ChaptersEventsBlog
Share how your organization is preparing for the agentic shift in identity governance. Take the Securing AI Agents Survey by October 10 →

Download Publication

Secure Agentic System Design: A Trait-Based Approach
Secure Agentic System Design: A Trait-Based Approach
Who it's for:
  • System architects and designers
  • Security professionals using autonomous systems
  • AI practitioners
  • Technical decision-makers

Secure Agentic System Design: A Trait-Based Approach

Release Date: 07/30/2025

Updated On: 08/07/2025

Thanks to powerful reasoning models, AI agents are making more nuanced decisions and interacting more effectively with their environments. At the same time, AI researchers continue to develop more dedicated agentic AI frameworks and platforms. These platforms enable a wider range of organizations to leverage the power of autonomous agents. The combination of advanced reasoning models and readily available agentic frameworks creates a perfect storm for widespread enterprise adoption.

This publication from the CSA AI Technology and Risk Working Group addresses the unique security challenges of agentic AI. As AI transitions from passive tools to autonomous decision-makers, traditional security frameworks struggle to contextualize these new risks. Instead, we need a trait-based approach to agentic system security that identifies fundamental patterns in agent behavior and their associated vulnerabilities.

By mapping security concerns directly to architectural choices, this guidance enables system designers to integrate security into the earliest stages of the design. Following this roadmap will allow designers to securely build our autonomous future.

Key Takeaways:
  • The identifying characteristics and unique security challenges of agentic systems
  • Why securing agentic systems requires a fundamental shift from a "perimeter defense" mentality to a "Zero Trust, continuous verification" one
  • What a trait-based approach to agentic system design looks like
  • Key traits and patterns, including orchestration, communication, planning, perception and context, agent learning, trust, and tool usage
  • The need for close collaboration between AI practitioners, security professionals, and system architects
Download this Resource

Bookmark
Share
Related resources
Analyzing Log Data with AI Models to Meet Zero Trust Principles
Analyzing Log Data with AI Models to Meet Zero ...
Agentic AI Identity and Access Management: A New Approach
Agentic AI Identity and Access Management: A Ne...
Zero Trust Guidance for Small and Medium Size Businesses (SMBs) - Korean Translation
Zero Trust Guidance for Small and Medium Size B...
From Compliance to Culture: What CISOs Need to Know About Evolving SAT
From Compliance to Culture: What CISOs Need to Know About Evolving SAT
Published: 10/02/2025
AI Log Analysis for Event Correlation in Zero Trust
AI Log Analysis for Event Correlation in Zero Trust
Published: 09/26/2025
RiskRubric: A New Compass for Secure and Responsible Model Adoption
RiskRubric: A New Compass for Secure and Responsible Model Adoption
Published: 09/18/2025
Fortifying the Agentic Web: A Unified Zero Trust Architecture Against Logic-Layer Threats
Fortifying the Agentic Web: A Unified Zero Trust Architecture Again...
Published: 09/12/2025
Cloudbytes Webinar Series
Cloudbytes Webinar Series
January 1 | Virtual

Acknowledgements

Anirudh Murali
Anirudh Murali
Principal Engineer

Anirudh Murali

Principal Engineer

Michael Roza
Michael Roza
Risk, Audit, Control and Compliance Professional at EVC

Michael Roza

Risk, Audit, Control and Compliance Professional at EVC

Michael Roza is a seasoned risk, audit, control and compliance, and cybersecurity professional with over 20 years of experience across multinational enterprises and startups. As a Cloud Security Alliance (CSA) Research member for over 10 years, he has led and contributed to more than 140 CSA projects spanning Zero Trust, AI, IoT, Top Threats, DecSecOps, Cloud Key Management, Cloud Control Matrix, and many others.

He has co-chaired...

Read more

Ankit Sharma
Ankit Sharma
Security Officer, Compute BU, Cisco Systems India Pvt Ltd

Ankit Sharma

Security Officer, Compute BU, Cisco Systems India Pvt Ltd

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training