State of the Field — Enterprise Security in the Agentic AI Era

Executive synthesis of the bidirectional intersection of agentic AI and enterprise security. This page is a seed — populated as ingests and research land. It is the page to read first when re-entering the vault after time away.

Scope

This wiki tracks the bidirectional intersection of agentic AI and enterprise security across three axes:

1. Security of AI — frameworks, reference architectures, and maturity models for safely deploying AI agents in production. Anchored by the Agentic AI Security CMM and the Agentic AI Security Reference Architecture; populated by NIST AI RMF, IEC 42001, OWASP LLM Top 10, OWASP Agentic AI Top 10, Google SAIF, Microsoft ZT4AI, CoSAI, CSA MAESTRO, and MITRE ATLAS.
2. AI in security — agentic systems used by defenders (SOC automation, autonomous triage) and offensive operators (AI-assisted exploitation, autonomous pentest), plus frontier-model-driven vulnerability discovery. See Agentic SOC: state of the field, Offensive AI: state of the field, Red Teaming for AI: synthesis, and Frontier AI for Vulnerability Discovery.
3. Security against AI-driven attacks — how SDLC, supply chain, identity, and operational security must evolve when adversaries have frontier AI capability. See SDLC in the AI-Attacker Era.

Every page declares its scope_axis: frontmatter so dashboards and views can slice the vault along whichever axis a reader cares about. The closed vocabulary is documented in conventions §Scope Axes.

Core Tensions

Populated as the wiki grows

Where do the frameworks agree, conflict, or leave gaps? Pull this from comparisons/ as they’re written. Cross-axis tensions (e.g., “the same agent autonomy that benefits an agentic SOC also amplifies offensive-AI blast radius”) are tracked in the per-axis thesis pages.

Current Synthesis

Empty seed

This section will hold the rolling 1-2 paragraph answer to “where is the field?” as of the latest ingest, organized by the three scope axes.

See Also

• index — full catalog
• hot — recent context (~500 words)
• Frameworks Index
• Architectures Index
• Practices Index
• Offensive Index
• Maturity Models Index
• Thesis Index — per-axis synthesis seeds
• Agentic SOC: state of the field
• Offensive AI: state of the field
• Red Teaming for AI: synthesis
• Frontier AI for Vulnerability Discovery
• SDLC in the AI-Attacker Era