Securing AI Agents: Challenges and Solutions
Naveen Konrajankuppam Mahavishnu, Mohankumar Vengatachalam
BSidesSF 2025 — Here Be Dragons · Day 2 · Main
AI agents — autonomous systems that reason, plan, and take real-world actions — introduce an entirely new attack surface that existing security frameworks were not designed to address. Mohankumar Vengatachalam and Naveen Konrajankuppam Mahavishnu walked through OWASP's top 10 AI agent security threats, a full agent threat model, and a live demo where a multilingual prompt injection bypassed an agent's access controls to expose sensitive corporate data. The core message: securing an AI agent means securing the entire pipeline, from input to orchestrator to memory to multi-agent trust relationships. ---
AI review
The multilingual prompt injection demo is the talk's actual contribution and it earns its slot. The OWASP top-10 walkthrough is taxonomy-recitation, not analysis. But getting a combined English-Tamil payload past a monolingual prompt injection detector to escalate from Programmer to Administrator is a concrete finding worth seeing.