OWASP Launches Agentic AI Security Maturity Framework to Bridge Governance Gap
OWASP has released a new framework to help organizations assess and improve their governance of increasingly sophisticated AI agents, addressing a critical gap between rapid deployment and robust oversight.
The Open Worldwide Application Security Project (OWASP) has introduced a novel framework designed to help organizations align their governance strategies with the rapid deployment of agentic AI systems. This new 'Enterprise Adoption Maturity Model,' detailed in the OWASP GenAI Security Project's latest paper, 'State of Agentic AI Security and Governance,' aims to provide a practical tool for assessing maturity rather than a prescriptive list of rules.
Ariel Fogel, AI security researcher at Pillar Security and co-lead of the report, presented the framework at the OWASP GenAI Security Summit during Infosecurity Europe 2026. Fogel highlighted a common challenge: "Most organizations are deploying agents faster than they can govern them." He explained that current governance models are often designed for simpler AI tools like copilots, while teams are increasingly deploying custom, multi-agent, and federated systems that demand more sophisticated oversight.
The framework maps the problem across two key dimensions. The first axis categorizes the type of agentic AI being deployed, ranging from 'Shadow AI' (unapproved user adoption) and single-vendor tools to platform-integrated AI, citizen developer agents, code-executing agents, and fully custom in-house agents. This spectrum captures the increasing autonomy and complexity of AI systems within organizations.
The second dimension measures governance maturity, progressing from 'Unaware and ad hoc' processes to 'Experimentation without guardrails,' 'Policy-defined, human-in-the-loop' oversight, and finally, 'Integrated, continuous oversight.' This latter level involves treating agentic AI as critical infrastructure with real-time monitoring, risk-tiered workflows, and automated policy enforcement.
By plotting an organization's AI deployments against its governance maturity, the framework reveals potential mismatches. Green areas indicate alignment, yellow suggests potential oversight gaps, and red areas signify deployments operating without adequate governance. Fogel strongly advised against operating in these 'red cells.'
When a mismatch is identified, the framework offers two primary responses: either invest in new controls specifically designed for agentic systems or reduce the agent's permissions and autonomy to align with existing governance capabilities. The paper stresses that traditional security measures are often insufficient, as agents operate at machine speed and scale, necessitating monitoring infrastructure that can match this pace.
John Sotiropoulos, co-lead of the OWASP GenAI Security Project, emphasized the framework's goal of reducing friction and making guidance actionable. He noted that large, frequently updated guidance documents can become overwhelming. The new model simplifies decision-making by focusing on discovering advanced agents, prioritizing risky workloads, and then deciding whether to invest in enhanced controls or constrain deployments. This approach aims to accelerate innovation by providing clear pathways for secure AI adoption.
The framework's introduction comes at a critical time as organizations grapple with the rapid integration of AI into business processes. By providing a structured way to assess and improve AI governance, OWASP aims to help companies navigate the complexities of agentic AI securely and effectively, ensuring that innovation does not outpace essential security and compliance measures.