Ep. 68 - Why OWASP's AIVSS Scores Agentic AI at Maximum Risk
OWASP just shipped AIVSS—an entirely new vulnerability scoring methodology built for autonomous AI agents, where a compromised orchestrator can score a perfect 10.
Host Tova Dvorin and Adrian break down the "amplification principle": why a 2.1 CVSS finding becomes a 7.1 in the wrong agent, how persistent memory and broad tool access expand every blast radius, and what EchoLeak-style attacks already mean for real deployments.
Plus, learn where adversarial exposure validation and SafeBreach's agentic AI coverage fit in.
Timestamps:
00:00 Introduction
00:20 Overview of OWASP's AI VSS
00:51 Key risks identified by OWASP
01:38 Understanding agentic AI
02:22 Memory and context manipulation risks
03:04 Tool misuse and access control violations
04:29 Amplification factors explained
05:09 Real-world examples of vulnerabilities
06:10 Operational implications for security teams
Read the full OWASP AI VSS document at: https://aivss.owasp.org/