OWASP will formally announce the Agentic Research Council at Infosecurity Europe on June 4, 2026, establishing a coordinated research effort to address the growing disparity between fast-moving agentic AI capabilities and conventional security research timelines. The Council emerges from OWASP's GenAI Security Project and its Agentic Security Initiative, the same group that produced widely adopted Top 10 guidance for LLM security. John Sotiropoulos, co-lead of the initiative, described the effort as expert-backed but community-driven, designed to align research priorities with operational security needs.
The Council will create a global collaboration framework connecting academia, industry, government, and policy makers to accelerate the conversion of research into practical mitigations. It will maintain a public pipeline of research topics, convene regular working groups, and sponsor PhD work aligned with practitioner needs. The initiative aims to formalize and scale the bridge between academic discovery and operational reality, ensuring emerging research does not remain isolated or lag behind real-world threats. Sotiropoulos emphasized that the Council complements rather than replaces OWASP's existing practitioner-focused work.
The technical challenge driving this initiative centers on the speed at which AI agents operate and interact. Because agents can act at machine speed, traditional development-centered governance models become insufficient. The Council's first research focus addresses multi-agent security, examining composability risks that arise when agents interact, discover new tools, and assemble dynamic toolchains. A preprint paper published April 29 on arXiv argues that analyzing agents in isolation is no longer adequate, as multiple agents can produce emergent behavior creating attack surfaces invisible at design time. Sotiropoulos warned that multi-agent setups break human-in-the-loop assumptions, comparing agent swarms to drone swarms that require millions of responses simultaneously.
The security implications extend beyond technical architecture to fundamental incident response and attribution models. Sotiropoulos argued that defenders must shift from human-in-the-loop validation to human-on-the-loop oversight, implementing agent-level policy monitors rather than slower human-centric review cycles. The collapse of time-to-impact means vulnerabilities can be exploited faster, requiring runtime governance and observability focused on agent interactions and behavior. He compared the impact of agentic AI on cybersecurity to what drones did to kinetic warfare, commoditizing capabilities that previously required expensive, complicated equipment.
OWASP will release a companion paper titled "The State of Agentic AI and Governance" on June 1, offering an end-to-end synthesis of adoption patterns, governance models, and regulatory touchpoints. The paper includes a practical maturity and risk-tiering scheme mapping Top 10 controls to different risk levels, from lightweight AI copilots to complex manufacturing systems. Sotiropoulos emphasized these recommendations are designed for immediate implementation rather than waiting for formal standards bodies. Security teams should attend the OWASP GenAI Summit at Infosecurity Europe or review the forthcoming guidance to prepare for runtime monitoring requirements and updated governance frameworks that match the speed of agentic systems.
Source: https://www.infosecurity-magazine.com/news/owasp-new-agentic-research-council/