Building an AI Guardian for Enterprise with Onyx Security CEO Maxim Bar Kogan
Maxim Bar Kogan, CEO of Onyx Security, discusses building AI agents to oversee other AI agents in enterprise environments. He explains how existing security tools are insufficient for governing autonomous agents, why Onyx trains specialized small models for this purpose, and why independent third-party oversight of AI is structurally necessary rather than something foundation model labs can solve themselves.
Summary
Maxim Bar Kogan, co-founder and CEO of Israel-based Onyx Security, sits down with host Sarah to discuss the company's mission to build AI guardians for enterprise AI deployments. The conversation begins with the origin story of Onyx, tracing back to AutoGPT as the pivotal moment that made Bar Kogan envision a future where highly capable autonomous agents would require independent oversight. He notes that while he was considered too early when founding the company, the rapid adoption of coding agents like Claude Code and Copilot validated the thesis before the company ran out of money.
Bar Kogan describes Onyx's core product as an 'AI control plane' that hooks into enterprise AI systems to monitor and validate agent actions. He breaks down enterprise AI adoption into three categories: low-code SaaS automation platforms (roughly 45%), autonomous coding agents and assistants (over 50% and fastest growing), and first-party custom-built agents (approximately 2%). He emphasizes that autonomous coding agents are the fastest-growing segment and typically come without any built-in controls.
The discussion explores why traditional security tools — identity management, endpoint security, API security, and proxies — are insufficient for governing AI agents. The core problem is that these tools lack the contextual understanding of what an AI agent is 'thinking' or planning, making it impossible to distinguish legitimate from illegitimate actions based on the action alone. For example, a coding agent deleting a database could be either a valid task or a dangerous mistake depending entirely on context.
Bar Kogan explains Onyx's technical approach: training small, specialized models that are highly efficient at one specific task — determining when a more sophisticated agent-level review is needed. This creates a layered system where lightweight models handle routine monitoring cheaply and quickly, while more capable agents are invoked only for high-risk decisions. He uses the analogy of chess grandmasters making most moves intuitively but pausing deeply on critical positions.
On the question of why foundation model labs cannot simply solve this problem themselves, Bar Kogan argues two structural points: first, enterprise buyers psychologically require independent third-party verification, similar to not trusting a car dealer to certify the car they're selling; second, Onyx has access to historical behavioral data about agents that enterprises won't share with the AI vendors themselves due to concerns about training data use. He also notes the multi-vendor reality of enterprise AI means no single lab can provide unified oversight.
The conversation touches on the threat of 'mythos-level' models dramatically lowering the cost of vulnerability discovery, which Bar Kogan frames as a genuine and underappreciated risk. He recommends enterprises invest immediately in foundational security controls rather than waiting, and advocates for broad access to advanced models rather than restricted rollouts, arguing that adversaries will develop these capabilities regardless.
Bar Kogan also discusses the Israeli security ecosystem's advantage — deep familiarity with how security teams operate day-to-day, what they care about, and what motivates them — as a key differentiator in building products security buyers actually adopt. He closes with a forward-looking view that security teams themselves will increasingly be run by agents, and that Onyx is already designing its systems to serve both human and agent end users.
About this episode
We are now closer than ever before to living in a world where AI agents are smart enough to run our power grids and manage water supplies. How do we keep them from going rogue? Sarah Guo sits down with Maxim Bar Kogan, founder and CEO of Onyx Securities, to explore the complexities of supervising and securing autonomous agents at the enterprise level. Maxim explains Onyx’s product as an AI control plane, which oversees the permissions and flexible contexts of agents while balancing latency, cost, and reliability. He also discusses how current controls have insufficient context to monitor agent intent, tradeoffs for gradual model rollout, the need for vendor-independent oversight, and Israel’s growing AI and security talent ecosystem. Plus, why Maxim is all-in on AGI. Sign up for new podcasts every week. Email feedback to [email protected] Follow us on Twitter: @NoPriorsPod | @Saranormous | @EladGil | @maximbarkogan Chapters: 00:00 – Cold Open 00:45 – Maxim Bar Kogan Introduction 01:10 – AutoGPT and Betting on Agent Actions 05:17 – What Onyx Product Does 07:47 – State of Deployment in Large Enterprises 09:58 – Securing Agents 12:45 – Why Proxies Don’t Work 14:11 – Why Onyx Trains Its Own Models 18:38 – Onyx’s Talent Culture 21:24 – Mechanistic Interpretability 23:35 – How Onyx Builds Customer Trust 25:10 – Mitigating Risk at the Foundational Level 27:45 – Phased Rollout of Glasswing and Daybreak 29:11 – Large Enterprise Holdouts 30:46 – Onyx and the Larger AI Security Space 32:36 – Should Labs Address Model Trust and Governance? 36:56 – What Needs to Happen in Security 39:14 – Why Maxim is AGI-Pilled 41:15 – Conclusion
Key Insights
- Bar Kogan argues that traditional identity and endpoint security tools fail against autonomous AI agents because those tools cannot understand the context or intent behind an agent's actions — they can see what is happening but not why.
