Databricks has released DASF v3.0, adding Agentic AI as the 13th system component in its AI Security Framework. The update introduces 35 new technical security risks and 6 new mitigation controls specific to autonomous AI agents. Key new risk categories include agent reasoning loop attacks (memory poisoning, cascading hallucinations, goal manipulation), tool and MCP security risks (tool poisoning, prompt injection via tool descriptions, malicious servers), and multi-agent system risks (agent communication poisoning, rogue agents). The framework highlights the 'Lethal Trifecta' — the dangerous combination of access to sensitive data, ability to take actions, and insufficient human oversight — as the core threat model. New controls focus on least-privilege permissions, human-in-the-loop checkpoints, intent validation, and output monitoring. The full framework now covers 97 risks and 73 controls, mapped to MITRE ATLAS, OWASP, NIST, and CSA standards.
Sort: