Open-source methodology by OWASP, CoSAI, CSA, and NIST contributors enables enterprises to compare AI agents by security risk for the first time
TEL AVIV, Israel, June 4, 2026 — Adversa AI today published the AI Risk Quadrant Report (AIRQ), the largest independent agentic AI security assessment to date and the first comparative security rating giving enterprises and CISOs the AI agent security scoring and comparison framework the industry has lacked. Led by Adversa AI with contributors and reviewers from OWASP, CoSAI, CSA, NIST, and other organizations, AIRQ pairs an open source methodology with comprehensive data-driven findings, both available at https://airq.adversa.ai/report.
The AI Risk Quadrant is an open-source framework for scoring and comparing AI agent security, designed for CISOs and security teams evaluating which AI agents are safe to deploy — the most common question in enterprise AI agent adoption today.. The project is led by Adversa AI – Pioneers and Innovators in Agentic AI Security in collaboration with contributors and reviewers from Coalition for Secure AI, Cloud Security Alliance, OWASP, NIST, Cisco, Crowdstrike, and other organizations. This collaboration produced the AIRQ Framework aligned with the AI security industry initiatives from OWASP, NIST, MITRE, CoSAI, and CSA guidelines. The methodology quantifies attack surface, blast radius, and defense controls, and enables enterprises to understand their agent security posture, providing an AI agent security leaderboard and risk benchmark for the agentic AI era.
The in-depth end-to-end assessment covers 100 popular AI agents across 10 categories. It quantifies a market gap that existing AI agent security guidance leaves unmeasured. Only 11 percent of assessed agents are both capable and well-defended, called Fortified Leaders, while 98 percent ship critically vulnerable out of the box — exposed by default to the “Lethal Trifecta” of private data access, untrusted content, and outbound actions. Tool execution alone explains 76 percent of an agent’s blast radius, and 83 percent of vendors’ security claims cannot be independently verified. These are just a few of the study’s outcomes.
“AIRQ promotes a healthy AI risk appetite and rewards vendor transparency. Built on a rigorous, data-driven methodology aligned with established industry standards, it enables risk quantification where existing frameworks stop at guidance — and works on its own for AI agent selection, threat modeling, and security hardening,”
said Eugene Neelou, AIRQ Project Lead and AI Security Expert.
Industry experts echoed the rigor.
“The AIRQ Framework is a big step up in rigor over other public AI-security scoring docs,”
said Bill Stout of the CoSAI Technical Steering Committee and the DEF CON AI Village Steering Committee.
“Together, MAESTRO + the Lethal Trifecta + AIVSS + ASI10 give this methodology the structural depth, quantitative rigor, and operational specificity needed to produce risk rankings that are actually actionable for practitioners,”
said Ken Huang, creator of the MAESTRO framework for agentic AI threat modeling and Co-Chair of the AI Safety Working Groups at the Cloud Security Alliance
Adversa AI is a pioneer in Agentic AI Security, helping enterprises build, ship, and operate AI agents with confidence — continuously red-teaming them and enforcing agent runtime security on what they do in production. The company works with Fortune 500 companies, financial institutions, and AI startups, co-leads the CoSAI Agentic AI Security workstream, is a core member of OWASP AIVSS, and contributes to CSA and NIST; its research has been covered by The Wall Street Journal, Wired, and Bloomberg.
Learn more about the Adversa AI Platform.
May 2026 top MCP security resources include a breakdown of fundamental transport flaw exposing 200,000 servers, a reference MCP architecture, and tools to secure your agentic AI deployments.
