Ep. 68 - Why OWASP's AIVSS Scores Agentic AI at Maximum Risk

OWASP just shipped AIVSS—an entirely new vulnerability scoring methodology built for autonomous AI agents, where a compromised orchestrator can score a perfect 10.

Host Tova Dvorin and Adrian break down the "amplification principle": why a 2.1 CVSS finding becomes a 7.1 in the wrong agent, how persistent memory and broad tool access expand every blast radius, and what EchoLeak-style attacks already mean for real deployments.

Plus, learn where adversarial exposure validation and SafeBreach's agentic AI coverage fit in.

Timestamps:

00:00 Introduction

00:20 Overview of OWASP's AI VSS

00:51 Key risks identified by OWASP

01:38 Understanding agentic AI

02:22 Memory and context manipulation risks

03:04 Tool misuse and access control violations

04:29 Amplification factors explained

05:09 Real-world examples of vulnerabilities

06:10 Operational implications for security teams

Read the full OWASP AI VSS document at: https://aivss.owasp.org/