and grab a seat: Registration Link
Abstract:
Agentic AI systems are moving from chatbots to autonomous workflows that can call tools, access data, write code and take actions across enterprise systems. That shift creates new security boundaries between the user, the agent orchestrator, the model, tools/plugins, memory and sensitive data and introduces failure modes that don’t look like traditional AppSec.
In this session, we’ll walk through the most common Agentic AI security trends and real-world patterns observed in enterprise deployments, mapped to the OWASP Top 10 for Agentic Applications 2026. Rather than a broad survey, we’ll focus on the few risks that most often lead to real impact: unintended tool execution, excessive permissions and weak authorization, prompt/goal manipulation, data exfiltration via tool and retrieval paths, and memory poisoning/persistence risks.
To make these concepts concrete, we’ll introduce a practical reference architecture and a mental model for identifying trust boundaries and control points (identity, policy, validation, isolation and monitoring). We’ll then run a live FinBot CTF demo to show several of these threats in action and discuss how to detect and mitigate them with actionable engineering checklists teams can apply immediately.
Learning Objectives:
- Identify what makes agentic systems security unique
- Recognize high-impact agentic AI attack patterns and map them to the OWASP Top 10 for Agentic Applications
- Apply a reference architecture/metal model to locate control points for prevention and detection
- Observe real exploits and outcomes through a live FinBot CTF demo and understand the attack path
- Take away a practical mitigation checklist for building and operating safer agentic AI systems.
Make sure to register through Zoom Platform vi following link: Registration Link
Make sure to follow BSides Gothenburg on LinkedIn for coming updates.