Skip to content
No PriorsNo Priors

Building an AI Guardian for Enterprise with Onyx Security CEO Maxim Bar Kogan

We are now closer than ever before to living in a world where AI agents are smart enough to run our power grids and manage water supplies. How do we keep them from going rogue? Sarah Guo sits down with Maxim Bar Kogan, founder and CEO of Onyx Securities, to explore the complexities of supervising and securing autonomous agents at the enterprise level. Maxim explains Onyx’s product as an AI control plane, which oversees the permissions and flexible contexts of agents while balancing latency, cost, and reliability. He also discusses how current controls have insufficient context to monitor agent intent, tradeoffs for gradual model rollout, the need for vendor-independent oversight, and Israel’s growing AI and security talent ecosystem. Plus, why Maxim is all-in on AGI. Sign up for new podcasts every week. Email feedback to show@no-priors.com Follow us on Twitter: @NoPriorsPod | @Saranormous | @EladGil | @maximbarkogan Chapters: 00:00 – Cold Open 00:45 – Maxim Bar Kogan Introduction 01:10 – AutoGPT and Betting on Agent Actions 05:17 – What Onyx Product Does 07:47 – State of Deployment in Large Enterprises 09:58 – Securing Agents 12:45 – Why Proxies Don’t Work 14:11 – Why Onyx Trains Its Own Models 18:38 – Onyx’s Talent Culture 21:24 – Mechanistic Interpretability 23:35 – How Onyx Builds Customer Trust 25:10 – Mitigating Risk at the Foundational Level 27:45 – Phased Rollout of Glasswing and Daybreak 29:11 – Large Enterprise Holdouts 30:46 – Onyx and the Larger AI Security Space 32:36 – Should Labs Address Model Trust and Governance? 36:56 – What Needs to Happen in Security 39:14 – Why Maxim is AGI-Pilled 41:15 – Conclusion

Maxim Bar KoganguestSarah Guohost
May 28, 202641mWatch on YouTube ↗

CHAPTERS

  1. AI agents are scaling fast—and so are “bad actions”

    Maxim frames the core risk: as enterprises deploy more autonomous agents, the number of actions explodes and so does the probability of harmful or unintended behavior. Recent examples include agents leaking secrets, publishing tokens, or causing downtime—issues enterprises can’t solve by simply slowing adoption.

  2. Why Onyx bet early on autonomous agents (AutoGPT as the catalyst)

    Sarah and Maxim revisit the company’s origin thesis: security should focus on what agents do, not just what employees type into chatbots. AutoGPT provided an early glimpse of tool-using autonomy, and Maxim’s “AGI-pilled” view pushed him to prioritize oversight of increasingly capable systems.

  3. What Onyx builds: a guardian layer and a secure AI control plane

    Maxim gives a crisp product breakdown: Onyx trains models/agents to oversee other agents and productizes this into a control plane that discovers and hooks into enterprise AI systems. The purpose is to verify legitimacy of actions at machine scale when humans can’t keep up.

  4. Enterprise agent adoption today: three buckets and what’s growing fastest

    Onyx categorizes deployments into low-code automation platforms, first-party internal agents, and highly autonomous coding agents. Maxim observes that autonomous coding assistants are already a majority share and are growing the fastest—often with minimal controls.

  5. Why traditional security controls struggle with agentic systems

    Existing controls (identity, endpoint, API security) lack the contextual understanding of an agent’s intent and plan. Because enterprises often want agents to act with broad permissions, classic least-privilege approaches become harder to apply without destroying usefulness.

  6. Why “just use a proxy + policy engine” isn’t sufficient

    Maxim distinguishes integration from solving the core problem: even if you can proxy traffic, the hard part is deciding whether an action is appropriate. Many agent environments also can’t be neatly proxied due to where they run (cloud, third-party infra, endpoints).

  7. Why Onyx trains its own models: small specialists that call in “smart review”

    Onyx’s approach is to avoid running expensive frontier-model oversight for every action. Instead, they train small, specialized models that decide when to escalate to deeper inspection—optimizing for cost, latency, and reliability while still catching risky behavior.

  8. The blitz-chess analogy: intuition most of the time, deep calculation at critical moments

    Sarah proposes—and Maxim agrees—that effective oversight resembles high-level blitz chess: fast intuitive moves most of the time, with occasional slow, intensive calculation in critical positions. This mirrors selective allocation of compute to moments of high risk.

  9. Onyx’s talent DNA and Israel’s evolving AI-security ecosystem

    Maxim describes a hybrid culture combining cyber experience with deep AI research, reflecting both founders’ backgrounds. He argues Israel is catching up quickly in AI (models, infra, chips) while retaining strong security product instincts rooted in close contact with security buyers.

  10. Mechanistic interpretability as part of the long-term control solution

    Maxim defends the bet that understanding internal model structure (weights/activations) will matter for governance and safety. He suggests smarter-than-human models may help crack interpretability, enabling better understanding of intelligence and model behavior.

  11. Earning trust with Fortune-scale customers as a young company

    Sarah probes the trust gap: why would major enterprises rely on a small startup? Maxim argues acute pain and urgent risk drive buyers to evaluate new vendors, and security leaders prefer early partnership over doing nothing while adoption accelerates.

  12. Mythos and the collapse in cost of vulnerability discovery—how to respond

    They discuss the security shock from AI-assisted vulnerability research (Mythos as shorthand). Maxim argues the market isn’t overreacting: teams need quick mitigations now, but must build foundational controls across the stack—and AI needs its own foundational security layer.

  13. Controlled release of powerful security-relevant models (Glasswing/Daybreak)

    Maxim weighs gradual rollout: it buys defenders time, but could be disastrous if adversaries gain equivalent capability first. His recommendation is to assume these models will arrive regardless and to prepare with foundational controls now.

  14. Enterprise holdouts, tool diversity, and Onyx’s strategy in a fast-moving landscape

    Bans are rarer now; some regulated firms limit tools but still adopt agents. Maxim argues enterprises should allow multiple tools because leadership in models shifts quickly, while Onyx stays focused on stable primitives (LLMs + tool-using agents) while holding flexible views about post-2026 paradigms.

  15. Why model labs won’t fully own trust/governance—and why independence matters

    Maxim argues buyers want an independent certifier rather than the same vendor selling the model. He also notes enterprises won’t share rich historical behavior data with labs due to training concerns, and the multi-model world (closed + open) makes uniform lab-provided security unrealistic.

  16. What the broader tech world misses about security teams—and an AGI-shaped future

    Maxim highlights Israel’s strength in understanding how security organizations actually operate day-to-day, which is essential for product adoption. He also reconciles being “AGI-pilled” with building for today’s human buyers while anticipating security workflows increasingly executed by agents.

Get more out of YouTube videos.

High quality summaries for YouTube videos. Accurate transcripts to search & find moments. Powered by ChatGPT & Claude AI.

iOSAndroidClaudeChrome