The Attack and Defense Landscape of Agentic AI: A Comprehensive Survey

arXiv cs.AI / 3/13/2026

💬 OpinionIdeas & Deep AnalysisModels & Research

共有:

Key Points

The paper provides the first systematic survey of security risks and defenses for AI agents that combine LLMs with non-AI components, detailing the attack landscape and available defense mechanisms.
It analyzes the design space and includes case studies to reveal gaps and open challenges in securing agentic AI systems.
It introduces a systematic framework for understanding security risks and defense strategies, serving as a foundation for building secure agentic systems and guiding further research.
The work discusses implications for practitioners across engineering, product, and governance roles and outlines directions to address security gaps in real-world deployments.

Abstract

AI agents that combine large language models with non-AI system components are rapidly emerging in real-world applications, offering unprecedented automation and flexibility. However, this unprecedented flexibility introduces complex security challenges fundamentally different from those in traditional software systems. This paper presents the first systematic and comprehensive survey of AI agent security, including an analysis of the design space, attack landscape, and defense mechanisms for secure AI agent systems. We further conduct case studies to point out existing gaps in securing agentic AI systems and identify open challenges in this emerging domain. Our work also introduces the first systematic framework for understanding the security risks and defense strategies of AI agents, serving as a foundation for building both secure agentic systems and advancing research in this critical area.