Nadav Cornberg on Securing AI Agents in the Enterprise | Ep 1236 - The Digital Executive

Summary4 min read

Podcast Summary: The Digital Executive Episode: Nadav Kornberg on Securing AI Agents in the Enterprise | Ep 1236
Date: April 22, 2026
Host: Coruzant Technologies
Guest: Nadav Kornberg, CEO & Co-founder, Eve Security

Episode Overview

This episode centers on the rapidly emerging field of AI agent governance in the enterprise, as Nadav Kornberg discusses how his company, Eve Security, is working to ensure AI agents operate safely, transparently, and within organizational guardrails. Nadav shares experiences from his career in security, highlights the unique challenges of deploying autonomous AI systems in critical business environments, and explores the structures and frameworks needed to build trust as AI agents grow in influence.

Key Discussion Points & Insights

1. Nadav’s Journey to AI Agent Governance

(02:44–04:26)

Nadav’s earlier role at Checkpoint coincided with the influx of mobile devices into enterprises, presenting the new security challenge of controlling “untrusted entities that have a lot of privileges.”
This experience revealed parallels with deploying AI agents today:

“We’re now introducing these strangers, these digital strangers into an organization and we need to connect them up to these critical systems.” (03:53)
Securing autonomous AI agents is likened to managing privileged but unfamiliar actors within a business.

2. The Problem Eve Security Solves in Enterprise AI Adoption

(05:27–07:04)

With the ease of integrating AI agents into systems like Salesforce or GitHub, Nadav saw a major risk:

“We know that AI agents will perform unintended behaviors...if things go wrong, it could go really, like really, really bad.” (05:53)
Legacy alert-only solutions are insufficient—real-time governance and prevention are needed:

“If you will send a message saying, well, guess what, production just got deleted. Well, that doesn’t really help the company.” (06:18)
The focus shifts from detection/notification toward active, automated prevention and control, responding directly to CISOs who demand not just information, but actionable safeguards.

3. Agent-in-the-Loop Oversight vs. Human-in-the-Loop: A New Paradigm

(07:53–10:23)

Nadav explains:

“An organization of 50, 100 people could have a thousand agents. They will not scale the need to have an agent in the loop...” (07:57)
Agent-in-the-loop acts like a security manager for digital agents, automating risk assessment and intervention for AI activity at scale.
Humans are reserved for escalations involving high-risk, critical tasks:

“Human in the loop really needs to be saved for those critical moments...and all the thousands, if not millions, requests that are coming in from agents...” (10:02)
This layered approach blends AI efficiency with human judgment, reflecting a shift toward autonomous but supervised agentic workforces.

4. The Future of AI Agent Governance and Trust Frameworks

(11:17–13:47)

Nadav draws parallels between digital and physical task forces:

“There are going to be more concepts of when agents want to operate, how are they going to request additional permissions or escalate their permissions.” (11:25)
Emphasizes a division between “who is doing the work” (agents) and “who is approving” (human or higher-level agent).
Future frameworks will enable permission escalation, monitoring, and real-time governance to maintain business continuity without undue risk.
Anticipates regulatory and industry standards sparked by eventual “cataclysmic events” (i.e., breaches):

“When that cataclysmic event happens...that’s going to start bringing more standards and frameworks into place to prevent that.” (13:03)
The agentic workforce is here to stay; governance must evolve to keep pace.

Notable Quotes & Memorable Moments

On the similarity between mobile device adoption and today’s AI agent challenge:
“It was very much, wow, we’re now introducing these strangers, the digital strangers into an organization and we need to connect them up to these critical systems.” – Nadav Kornberg (03:47)
On why real-time governance matters:
“It's not enough to have the classic, well, let me just notify you if something goes wrong...we really understood that for us to provide a solution...it really needs to be something that governs it in real time.” – Nadav Kornberg (06:12)
On agent-in-the-loop versus human-in-the-loop scalability:
“Organization of 50, 100 people could have a thousand agents. They will not scale the need to have an agent in the loop.” – Nadav Kornberg (07:57)
On preparing for high-risk AI actions:
“You need to have something that's governing them and saying whoa, whoa, whoa, why are you now trying to take this test? You've never done this before and really alter them or guide them in the right direction.” – Nadav Kornberg (09:44)
On the inevitability of future standards:
“When that cataclysmic event happens...that's going to start bringing more standards and frameworks into place to prevent that. But the agentic workforce is not going away and we will need to continue to improve that...” – Nadav Kornberg (13:06)

