AI Summary
→ WHAT IT COVERS Maxim Bar Kogan, CEO of Onyx Security, explains how his Israel-based startup trains specialized small models to oversee autonomous AI agents in enterprise environments, addressing a security gap that existing identity, endpoint, and API tools cannot fill as agent deployments grow exponentially across Fortune 500 companies. → KEY INSIGHTS - **Enterprise agent breakdown:** In a typical enterprise today, autonomous coding agents like Claude Code and Cursor account for roughly 50% of AI deployments, low-code automation platforms represent 45%, and internally built first-party agents make up the remaining 2-5%. Autonomous coding agents are currently the fastest-growing category and arrive with virtually no built-in security controls. - **Why existing security tools fail agents:** Identity security requires scoped permissions, but enterprises must grant agents broad access to be useful. Endpoint and API security tools cannot evaluate agent intent — they cannot distinguish between Claude Code legitimately deleting a database versus doing so erroneously on an unrelated task. Context-aware oversight requires purpose-built tooling. - **Small model triage architecture:** Rather than running a full frontier model to monitor every agent action, Onyx trains small, narrow models with one function: deciding whether a smarter oversight agent needs to intervene. This two-tier approach keeps latency low and costs viable while preserving high-quality review for genuinely risky actions. - **Independent vendor advantage over labs:** Enterprises refuse to share historical agent behavior data with Anthropic or OpenAI, fearing it will be used for training. Third-party security vendors like Onyx can access that behavioral history without conflict of interest, enabling anomaly detection the labs structurally cannot perform — a durable competitive moat as multi-vendor AI environments expand. - **Mýthos-level vulnerability risk response:** Automated vulnerability research, once considered decades away, is arriving now. Security teams should prioritize immediate patching of known vulnerabilities while simultaneously deploying foundational AI-specific controls — identity lockdown, endpoint detection, and an AI security control plane — rather than waiting for labs to phase-release advanced offensive-capable models gradually. → NOTABLE MOMENT Bar Kogan reveals that large enterprises are now sanctioning OpenAI's operator-level tools company-wide, driven directly by CEO mandates rather than security team approvals — a reversal of the traditional procurement flow that signals how urgency around AI productivity is overriding standard enterprise security governance processes. 💼 SPONSORS None detected 🏷️ AI Agent Security, Enterprise AI Governance, Mechanistic Interpretability, Autonomous Coding Agents, Israeli Tech Ecosystem