OASB
v1.0
Controls/Agent-to-Agent Security/7.1
L2 StandardForward-looking

7.1 Mutual Authentication

7. Agent-to-Agent SecurityHow do agents trust each other?

Description

Agent-to-agent communication MUST use mutual authentication.

Rationale

Without mutual authentication, agents can be impersonated.

Audit Procedure

1. Identify all A2A communication channels
2. Check for identity verification on both ends
3. Verify certificates are validated

Remediation

1. Implement mTLS
2. Use agent identity certificates
3. Validate against registry

Framework Mappings

CIS Control 3.10NIST PR.AC-1
Previous6.5 Software Bill of MaterialsNext7.2 Message Integrity