Timestamps for Key Segments

| Timestamp | Segment | |------------|-----------------------------------------------------------| | 02:44–04:26 | Nadav’s security background and lessons from Checkpoint | | 05:27–07:04 | Rationale for real-time AI agent governance | | 07:53–10:23 | Agent-in-the-loop vs. human-in-the-loop explained | | 11:17–13:47 | Future frameworks and trust in AI agent governance |

Language & Tone

Nadav’s tone is pragmatic, direct, and rooted in real-world security experience, often using analogies to connect past and current technology shifts. The conversation is focused, technical but relatable, with a sense of urgency around proactive security and responsible AI deployment. The host’s tone is engaged and affirming, reinforcing the importance of Nadav’s insights and reflecting shared concerns for enterprise security.

For listeners who haven’t tuned in: This episode offers a concise, expert-led primer on the urgent need for sophisticated AI agent governance in business. Nadav Kornberg explores both the technical and organizational facets of keeping AI safe and useful—anticipating not just today’s challenges but the standards enterprises will demand tomorrow. If you’re involved in enterprise tech or cybersecurity, Nadav’s insights are both a reality check and a roadmap for action.

Loading summary

Transcript24 lines

[00:00]
Pharmaceutical Advertiser
Chronic migraine is 15 or more headache
[00:02]
days a month, each lasting four hours or more. Botox Onobotulinum toxin a prevents headaches in adults with chronic migraine before they start. It's not for those with 14 or fewer headache days a month. It prevents on average eight to nine headache days a month versus six to seven for placebo.
[00:18]
Prescription Botox is injected by your doctor. Effects of Botox may spread hours to weeks after injection causing serious symptoms. Alert your doctor right away as difficulty swallowing, speaking, breathing, eye problems or muscle weakness can be signs of a life threatening condition. Patients with these conditions before injection infection are at highest risk. Side effects may include allergic reactions, neck and injection site pain, fatigue and headache. Allergic reactions can include rash, welts, asthma symptoms and dizziness. Don't receive Botox if there's a skin infection. Tell your doctor your medical history, muscle or nerve conditions including als, Lou Gehrig's disease, Myasthenia gravis or Lambert Eaton syndrome, and medications including botulinum toxins as these may increase the risk of serious side effects.
[00:54]
Why wait? Ask your doctor. Visit botoxchronicmigraine.com or call 1-844botox to learn more. Starting a business can seem like a daunting task unless you have a partner like Shopify. They have the tools you need to start and grow your business. From designing a website to marketing to selling and beyond, Shopify can help with everything you need. There's a reason millions of companies like Mattel, Heinz and Allbirds continue to trust and use them. With Shopify on your side, turn your big business idea into Sign up for your $1 per month trial@shopify.com SpecialOffer Foreign.
[01:38]
Podcast Host
Technologies, home of the Digital Executive Podcast. Do you work in emerging tech? Working on something innovative? Maybe an entrepreneur? Apply to be a guest at www.corazon.com brand welcome to the Digital Executive. Today's guest is Nadav Kornberg. Nadav Kornberg is the CEO and co founder of Eve Security, a platform that governs and monitors autonomous AI agents in real time, ensuring they operate securely, transparently and within enterprise defined guardrails. He is an expert in the emerging field of executive level AI agent governance, specializing in how organizations can safely deploy, monitor and control autonomous systems entrusted with high stakes decision making as enterprises rapidly adopt agentic AI to operate across critical business functions. Nadav brings a pragmatic and technical perspective on ensuring these systems remained aligned, observable and secure, particularly across what he calls the crown jewels, a company's most critical business systems well, good afternoon, Nadav. Welcome to the show.
[02:43]
Nadav Kornberg
Good afternoon. Good to see you.
[02:45]
Podcast Host
Absolutely, my friend. Yeah, appreciate that. Really do. I know you're hailing out of Austin, Texas, so we're in the same time zone today and I appreciate that. And Nadav, if you don't mind, I'm going to jump right into your first question. You've become a leading voice in AI agent governance and now lead EVE Security. What experience has shaped your journey to focusing on securing and governing autonomous AI systems?
[03:10]
Nadav Kornberg
So in my past, when I was at Checkpoint, it was just when mobile devices were introduced into organizations, just when the iPhones came out. And at the time I was leading the effort of how do we now securely introduce this new technology that is owned by individuals. And that was a new paradigm and concept of how organizations are going to deal with all the capabilities that these devices have and the needs that people have to now improve their day to day workload. You could do so many things from your phone, but just not from your laptop. And when you combine that with even my previous startup of how do you kind of trust the untrusted when we were dealing with just hospitality and different people coming in, those two, if I really need to think about the two problems that we're solving, both of them is kind of an untrusted entity that has a lot of privileges in an organization. And when you look at AI today, when I was thinking about this problem, it was very much, wow, we're now introducing these strangers, the digital strangers into an organization and we need to connect them up to these critical systems. This is going to be a challenge for CISOs to manage this definitely from a perspective of how things can go wrong with those critical systems.
