Generative AI didn't invent sensitive data leakage, credential sprawl, or uncontrolled SQL execution. It made them faster and harder to catch. The OWASP GenAI Data Security framework makes this explicit: most mitigations point back to access governance, data masking, and audit trails at the infrastructure layer, not the model layer.
This white paper maps each of the 16 OWASP risks to protocol-level controls, tiered honestly as direct, contributing, or adjacent, so security and platform teams know exactly where enforcement matters and where gaps remain.
Open source
Save the open-source gateway for agent data access
Hoop is MIT-licensed infrastructure for controlling how AI agents reach production data. Star hoophq/hoop so you can inspect it, deploy it, or share it when your team starts governing agent access.