AI Agents: Building Enterprise Guardians

In the burgeoning field of artificial intelligence, the integration of AI agents into enterprise workflows presents both immense opportunities and significant security challenges. Maxim Bar Kogan, Founder & CEO of Onyx Security, sat down with Sarah Guo, host of the No Priors podcast, to discuss the critical need for robust security measures when deploying AI agents.

Who is Onyx Security?

Onyx Security, founded by Maxim Bar Kogan and headquartered in New York, is building what it calls an AI Guardian: a control layer that sits between autonomous AI agents and the enterprise systems they act on, enforcing identity, scope, and data-access policies at runtime. The thesis is that as agents start initiating writes, payments, and code changes on their own behalf, existing IAM, DLP, and CASB tools do not recognize them as humans or as services, which leaves a governance gap that today's security stack does not cleanly fill.

The competitive landscape

Onyx is one of nearly twenty venture-backed startups working in the broader AI security category. The cohort below is grouped by stage; the funding figures are totals to date and the descriptions are intentionally factual rather than promotional. Most of these companies are selling into the same enterprise security buyer, with overlapping wedges around model security, agent governance, runtime defense, and AI compliance.

Series B and later

• Noma Security (Series B, $132M raised) — Protects the data and AI lifecycle from model build through production runtime. nomasec.com
• Zenity (Series B, $71.5M raised) — Security and governance for low-code/no-code AI agents and Copilot extensions inside enterprises. zenity.io
• Robust Intelligence (Series C, $64M raised; acquired by Cisco) — Real-time AI firewall and automated model testing. robustintelligence.com
• Patronus AI (Series B, $14.5M raised) — Independent evaluation and safety scoring for production LLM applications. patronus.ai

Series A

• Protect AI (Series A, $105M raised) — MLSecOps for the ML/AI supply chain, with visibility into model artifacts, dependencies, and runtime behavior. protectai.com
• WitnessAI ($85.5M raised) — Observability and policy enforcement across enterprise AI traffic, agents, and LLM interactions. witness.ai
• HiddenLayer (Series A, $56M raised) — Detection and response for adversarial attacks against deployed ML models. hiddenlayer.com
• Prompt Security (Series A, $35M raised) — Inline protection for enterprise generative AI usage, covering prompt-injection defense and outbound data-leakage controls. prompt.security
• Aim Security (Series A, $28M raised) — Guardrails for sanctioned and shadow generative-AI use across the enterprise. hakasecurity.com
• Cranium (Series A, $25M raised) — AI governance and compliance platform built around an AI bill of materials. cranium.com
• Knostic (Series A, $14.3M raised) — Need-to-know access controls for generative AI, aimed at preventing LLM oversharing in Copilot and RAG deployments. knostic.ai

Seed stage

• CalypsoAI (Seed, $15M raised) — Red-teaming and guardrail enforcement for LLM deployments. calypso.ai
• Lakera (Seed, $12M raised) — Lakera Guard, a prompt-injection and content-safety API for GenAI applications. lakera.ai
• Pillar Security (Seed, $10.5M raised) — AI security platform covering discovery, posture management, and runtime protection. akod.ai
• DeepKeep (Seed, $10M raised) — Generative-AI risk assessment and runtime defense. deepkeep.ai
• Apex Security (Seed, $7M raised) — Enterprise security platform for safe AI adoption. apexhq.ai
• Lasso Security (Seed, $6M raised) — LLM cybersecurity across enterprise touchpoints where models meet business data. lasso.security
• Operant AI (Seed, $5M raised) — Runtime security for AI and agents inside inference infrastructure, with a Kubernetes-native focus. operant.ai

The structural question hanging over the category

The question worth naming, and one that applies to every company on the list above (Onyx included), is whether the model developers themselves will absorb most of this functionality over time. Anthropic, OpenAI, and Google ship the models the rest of the stack depends on, and each is steadily adding native guardrails, evaluation suites, and agent governance to their enterprise tiers. A founder building Claude- or GPT-shaped controls today has to assume the model provider can ship the same capability as a standard feature in a future SDK update.

This is also visible to anyone using a tool like Claude Code in production: ask the model to audit an operation, generate guardrails, write threat models, and harden an inference pipeline, and the artifact you get back is competent and effectively free at the margin. Multiplied across every engineering team, that pattern puts steady pressure on the "we secure the LLM" wedge.

