Okta held its Showcase event in New York City this week. I had an opportunity to attend the livestream among many of its partners and customers in the famed Rockefeller Plaza to learn more about Okta’s ambitions to capitalize on the need for stronger AI agent security. With a continued theme of summarizing my event attendance with three big takeaways – let’s dive in!
An Agentic Blueprint To Secure Enterprises
Founder and chief executive Todd McKinnon kicked off Okta Showcase, speaking to the power of agentic AI and what the company is doing broadly with its Okta for AI Agents platform to secure non-human identities and safeguard against its weaponization (more to follow on that platform shortly).
What intrigued me was McKinnon’s articulation of an agentic blueprint that guides its internal development. It focuses on three key attributes: where are my AI agents, what can they connect to, and what can they do? It is a simple yet powerful construct. In my continual conversations with customers across a wide swath of industries, agent observability is a blind spot. Given the extensive experimentation underway within many organizations, discovering what is active agent-wise within an infrastructure estate is a critical first step in implementing guardrails.
The second challenge is AI agent connectivity. The Model Context Protocol, developed by Anthropic as an open-source standard, and Google’s Agent2Agent protocol have gone a long way toward standardizing how agents communicate, but there are still concerns. SaaS applications, service accounts, and privileged access to high-value credentials must all be vetted. Furthermore, agentic frameworks are bespoke, built on open-source code that is often siloed within developer operations and not disclosed to security operations teams. At a higher level, one of the most significant challenges will be ensuring that the myriad of agentic frameworks properly coordinate with one another, and do so safely and securely.
Finally, from a functionality standpoint, it is important to understand what provisions exist for runtime enforcement of AI security, lifecycle management, human-in-the-loop, and auditability. Okta aims to implement this clearly defined blueprint with its Okta for AI Agents platform.
What Is Okta for AI Agents?
Okta’s take is that AI security is identity security, and I wholeheartedly agree. The company’s seventeen years in IAM, PAM, and governance provide it with a unique perspective on what is required for the inventory, permissioning, and privilege management of non-human agents.
With an expected general availability on April 30, 2026, Okta for AI Agents will enhance observability by extending agent integrations in the Okta Integration Network, building on a catalog supporting over 8,000 popular AI agent solutions. From an agent connectivity perspective, Okta is developing an agent gateway to serve as a centralized control plane with virtual MCP server capabilities and support for privileged credentials and API access management. Finally, imbuing context and intent will become important in evaluating functional risk. To address this essential element, Okta is developing deeper governance features to maintain control of AI agents, supported by richer system logs that evaluate tool and API calls and feed into an organization’s SIEM to support runtime enforcement.
An Agentic Kill Switch
One of the most impressive features of the Okta for AI Agents platform may be its Universal Logout for AI Agents. It is essentially an agentic kill switch feature that can be used to govern unsanctioned and rogue AI agents. Given today’s silos between AI DevOps and SecOps teams, this capability could be a game-changer, providing the assurance organizations need to build trust in AI. Airgap Networks developed a similar kill switch to neutralize ransomware attacks, and Zscaler validated that architectural approach when it acquired the company two years ago.
Final Thoughts
Okta is surging. In its most recent 4Q and fiscal year-end financial results reported earlier this month, the company beat Wall Street expectations with double-digit top-line revenue growth. However, Okta faces formidable competition in agentic AI security with Palo Alto Networks’ recent close of identity leader CyberArk and Austin-based SailPoint’s strong IGA portfolio.
With that said, my former employer, Dell Technologies, was invited to the Okta Showcase to present its internal efforts to safeguard the use of generative and agentic AI. The company’s global chief technology and AI officer, John Roese, shared his insights on the ongoing collaboration with Okta for its own internal agentic AI security measures. Dell refers to its AI development efforts as “Customer Zero,” and at its analyst event last year in Austin, I left impressed with the approach. It enables Dell to be the first user of its AI tools internally, and the company shares the resulting learnings with customers to accelerate AI adoption and prioritize use cases.
From my perspective, Okta’s deep partnership with an undisputed AI factory infrastructure leader speaks volumes to its potential and capabilities to safeguard the deployment of agentic AI.
