Maxim Bar Kogan, CEO of Onyx Security, discusses building an AI guardian for enterprise to oversee autonomous agents. He emphasizes the need for specialized models to detect anomalous agent behavior, the unique challenges of securing increasingly autonomous AI, and the importance of an independent vendor in a multi-vendor AI landscape.
Summarized by Podsumo
Onyx Security trains specialized small models to act as a 'guardian' for AI agents, monitoring actions and flagging only high-risk events to minimize cost and latency.
The biggest catalyst for the company was AutoGPT, which revealed the potential for autonomous agents to act on behalf of users with API access, accelerating enterprise adoption.
Existing security tools (identity, endpoint, API) are insufficient for AI agents because they lack context on why an agent performs an action, making it hard to distinguish legitimate from malicious behavior.
Onyx benefits from being an independent vendor, as enterprises prefer not to trust a single AI lab to monitor its own agents, given labs' data-hungry nature and the need for cross-vendor oversight.
Maxim predicts that while agentic AI will eventually replace human security teams, the immediate focus must be on delivering a product that humans love using today, with future adaptation for agent end-users.
"As you're exponentially doing more things with the eyes, you're going to start having really bad actions happen. And we've seen some of that happen lately with agents accidentally publishing code and tokens that they weren't supposed to."
"I think auto GPT kind of let everyone's imagination, including ours run wild because it was a first really autonomous agent running on LLMs."
"If we knew that there's not going to be anyone who's going to release a mythos level model soon, I think that would be great... but if anyone gets to a mythos level model earlier, then in retrospect, we looked like a huge mistake because we could have at least given companies the choice to start moving very quickly."