The startups in the cohort above have credible counterarguments. Enterprise buyers often want an independent third party in the path rather than the same vendor selling both the model and the controls on it; the agent layer needs runtime telemetry no model developer is likely to expose by default; regulated industries demand attestable separation between the model provider and the policy enforcement layer. Those arguments are reasonable, and they may well prove durable. They are also the arguments every company on the list will have to make to buyers, investors, and acquirers over the next 18 months.

For now, the category remains crowded, well-funded, and in active competition for the same enterprise design wins.

The Rise of Autonomous AI Agents

Bar Kogan highlighted the increasing sophistication of AI agents, noting their ability to perform complex tasks autonomously. He explained that these agents, powered by large language models (LLMs), are designed to interact with various enterprise systems, including databases, SaaS platforms, and cloud resources. This integration, while powerful, introduces a new attack surface and potential vulnerabilities.

He pointed to recent incidents where AI agents, due to misconfigurations or unintended actions, have caused significant data loss or security breaches. These events underscore the growing concern among enterprises about the potential for AI agents to cause "really bad actions" if not properly managed.

The Expanding Risk Landscape

The core of the discussion revolved around the escalating risk associated with AI agent adoption. Bar Kogan illustrated this with a graph showing how the risk grows exponentially with the increased adoption of AI agents. He emphasized that enterprises are realizing they lack adequate mechanisms to stop or even control these agents once deployed.

"They don't have any way to stop the adoption, they just now have to do something to reduce the chance of these agent actions being illegitimate or incorrect," Bar Kogan stated. This realization is driving a demand for specialized security solutions that can monitor, audit, and govern AI agent behavior.

Onyx Security's Approach: The AI Guardian

Onyx Security aims to address these challenges by building an "AI Guardian" for enterprises. Bar Kogan explained that their platform provides comprehensive visibility into AI agent activity across the entire AI lifecycle. This includes monitoring agent interactions, auditing actions for compliance, and ensuring that AI systems operate within defined governance frameworks.

Key features of Onyx Security's solution include:

• AI Observability: Gaining real-time visibility into AI prompts, responses, and agent actions across an organization's stack.
• AI Security Posture Management: Hardening configurations, identifying supply chain risks in AI models and assets, and protecting against prompt injection and adversarial manipulation.
• AI Governance: Setting rules and enforcing them through natural language policies, satisfying security standards, and complying with regulatory frameworks like the EU AI Act.

Bar Kogan elaborated on the shift from basic security measures to a more proactive and integrated approach. "We're allowed to look at a lot of historical data of how these agents have behaved, and then we can start to deduce that they are not willing to have opaque AI or give that historical data because they know these are very data-handing companies that will want to train on that data," he explained.

The Evolution of AI Agent Security

The conversation touched upon the early days of AI agents, referencing models like GPT-3, which, while groundbreaking, were also the first step towards more sophisticated and autonomous agents. Bar Kogan noted that while these early models provided a glimpse into the future, their capabilities were limited compared to today's advanced systems.

He recounted the early days of his company, stating, "We were also too early. Models weren't good enough. GPT-4 was not good enough." However, he emphasized that the core idea of enabling AI agents to perform complex tasks remained sound. The challenge was in the execution and the subsequent need for robust security and governance.

Bar Kogan highlighted the importance of understanding not just what AI models can do, but how they do it. "The fact that you're able to build, to train, to deploy, to manage, to monitor, is what is going to make the difference between the companies that get this right and the companies that get this wrong," he asserted.

Key Takeaways for Enterprises

For enterprises looking to adopt AI agents, Bar Kogan offered crucial advice:

• Prioritize Security and Governance: Implement robust security measures and governance frameworks from the outset.
• Gain Visibility: Understand the actions and data flows of AI agents across the enterprise.
• Control and Oversight: Ensure mechanisms are in place to monitor, audit, and control AI agent behavior to prevent unintended consequences.
• Choose the Right Tools: Select specialized security solutions that can manage the unique challenges posed by AI agents.

The discussion concluded with an optimistic outlook on the future of AI agents, provided that security and governance are treated as paramount. Onyx Security's mission is to empower enterprises to harness the power of AI safely and effectively, building an "AI Guardian" that ensures responsible and controlled AI integration.