Onyx Security Raises $40 Million to Guard Against Rogue AI Agents

A cybersecurity startup focused exclusively on managing risks from autonomous artificial intelligence systems has emerged from stealth with $40 million in backing, underscoring growing enterprise anxiety over AI agents that can act independently within corporate networks.

Onyx Security announced funding from venture firms Conviction and Cyberstarts to build what it calls a Secure AI Control Plane, a centralized platform designed to monitor and intervene when AI agents exhibit unpredictable behavior or make decisions that violate security policies. The system uses proprietary AI models to analyze how deployed agents reason through tasks and can block actions, require human approval, or redirect decision-making in real time.

The company is betting that traditional cybersecurity architectures cannot adequately protect against systems that do not simply process data but actively make choices, access sensitive information, and integrate into critical workflows across departments like engineering and customer service. AI agents are increasingly deployed to handle tasks autonomously, but their capacity for reasoning errors or susceptibility to prompt injection attacks creates operational vulnerabilities that existing tools were not designed to address.

"These are not just software tools to be protected — they are systems that make decisions, access sensitive information and are integrated into critical business processes," said Hila Zigman, a partner at Cyberstarts. "Onyx is building a solution designed for the AI era rather than trying to adapt legacy tools."

The platform continuously identifies AI agents operating inside an organization, monitors their reasoning processes, and enforces compliance with governance policies. Onyx positions the technology as essential infrastructure for companies seeking to adopt AI agents at scale without exposing themselves to unintended consequences from hallucinations or adversarial manipulation.

(Onyx Security has not disclosed customer names, pricing details, or the specific technical architecture underlying its supervisory agent models. The company did not specify whether its platform operates on-premises or as a cloud service.)

The launch reflects a broader shift in enterprise security priorities as AI systems transition from passive analytical tools to active participants in business operations. While established cybersecurity vendors have begun adding AI-related features to existing products, Onyx is among the first startups to build a dedicated platform around the premise that autonomous agents represent a fundamentally new attack surface requiring purpose-built defenses.