FREE GRC Workshop

LEARN MORE

Recommended Event: Convene: Boston | Cybersecurity & Human Risk Conference Aug 13 - 14, 2026

Securing the Next Generation of AI Agents

Solution Category Application Security
Type Webinar
Organization HiddenLayer

Webinar Description

Key Takeaways

  • Examines security vulnerabilities in coding agents and their surrounding architecture, including hooks, harnesses and orchestration frameworks
  • Draws on HiddenLayer research into coding agents such as Cursor and broader agentic AI system evaluations
  • Addresses how architectural decisions can either strengthen or compromise AI guardrails
  • Relevant for security professionals, AI engineers and software architects working with autonomous development tools
  • Focuses on secure-by-design principles for deploying resilient AI agent systems

Introduction

As coding agents become increasingly embedded in software development workflows, security teams face a new category of risk that extends well beyond the underlying language models. This panel discussion explores the architectural vulnerabilities inherent in agentic AI systems, with particular attention to the hooks, harnesses and orchestration layers that connect autonomous agents to enterprise environments. Drawing on recent research from HiddenLayer, the session offers practical insights for organisations seeking to deploy coding agents without compromising their security posture.

About This Event

This panel brings together perspectives on securing the next generation of AI agents, with a specific focus on coding assistants that are reshaping software development practices. The discussion centres on findings from HiddenLayer’s evaluations of coding agents, including detailed analysis of Cursor and other agentic AI implementations. Panellists will examine how the components surrounding an AI agent—rather than the model itself—often introduce the most significant security concerns.

The Expanding Attack Surface of Agentic Architecture

Coding agents operate through a complex web of integrations that enable them to read codebases, execute commands, interact with development tools and access external services. Each of these touchpoints represents a potential vulnerability. Hooks—the mechanisms that allow agents to trigger actions based on specific events—can be exploited if not properly constrained. Harnesses, which provide the scaffolding for agent execution, may inadvertently grant excessive permissions or fail to isolate agent activities from sensitive systems.

Orchestration frameworks compound these risks by coordinating multiple agent capabilities and tool integrations. When these layers lack robust security controls, they can amplify the impact of a single compromised component. The panel will explore how attackers might exploit these architectural elements and why traditional application security approaches often prove insufficient for agentic systems.

Guardrails Under Pressure

Organisations deploying AI agents typically implement guardrails to constrain agent behaviour and prevent unintended actions. However, the effectiveness of these controls depends heavily on architectural decisions made during implementation. Poorly designed integration points can create pathways that bypass guardrails entirely, while overly permissive tool access can render behavioural constraints meaningless in practice.

The research presented in this session highlights how certain architectural patterns inadvertently weaken the very protections organisations believe they have in place. Understanding these failure modes is essential for security teams tasked with evaluating and approving agentic AI deployments.

Common Design Pitfalls in Agentic Implementations

The panel will address recurring mistakes observed across agentic AI implementations. These include insufficient isolation between agent processes and production systems, inadequate logging and monitoring of agent activities, and failure to apply least-privilege principles to tool integrations. Many organisations also underestimate the risks associated with prompt injection attacks that target the orchestration layer rather than the model itself.

By examining these pitfalls through the lens of real-world evaluations, the discussion aims to provide actionable guidance for teams currently building or deploying coding agents.

Secure-by-Design Principles for AI Agent Deployment

Rather than treating security as an afterthought, organisations can adopt secure-by-design principles that embed protection into the foundational architecture of their agentic systems. This approach requires careful consideration of trust boundaries, explicit definition of agent capabilities, and robust mechanisms for monitoring and constraining agent behaviour at runtime.

The session will outline practical strategies for building resilient AI agent systems, including architectural patterns that maintain security without sacrificing the productivity benefits that make coding agents attractive in the first place.

Who Should Attend

This panel is designed for security professionals responsible for evaluating AI deployments, software architects designing agentic systems, and engineering leaders considering the adoption of coding agents within their organisations. Those working on AI governance frameworks or developing internal policies for autonomous development tools will also find the discussion directly applicable to their work.

The Stakes of Getting Agent Security Right

As coding agents gain broader adoption, the security decisions made today will shape the risk landscape for years to come. Organisations that understand the architectural dimensions of agent security—and act on that understanding—will be better positioned to realise the benefits of agentic AI while avoiding the pitfalls that could compromise their systems and data. This panel offers a timely opportunity to learn from dedicated research and prepare for the challenges ahead.