[04:26]
Podcast Host
Thank you, really appreciate that. And I like the backstory here. Your journey when you started out, I know smartphones were just being introduced back in the day and when you worked at Checkpoint, and I agree technology makes life's life easier for us for the most part, except for people like you and me, Nadav, where security is a big concern. And I appreciate the fact that you're trying to secure the world and make it a better place so we can continue to use these amazing devices. But at the same time, we gotta
[04:57]
Microsoft Advertiser
study and play, come together on a Windows 11 PC. And for a limited time, college students get the best of both worlds. Get the unreal college deal, everything you need to study and play with select Windows 11 PCs. Eligible students get a year of Microsoft 365 Premium and a year of Xbox game Pass ultimate with a custom color Xbox wireless controller. Learn more@windows.com studentoffer while supplies last ends June 30th terms at aka Ms. CollegePC
[05:28]
Podcast Host
be on the lookout for the bad actors out there. So I appreciate that. And Nadav Eve Security is focused on governing and monitoring autonomous AI agents in real time. What problem did you see in enterprise AI adoption that made this platform necessary?
[05:45]
Nadav Kornberg
At the time when we were thinking about the concepts of what we wanted to work on, it's just when MCP was adopted by Anthropic and when we were talking with CISOs, it became very clear that the ability to just hook up an AI agent to a new system is going to be extremely easy. We know that AI agents will perform unintended behaviors, combining that with critical systems like Salesforce, GitHub, what have you. Again, it was just very clear that if things go wrong, it could go really, like really, really bad. So when we're looking at auctions that were out there, it's not enough to have the classic, well, let me just notify you if something goes wrong, because if you will send a message saying, well, guess what, production just got deleted. Well, that doesn't really help the company. So we really understood that for us to provide a solution that solves the CISO's needs, it really needs to be something that governs it in real time so that things that could go extremely wrong from an operational perspective will be blocked. And that's what we see a lot of times, a differentiation when we have the conversations. That is where CISOs are driving the conversation to I don't just know about it, I want to prevent it, I want to control it. That's where we focused our solution.
[07:05]
Podcast Host
That's amazing. Just went to a conference recently and talked to CISOs about this exact same thing. And you're absolutely right. As you said, these AI agents certainly are introducing new problems for the security landscape. But which what you talked about here is having that governance in real time. Prevention is absolutely key after the fact that while you may be able to detect something and minimize that the damage that was done, it's best always to prevent in advance and be more proactive. So I appreciate that. Nidav, the concept of agent in the loop oversight is central to your work. How does this approach differ from traditional human in the loop models and why is it better suited for autonomous systems?
[07:53]
Nadav Kornberg
I'll say how it's similar, how it differs. The similarities are really an agent in the loop really needs to do the same tasks in some way that a human in the loop does. The Thing it's. It's about scalability. An organization of 50, 100 people could have a thousand agents. They will not scale the need to have an agent in the loop. And I'll explain what does an agent do just like a human in the loop does it needs to be able to assess is this a normal behavior or is this some level of anomaly? Why is this employee operating this way? What's the level of risk for the organization? Do I need to have a conversation with this employee on what they're about to do?
[08:35]
Pharmaceutical Advertiser
When you need to build up your team to handle the growing chaos at work, use indeed sponsored jobs. It gives your job post the boost it needs to be seen and helps reach people with the right skills, certifications and more. Spend less time searching and more time actually interviewing candidates who check all your boxes. Listeners of this show will get a $75 sponsored job credit@ Indeed.com podcast. That's Indeed.com podcast. Terms and conditions apply. Need a hiring hero. This is a job for indeed sponsored jobs.
[09:05]
Nadav Kornberg