- Onyx's core technical innovation is training very small, cheap models specialized solely at detecting when a more capable oversight agent needs to be invoked, solving the cost and latency problem of using frontier models for continuous monitoring.
- Bar Kogan claims that enterprises are unwilling to share historical agent behavior data with Anthropic or OpenAI because they fear those companies will use it for model training — giving independent security vendors like Onyx a structural data advantage.
- Bar Kogan distinguishes two categories of AI agent errors: 'silly mistakes' that will be solved by smarter models, and a growing category of semi-independent or misaligned judgments that grow more common as models get smarter and may be structurally harder for labs to fix.
- Bar Kogan argues that the enterprise security market is structurally open to a large independent AI oversight company because buyers psychologically require third-party verification — they won't trust the AI vendor to certify its own product's safety.
- Bar Kogan claims over 50% of AI usage in a typical enterprise customer is now autonomous coding agents and assistants, with that category growing faster than low-code automation platforms.
- Bar Kogan believes mechanistic interpretability research will become far more tractable once AI models are significantly smarter than humans, as those models will be better equipped to analyze the internal structure of other models.
- Bar Kogan argues that enterprises restricting AI adoption to a narrow set of approved tools are making a strategic mistake because the landscape is shifting so quickly that bets on specific vendors may become outdated within months.
Topics
Transcript
As you're exponentially doing more things with AIs, you're going to start having really bad actions happen. And we've seen some of that happen lately with agents accidentally publishing code and tokens that they weren't supposed to. Like, definitely, enterprises are starting to realize that that risk is growing exponentially and that they don't have any way to stop the adoption. They just now have to do something to reduce the chance of these agent actions being illegitimate or incorrect. But we're allowed to look at a lot of historical data of how these agents have behaved, but enterprises that are not willing to have anthropic or open AI give that historical data because they know these are very data-hungry…
Full transcript available for MurmurCast members
Sign Up to AccessMore from No Priors: Artificial Intelligence | Technology | Startups
Travel Through the Lens of AI with with Booking.com CEO Glenn Fogel
Glenn Fogel, CEO of Booking Holdings, discusses his 27-year journey from a struggling Priceline during the dot-com crash to a $130+ billion company, while reflecting on AI's transformative potential in travel, competitive moats, job displacement concerns, and the importance of meaningful work.
How Nuclear Will Unlock Energy Abundance with Valar Atomics Founder Isaiah Taylor
Isaiah Taylor, CEO of Valor Atomics, discusses how his company achieved the first nuclear power generation by a private startup through hardware iteration, simplicity-focused design, and organizational speed obsession. He argues nuclear energy's future depends on manufacturing-based scaling rather than design perfection, enabled by a regulatory environment that now allows experimentation through the Department of Energy pathway.
Re-engineering the Semiconductor Supply Chain with Intel CEO Lip Bu Tan
Intel CEO Lip Bu Tan discusses his strategy to transform Intel through cultural change, product simplification, foundry investment, and AI-driven demand. He shares his views on the semiconductor supply chain, government partnerships, and his venture capital philosophy built over decades of semiconductor investing.
The Rise of the Full-Stack Builder and Hyper-Leveraged Generalist with Microsoft CEO Satya Nadella
Microsoft CEO Satya Nadella discusses the company's AI ecosystem strategy at Build 2025, emphasizing that the goal is enabling every company to operate at the intelligence frontier with their own private models and evals. He covers topics ranging from MAI model training, agentic workflows, SaaS disruption, data center buildout, and societal impact of AI. Nadella argues that delivering tangible, broad economic benefits is essential for AI companies to maintain public trust and permission to operate.
The Story Behind Cerebras’ $63 Billion IPO with Founder and CEO Andrew Feldman
Andrew Feldman, co-founder and CEO of Cerebras, discusses his company's journey from building wafer-scale AI chips in the mid-2010s to achieving a $63 billion market cap post-IPO. He covers the technical and market challenges of being ahead of demand, the pivotal OpenAI and AWS partnerships, and his views on how speed in AI inference will unlock entirely new business models rather than merely improving existing ones.