Agentic AI Security- Threats, Architectures & Mitigations

Name: Agentic AI Security- Threats, Architectures & Mitigations
Rating: 4.1 (20 reviews)

Threat Modeling for Agentic AI

Created byEdcorner Learning

Last updated 6/2025

English

What you'll learn

Understand the core principles of Agentic AI, including autonomy, memory, planning, and tool-use in modern AI systems.
Explore OWASP’s Agentic Security Initiative, its threat taxonomy, and relevance to real-world AI security practices.
Distinguish between single-agent and multi-agent architectures, and how their design influences security posture.
Learn to apply STRIDE, PASTA, and MAESTRO frameworks for threat modeling in autonomous AI environments.
Identify and analyze critical threats such as reasoning manipulation, memory poisoning, tool misuse, and agent identity spoofing.
Navigate OWASP’s Agentic Threat Taxonomy Navigator to classify threats based on execution, cognition, memory, and human interaction.
Gain practical skills in mitigating agentic threats through structured playbooks for reasoning validation, identity hardening, tool control, and governance.
Design and evaluate secure deployment architectures, including rollback mechanisms, memory isolation, and API constraints.
Build and test vulnerable AI agents using LangChain, and simulate threats like prompt injection, consensus manipulation, and RCE.
Map emerging agentic AI risks to industry frameworks like MITRE ATLAS and NIST AI RMF, enabling governance, compliance, and SOC integration.

Course content

10 sections • 28 lectures • 1h 25m total length

Introduction to Agentic AI and OWASP Initiatives1:47
Core Capabilities of AI Agents3:23
Core AI agent capabilities include subgoal decomposition, chain-of-thought reasoning, memory-based planning, and self-critique for autonomous action, enabled by APIs and plugins with risk controls.
Agentic AI Patterns and Use Cases6:00

Reasoning-Based Threats2:23
Reasoning based threats arise when an agent's internal logic drifts from goals, causing plan misalignment, goal manipulation, or deceptive outputs; enforce chain of thought logging and regular output validation.
Memory-Based Attacks2:29
Tool Execution Attacks2:33
Examine tool execution attacks where agents misuse external capabilities, and learn mitigations through verification, sandboxing, and rate limits to prevent cascading tool chains, DoS, and budget overruns.
Authentication and Identity Exploits1:50
Explore authentication and identity exploits in agent systems, understanding impersonation, privilege abuse, and spoofing with mitigation through unique identifiers, digital signatures, least privilege, and message signing.
Human-In-The-Loop Exploits1:44
Multi-Agent Risks2:23

Playbook 1 – Preventing Reasoning Manipulation3:19
Playbook 2 – Securing Memory and Knowledge3:04
Playbook 3 – Controlling Tool Usage and RCE Risks3:08
Playbook 4 – Strengthening Authentication & Identity3:08
Strengthen agent security by enforcing RBAC and ABAC with cryptographic signatures, behavioral analytics, and periodic identity verification across federated or decentralized registries.
Playbook 5 – Human-AI Governance Models3:21
Playbook 6 – Multi-Agent Trust and Communication3:24

Requirements

Interest in Secure AI Practices

Description

Agentic AI Security: Threats, Architectures & Mitigations is a comprehensive course designed to prepare developers, security engineers, AI architects, and risk officers to defend the next generation of autonomous systems. The course begins by grounding learners in the fundamentals of agentic AI, explaining how modern AI agents—unlike traditional models—perceive, reason, plan, and act with increasing autonomy. It explores the pivotal role of OWASP’s Agentic Security Initiative and introduces the architectural foundations of single-agent and multi-agent systems, showcasing the core capabilities of agents, including memory, tool use, and goal decomposition. Learners are introduced to orchestration layers, agent frameworks like LangChain and AutoGen, and real-world agentic patterns and use cases. As the course progresses, it delves into threat modeling with STRIDE, PASTA, and MAESTRO frameworks, before detailing OWASP’s reference agentic threat model and taxonomy navigator.

The midsection focuses on deep-dives into specialized threats—reasoning drift, memory poisoning, tool misuse, identity spoofing, HITL exploitation, and multi-agent coordination failures. Six mitigation playbooks provide practical countermeasures: reasoning validation, memory control, tool execution hardening, identity strengthening, HITL optimization, and inter-agent trust assurance. Learners then transition into architectural solutions including modular agent design, execution guards, rollback systems, and defense-in-depth strategies. The deployment section emphasizes containerization, policy-driven API access, and lessons from real-world agent incidents. To ensure proactive defense, the course includes guidance on designing red teams, secure simulation labs, and building vulnerable agents for training purposes using LangChain. Hands-on labs like simulating memory poisoning and consensus manipulation are also included.

The course concludes by integrating agentic threats into existing security frameworks—mapping OWASP threats to MITRE ATLAS and NIST AI RMF—thus aligning advanced agent risks with enterprise governance and compliance expectations. Learners emerge prepared to design, test, and deploy secure, interpretable, and auditable AI agents.

Who this course is for:

AI Developers and Engineers
Cybersecurity Professionals and SOC Analysts
Security Architects and DevSecOps Engineers
AI Product Managers and Technical Leads
Governance, Risk & Compliance (GRC) Officers
Researchers and Academics in AI Safety or Adversarial ML
Red Teamers and Penetration Testers for AI Systems
Cloud and Infrastructure Engineers

Agentic AI Security- Threats, Architectures & Mitigations

What you'll learn

Explore related topics

Course content

Foundations of Agentic AI3 lectures • 11min

Architectures of Agentic AI Systems3 lectures • 9min

Threat Modeling in Agentic AI3 lectures • 10min

Threat Scenarios & Attack Paths6 lectures • 13min

Mitigation Playbooks and Frameworks6 lectures • 19min

Mitigation Architectures and Secure Agent Design1 lecture • 3min

Secure Deployment Patterns and Real-World Case Studies1 lecture • 3min

Designing Red Teams and Agent Security Testing Labs1 lecture • 3min

Practical Agentic Security3 lectures • 9min

MITRE Atlas and NIST Agentic Threat Mapping1 lecture • 3min

Requirements

Description

Who this course is for: