Agentic AI security at RSAC 2025: are your controls keeping up?

TL;DR: RSAC 2025 made one point hard to ignore: agentic AI has moved from prototype discussion to operational security concern, with autonomous systems now expected to act inside enterprise environments, according to Lasso Security. Access review, guardrails, and visibility models built for static workflows are already mismatched to runtime decision-making.

NHIMG editorial — based on content published by Lasso Security: RSAC 2025 recap on agentic AI, global recognition, and GenAI security

By the numbers:

• 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, inappropriately sharing sensitive data, and revealing access credentials.

Questions worth separating out

Q: How should security teams govern AI agents that can call multiple tools at runtime?

A: Security teams should govern AI agents as runtime identities, not static applications.

Q: Why do AI agents complicate least-privilege access models?

A: AI agents complicate least privilege because their needed access can change during execution.

Q: What breaks when organisations treat agent visibility as enough governance?

A: Visibility alone breaks down when an agent can act faster than a review cycle and chain multiple actions before a human notices.

Practitioner guidance

• Inventory every AI agent and its tool graph Document each agent, the data sources it can reach, the APIs it can call, and whether any path allows escalation beyond the original task scope.
• Bind permissions to task context Set policies so access depends on prompt, workflow state, data classification, and session purpose.
• Put logging at the tool boundary Capture every tool invocation, data retrieval, and outbound action at the point of execution.

What's in the full article

Lasso Security's full post covers the operational detail this post intentionally leaves for the source:

• Runtime monitoring design for GenAI interactions and agent actions across enterprise systems.
• Red teaming and risk assessment approach for LLM-specific threats such as prompt injection and agent hijacking.
• Governance and compliance module structure aligned to AI frameworks, including how the vendor maps controls to policy workflows.
• Practical detail on credential isolation and behavioural anomaly detection for custom-built agents.

👉 Read Lasso Security's RSAC 2025 recap on agentic AI security and governance →

Agentic AI security at RSAC 2025: are your controls keeping up?

Explore further

View Full Forum →  |  NHI Foundation Course →