AI agents increase your attack surface. They do not just answer questions; they call tools, take actions, retrieve data, and make multi-step decisions. That creates new security failure modes: prompt injection, jailbreaks, data leakage, unsafe tool use, skipped approval steps, and non-deterministic behavior that is hard to reproduce.

In this session, I will show how to red-team AI agents and agentic workflows with AgentEval, an open-source .NET toolkit for evaluating AI agents. Its Red Team Security module includes 192 attack probes across 9 attack types, with MITRE ATLAS mapping and 60% coverage of the OWASP LLM Top 10 2025 categories.
You will see how security failures surface in practice, how to assess whether protections actually hold, and how to re-run the same evaluations after changes to check whether the behavior really improved.

Beyond red-teaming, I will also show how AgentEval supports broader evaluation of AI agents and agentic workflows through tool-level assertions, behavioral policies, stochastic multi-run evaluation, trace replay, multi-turn evaluation, and CLI-based execution. That makes it useful not only for finding agent vulnerabilities, but also for turning security expectations into repeatable evaluation gates.