Agentic AI Security: Threats, Defenses, Evaluation, and Open Challenges
It tackles security issues for agentic AI systems, which are crucial for developers and users due to their broad automation capabilities, but is incremental as it synthesizes existing research.
The paper addresses the security risks of agentic AI systems, which use LLMs for autonomous task execution, by providing a taxonomy of threats, reviewing benchmarks and defenses, and highlighting open challenges to support secure-by-design development.
Agentic AI systems powered by large language models (LLMs) and endowed with planning, tool use, memory, and autonomy, are emerging as powerful, flexible platforms for automation. Their ability to autonomously execute tasks across web, software, and physical environments creates new and amplified security risks, distinct from both traditional AI safety and conventional software security. This survey outlines a taxonomy of threats specific to agentic AI, reviews recent benchmarks and evaluation methodologies, and discusses defense strategies from both technical and governance perspectives. We synthesize current research and highlight open challenges, aiming to support the development of secure-by-design agent systems.