OWASP Gen AI Security Project Newsletter - May '25 Edition

Greetings Gen AI Security Enthusiasts and OWASP Community Members!

Featured for May

The OWASP Gen AI Project - Agentive Security Initiative led an open workshop in conjunction with RSAC 2025 in San Francisco. If you couldn’t make it you can now view it On-demand.

New Resources

The Agent Name Service (ANS), developed under the OWASP GenAI Security Project – Agentic Security Initiative, introduces a secure, DNS-inspired framework for AI agent discovery. ANS leverages Public Key Infrastructure (PKI) for identity verification, structured JSON schemas for communication, and a protocol adapter layer supporting A2A, MCP, and ACP protocols.

To learn about the Agentic Security Initiative working group and roadmap visit: https://genai.owasp.org/inititatives/

The project is committed to providing global access to our set of resources and insights through localization and publish of our resources.

New Localizations:

- Chinese - Simplified
- Chinese - Traditional
- German
- Portugese
- Russian

Check Out our full list of resourecs: https://genai.owasp.org/resources/

Check Out the Resources Library
Access the full catalog of resources, publications, tools and presentations.
https://genai.owasp.org/resources/

Join us 
At the OWASP Global AppSec EU 2025

Register, Lean More

From May 26-30, 2025, join over 700 cybersecurity experts at the spectacular Centre de Convencions Internacional de Barcelona (CCIB) for an event like no other. This year’s reimagined conference promises to ignite your passion for security with cutting-edge presentations from world-class keynote speakers. Dive into one of six action-packed tracks covering everything from OWASP projects to specialized sessions for builders, developers, breakers, defenders, and manager/culture.

The OWASP GenAI Security Project is delivering three must-attend sessions covering cutting-edge research, practical guidance, and strategic insight into securing LLMs, autonomous agents, and scaling community-driven security initiatives.

Session 1: OWASP GenAI Security Project
– Thursday, May 29 | 2:15–3:00 PM CEST | Room 133-134
– Presenter: Scott Clinton, OWASP GenAI Security Board Member & Co-chair

From secure AI adoption to incident response, get a comprehensive tour of the project’s latest work, contributions to global standards, and how YOU can get involved.

Session 2: Navigating AgenticSecurity Risks
– Friday, May 30 | 11:30–12:00 PM CEST Room 131-132
– Presenter: John Sotiropoulos, Head of AI Security at Kainos, OWASP GenAI

Explore the risks and real-world threats of autonomous AI agents—and how OWASP is equipping the industry with frameworks to secure the future of AI.

Session 3: GenAI Security Project—Getting Down to Business
– Friday, May 30 | 10:45–11:45 AM CEST | Room 133-134
– Presenter: Scott Clinton, OWASP GenAI Security Board Member & Co-chair

Uncover the behind-the-scenes tactics that helped scale the GenAI project to 10K+ members in under two years. Perfect for open-source leaders, contributors, and project stewards.Kicking Off Our New Monthly Webinar Series!!

Kicking Off Our New Monthly Webinar Series

Join us as we kick off our new monthly webinar series designed to provide official GenAI Security Project education resources from project leaders and key contributors, and sponsors including introductory, intermediate and deep dive content along with education on key GenAI security risks, solutions and industry trends.

In this webinar, the panel will explore how MCP agents introduce unique security and trust challenges distinct from traditional LLM deployments and how to close these security gaps.

The panel will provide a technical breakdown of the MCP architecture and its implications on security, emerging risks from prompt and memory injection to cross-agent contamination and strategies for securing agent orchestration layers while preserving agent autonomy.

Panelists Include:

Ophir Dror
CPO & Co-Founder, Lasso Security

Akram Ageriff
OWASP GenAI Security Project - Agentic Security Contributor, Sr Engineering Leader Cisco Systems

Or Oxenberg
Full Stack Data Scientist, Lasso Security

Jason Ross
OWASP GenAI Project Red Teaming Initiative Lead, Product Security Principal, Salesforce

Join the Bi-Weekly Open Project Meeting

Get the latest tea on the project!!

Join us every other Wednesday at 9am PST for our bi-weekly open project meeting. Follow the link below to get the Zoom details. Come Join us !! https://genai.owasp.org/meetings/

Highlights From The Project Blog

Recap and Findings from OWASP Gen AI Security Project’s – NYC Insecure Agents Hackathon

Armed with the Top 10 for LLMs and the Agentic AI Threats and mitigations guides, the OWASP GenAI Security Projects’ Agentic Security Initiative team hosted a hackathon on April 1st in NYC with support from Pensar, SplxAI, Pydantic, and Mastra. The hackathon’s goal was to invite builders to build insecure agents— knowingly or unknowingly.

OWASP Welcomes 9 New Sponsors

Generative AI Security Project announced the addition of nine new sponsors, signaling continued momentum and investment in advancing the state of security for generative AI technologies. The new sponsors—Acuvity, ActiveFence, ByteDance, Cobalt, Protecto, SplxAI, Trend Micro, Troj.Ai and Unbound Security

Upcoming Events

Come to the Project’s Sessions!

Join us for the OWASP GenAI Security Project - Agentic AI Hackathon at DefCon this year.

August 7-10, 2025
at the, Las Vegas Convention Center

Additional Sessions to be announced

More details coming with the event agenda

For a Full List of upcoming and past Events visit the project website events page.
https://genai.owasp.org/events

Looking Ahead To June

AI Security Solutions Landscape, for Q2’25

The updated AI Security Landscape launches at the end of May. We're still accepting inputs and adding use case filters like Red Teaming and Agentic App Security to simplify finding Gen AI security solutions. Know a useful tool? Submit it below! You dont have to be a vendor.

New Volunteer Job Listings

As a community driven, volunteer effort the project is always looking for people to contribute their skill and expertise. Where we have specific needs we have created volunteer job listing to help volunteers understand the communities’ needs and commitments. If you know someone or want to contribute yourself check out these needs.

Working Group: Outreach
Newsletter & Social Media Marketing Lead (Volunteer)
The Newsletter & Social Media Marketing Lead will manage the OWASP Gen AI Security Project’s newsletters and social media channels, creating engaging content to grow community awareness. Responsibilities include content creation, scheduling, and engagement across platforms, collaborating with the Outreach & Marketing Committee to drive outreach efforts and promote AI.

Location: Remote, anywhere in the world

Working Group: Outreach
Virtual and Physical Events Lead (Volunteer)

The Marketing Events Lead will coordinate virtual and in-person events for the OWASP Gen AI Security Project, ensuring seamless planning, promotion, and execution. Responsibilities include event logistics, speaker coordination, and community engagement, working with the Outreach & Marketing Committee to enhance participation and awareness in AI security discussions worldwide.

Location: Remote, anywhere in the world

Keep track of future volunteer jobs on Volunteer Jobs Page on our website.