Question 1

What is the Agentic Trust Framework (ATF)?

Accepted Answer

The Agentic Trust Framework is an open governance specification that applies Zero Trust principles to autonomous AI agents. It defines five core elements (Identity, Behavior, Data Governance, Segmentation, Incident Response) and a four-level maturity model (Intern, Junior, Senior, Principal) for progressively granting agents autonomy based on demonstrated trustworthiness.

Question 2

What are the five pillars of the Agentic Trust Framework?

Accepted Answer

ATF's five core elements are: (1) Identity: verifying who an agent is through cryptographic credentials; (2) Behavior: continuously monitoring agent actions via observability and anomaly detection; (3) Data Governance: controlling what data agents consume and produce; (4) Segmentation: defining where agents can go through least-privilege access controls; (5) Incident Response: defining what happens if an agent goes rogue, including kill switches and circuit breakers.

Question 3

How does ATF relate to Zero Trust architecture?

Accepted Answer

ATF applies NIST 800-207 Zero Trust principles (never trust, always verify) to autonomous AI agents. Traditional Zero Trust governs human users and static systems; ATF extends this to non-deterministic, autonomous agents that take real actions at machine speed.

Question 4

What are ATF's four maturity levels?

Accepted Answer

Level 1 (Intern): read-only, fully supervised. Level 2 (Junior): recommends actions for human approval. Level 3 (Senior): acts autonomously with post-action notification. Level 4 (Principal): fully autonomous within defined boundaries. Agents earn progression through demonstrated trustworthy behavior.

Question 5

Is the Agentic Trust Framework free to use?

Accepted Answer

Yes. ATF is published under Creative Commons Attribution 4.0 International (CC BY 4.0). You can freely use, adapt, and build upon the framework with appropriate attribution. The specification is maintained on GitHub.

Question 6

How does ATF compare to MAESTRO?

Accepted Answer

MAESTRO and ATF are complementary. MAESTRO is a 7-layer threat modeling framework identifying what to worry about. ATF tells you what to build by providing governance controls. Use MAESTRO to identify risks, use ATF to mitigate them.

Question 7

How does ATF compare to the OWASP Top 10 for Agentic Applications?

Accepted Answer

OWASP identifies the top 10 risks for agentic applications (ASI-01 through ASI-10). ATF provides governance controls to mitigate each risk. Every OWASP agentic risk maps to one or more ATF core elements.

Question 8

How does ATF compare to NIST for AI agent security?

Accepted Answer

ATF is complementary to NIST. NIST 800-207 defines Zero Trust architecture principles; ATF applies them specifically to AI agents. NIST AI RMF defines risk management functions; ATF implements those with agent-specific controls and maturity levels.

Question 9

Who is implementing ATF?

Accepted Answer

Microsoft's Agent Governance Toolkit (MIT-licensed Python middleware covering all 5 pillars) and Berlin AI Labs (12-service reference implementation) have independently implemented ATF. ATF also aligns with the AWS Agentic AI Security Scoping Matrix.

Question 10

How do I assess my organization's readiness?

Accepted Answer

ATF includes a 30-question self-assessment covering all five core elements. Each question scores 1-5, providing element-by-element maturity scores and an overall readiness level. Available at verifiedagents.ai/assess.

Question 11

How do ATF maturity levels align with AWS scopes?

Accepted Answer

ATF levels map 1:1 to AWS Agentic AI Security Scoping Matrix: Intern = Scope 1 (No Agency), Junior = Scope 2 (Prescribed Agency), Senior = Scope 3 (Supervised Agency), Principal = Scope 4 (Full Agency).

Question 12

Can agents be demoted in ATF?

Accepted Answer

Yes. Demotion is a key differentiator. A critical incident triggers immediate demotion to Intern, a security vulnerability triggers demotion pending remediation, and repeated minor incidents trigger a one-level demotion. This ensures continuous trust verification.

Ecosystem & Implementations

Microsoft Agent Governance Toolkit

Berlin AI Labs

Building on ATF?

Continue Exploring

Specification →

Compare →

Component Catalog →