And then do I need to maybe alter their way of thinking or the way they want to operate their task? When we're dealing with a agents, it's very much and this agent in the loop is very much like considered a manager or security manager in an organization. We're seeing people performing their day to day tasks in, in the. I think we have a pure intent of doing well for the business. But sometimes it's risky from a security perspective. And that's why you have people that are monitoring the security from a physical and employee perspective perspective. But when you look at AI agents, they're very naive in the options that they want to complete tasks. And you need to be able to have something that's governing them and saying whoa, whoa, whoa, why are you now trying to take this test? You've never done this before and really alter them or guide them in the right direction. And for that you need to have a digital component that can handle the sheer amount of tasks that are being done and scale that's going to grow. And so human in the loop really needs to be saved for those critical moments where well, this is a task that is so high risk and it's trying to be executed. And I myself as an agent in the loop, I want to escalate to what we call my manager, which is a human in the loop to get them involved in this task. Really want to save those moments for a human to deal with those. And all the thousands, if not millions requests that are coming in from agents at A given moment.
[10:23]
Podcast Host
Thank you. Really appreciate that. And we talk about that all the time, Human in the loop. But in your case here, that these agents need to do the same tasks as humans, obviously at scale, need to process and make these decisions like humans. But for those bigger decisions or those critical tasks, we still need to keep the humans in the loop for those. Obviously that's really important and really like how AI has really improved the way it works at scale with its accuracy. Now, I know a couple years ago it wasn't quite there, but now it is really making a big difference and it is certainly a game changer. So thank you again. Nadav, the last question of the day. As we look ahead to the future, how do you see AI agent governance evolving over the next decade and what frameworks or standards will be essential for building trust in autonomous systems?
[11:17]
Nadav Kornberg
I can see a lot of parallels between what's happening today in the physical world and to the digital world. There are going to be more concepts of when agents want to operate, how are they going to request additional permissions or escalate their permissions. There's going to be an aspect of dividing who is actually doing the work to who's approving the work. They're going to be. As I, as I mentioned, when we're looking at the physical task force, there are going to be a lot of paradigms that we're using there that will have to be applied to agents. The way that today things are operating are very open. The way that communication can happen between agents, the way that they can take actions. There will have to be frameworks in place that will allow the escalation of requests for critical tasks to be done, to be monitored and governed in such a way that allows business continuity.
[12:14]
Pharmaceutical Advertiser
Ready to soundtrack your summer with Red Bull Summer All Day Play. You choose a playlist that fits your summer vibe the best. Are you a festival fanatic, a deep end dj, a road dog or a trail mixer? Just add a song to your chosen playlist and put your summer on track. Red Bull Summer All Day Play Red Bull gives you wings. Visit red bull.com brightsummer ahead to learn more. See you this summer.
[12:40]
Nadav Kornberg
But checks all the boxes and I think today we are definitely driving business. We're taking what people say, calculated risks from a security perspective. When that cataclysmic event happens where there's a big breach, I think that's going to start bringing more standards and frameworks into place to prevent that. But the agentic workforce is not going away and we will need to continue to improve that, to make sure that at scale, the business is not exposed to any risk of being able to operate and serve the business's customers without thinking about, well, what was going to happen to how is an agent going to go rogue tomorrow. So to the point of, as I mentioned, the frameworks and the standards are going to evolve definitely when it comes from the ability to approve critical tasks, that the impact of them being executed could be extremely harmful to the organization. There will need to be a framework for that.
[13:47]
Podcast Host
Thank you. You talked about the parallels in the physical and the digital world. Obviously there's many paradigms in the physical world network that will need to be applied in the digital world. You talked about that a little bit there. But the standards and frameworks must be foundational. Of course we'll need to evolve and improve those over time as we introduce more and more of these AI agents into play. And I think that's really important. And again, you highlighted some of the things that AI agents can do today. But again, certain critical decisions, certain standards and frameworks must be in place in order to work, to have this work as best as we can in this ever changing, secure cyber world we live in. So I really appreciate that and adav, it was such a pleasure having you on today and I look forward to speaking with you real soon.
[14:36]
Nadav Kornberg
Thank you so much for having me.
[14:38]
Podcast Host
Bye for now.
[14:48]
Columbia Advertiser
You can't reason with the sun. Trust us, we've tried. This summer, it's time to put that angry ball of fire on mute. Columbia's Omnishade technology is engineered to protect you from the sun's harsh rays that can burn and damage your skin. The sun is relentless, but so is our gear. Level up your summer@columbia.com to spend more time outside and less time slathering on aloe lotion. You're welcome, Columbia. Engineered for whatever.