OWASP Top 10 for Agentic Applications

Why it matters for NETEVO

This is the load-bearing public anchor for everything the NETEVO agentic-AI coinages name. The OWASP Agentic Top 10 was published in December 2025 as the first community-curated agentic-AI failure-mode list, developed with more than 100 industry experts. NETEVO's coinages — Implicit Authority Cascade, Bounded SaaS / Unbounded Agents, Agentic Due Diligence, Authority Register — predate the OWASP list by months, but the list now provides the public vocabulary against which they can be positioned and defended.

Two list entries are the load-bearing IAC anchors: ASI01 Agent Goal Hijack (the agent is redirected from its assigned objective) and ASI03 Identity and Privilege Abuse (the agent acts with authority it should not hold) map directly onto the IAC failure pattern. A third — ASI06 Memory and Context Poisoning — sits adjacent where the cascade is realised through persisted context rather than live prompt.

The list is also the strongest single public anchor for Bounded SaaS / Unbounded Agents: ASI02 Tool Misuse and Exploitation describes the failure mode where the agent's unbounded reach extends through tools the SaaS layer expected to constrain, and ASI04 Agentic Supply Chain Vulnerabilities describes the failure mode where the bounded SaaS layer is compromised through agent-mediated upstream weaknesses.