Onyx Security Raises $40M to Govern Autonomous AI Agents Inside Enterprises

A cybersecurity startup focused exclusively on governing autonomous AI agents has emerged from stealth with $40 million in venture backing, signaling investor belief that a new category of enterprise risk is taking shape.

Onyx Security, funded by Conviction and Cyberstarts, is building what it calls a Secure AI Control Plane—a centralized platform designed to monitor, approve, and intervene in the actions of AI agents operating across business functions. The company argues that traditional security tools were designed to protect software, not to manage systems that reason, decide, and act independently within critical workflows.

The platform uses proprietary AI models and supervisory agents to analyze how deployed AI systems make decisions. It can block actions, require human approval, or redirect an agent's reasoning in real time, according to the company. The system continuously identifies AI agents inside an organization, monitors their logic, and enforces compliance with security and governance policies.

"These are not just software tools to be protected—they are systems that make decisions, access sensitive information and are integrated into critical business processes," said Hila Zigman, a partner at Cyberstarts. "Onyx is building a solution designed for the AI era rather than trying to adapt legacy tools."

The company's thesis rests on the premise that AI agents—increasingly deployed in engineering, customer service, and operations—introduce operational and security risks through unpredictable behavior. Errors in reasoning, so-called hallucinations, and vulnerabilities to prompt injection attacks can lead to unintended actions with business consequences.

(The launch comes as enterprise IT leaders report that more than 90 percent see productivity gains from AI adoption, according to industry research cited by security analysts, even as concerns mount over fragmented infrastructure and governance gaps.)

The emergence of Onyx reflects a broader shift in how security leaders are framing AI risk. Rather than treating AI as a tool to be secured like any other application, a growing cohort of investors and practitioners now view agentic AI as a distinct category requiring purpose-built oversight. Some observers have begun advocating for identity and governance architectures that treat AI agents as autonomous actors, not passive software, arguing that fragmented infrastructure poses a greater threat than the algorithms themselves.

The funding round positions Onyx alongside a nascent field of startups and frameworks exploring how to govern multi-agent systems. Parallel efforts, including concepts like Artificial General Decision Making and human-centric AI augmentation, emphasize preserving human agency while enabling networks of specialized agents to support decision-making at scale. Ethical frameworks such as transparent value alignment and neural data governance are emerging as counterweights to the risks of autonomous systems, though consensus on implementation remains elusive.