Agentic AI Security Initiative @ NDS2Lab

Advancing the science of agentic AI security

Members of the NDS2 Lab, Fall 2025

Mission

Agentic AI systems — software that plans, reasons, and acts with limited human oversight — introduce a class of security problems that did not exist a few years ago. Our work spans the infrastructure that supports autonomous agents, the attacks that target them, and the defenses that make them resilient enough to deploy in the real world.

Building safer AI systems is a long-term, technical effort — one that requires careful threat modeling, principled defenses, and rigorous evaluation. Our goal is to advance the science of agentic AI security and to translate that science into practice with industry, government, and the broader research community.

Featured

Publication

SAGA: A Secure Architecture for Agentic Systems

A new infrastructure design for governing what autonomous agents can and cannot do across services.

Project

MUZZLE: Constraining Web Agents

Investigating how web-acting LLM agents can be steered and contained against prompt-driven misbehavior.

Grant

Towards Securing Multi-Agent LLM Systems. Google Research Award 2025.

Investigating secure distributed architectures that prevent compromised agents from undermining task execution.

Publication

ACE: Defenses for Agentic Systems

Mechanisms for detecting and recovering from compromised actions in multi-step agentic pipelines.