Transcript
We reserve the right to change the information in this presentation. More information can be found in our security filings. Please welcome Okta's Chief Executive Officer and Co-Founder, Todd McKinnon. It's great to see you all at Showcase. We're going to talk about our industry, and we're going to talk about our products. In November, we introduced Okta for AI agents to the world. And it's our most important product ever. Our most important product ever. It's simple on the surface. It's in the name. Okta connects your people to your technology, your customers to the technology they need to interact with your organization. And so it's Okta for AI agents. AI agents are the future, exciting foundational technology, and Okta for AI agents makes that connection for agents. And the response from all of you and the industry at large has been unlike anything I've seen in my career. It's the interest and the relevance of this product. And we've had hundreds and hundreds of meetings to talk about this product. It's been purchased by dozens of companies. And it's in production by several companies at this early date, getting real value, securing and managing their AI agents, which is an incredible uptake. And it's not surprising because if anyone that's paid attention to technology, we know that the future is agentic. The future is agentic. And there's different takes on this. And I think it's important to understand how we view this to put the broader context of what we're doing and frame it up for everyone. People talk about agentic as a new thing. It's a new layer. It's a new set of capabilities. I see it differently. I think it's the future of all of technology. By the way, all of not just enterprise technology, but all of technology. AI agents and autonomous behavior of technology is where the world's going. It's going to change how we seek and find information. It's going to change how products and services are delivered to customers. It's going to change how companies are getting productivity out of their workforces, how they're automating things, how they're getting insights, how they're fundamentally rethinking the core of what they do. And it's not like it's going to be delivered by one company or a set of companies. Everything is going to be agentic. Your existing vendors are going to overhaul their software to have autonomous agentic capabilities or they're going to be disrupted. Startups are going to have new agentic services and solutions. There's going to be existing categories change. Categories are going to merge. There's going to be whole new categories of true digital workers that are going to push existing vendors. You're going to build your own agentic systems. You're going to create much better customer experiences. So it's a profound change. In fact, I think in five years or so, we're probably not going to refer to agentic technology. It's just going to be technology. So we're talking about the greatest transformation of technology in my career. I've been working professionally for 30 years now, so I've seen internet, I've seen cloud, I've seen mobile. And this is by far the biggest change. It's changing at so many levels. It can be daunting and overwhelming, but it can also be very exciting. And the people gathered here today are the people at the forefront that have to make this all work. And hopefully you share this excitement with us. With this new era of technology comes a lot of risk. It's not a surprise to security professionals and cyber professionals that there's a lot of tradeoffs. There's risk and there's opportunities. And this is no exception. This kind of autonomy, the kind of access these agents get, the connections they make can lead to bad things. In fact, you're starting to see this pop up in the industry already. Anthropic released a very good report last fall talking about a massive cyber attack that was perpetuated using the Anthropic models and cloud code. And so this is a massive-scale agentic system automating work, automating software development, and it was used for a massive cyber campaign. And this report details what they found and some lessons learned about how to prevent it. And I think the biggest takeaway here is that these systems, while they're powerful, can be used for bad things. So we have to have a good concept of risk management and put the right controls and governance processes and controls in place to make sure it's secure. The threat actors in this case actually, as you would expect, Anthropic has a ton of controls in their models and frameworks to make sure that they can't be used for bad things. And the attackers in this case actually socially engineered the model. They socially engineered the model to trick it and say they were a respected threat research firm and using this for research capabilities while they were really using it to actually prosecute this massive campaign. It was using the normal tools and techniques available to the industry hooked up to the model. So they weren't using any novel types of zero days or types of tools to actually perpetuate the attacks. It was just the fact that it was all hooked up to this scalable, agentic framework that was socially engineered that kind of made it all work. The other interesting thing about this is that throughout the process, Anthropic published this, by the way, so we could all learn from it and they could share with the industry some of these risks. But they also noticed that during the execution of this attack, the model was actually overly confident about the targets it was finding to try to attack if the attacks would work or not. So it was it was tricked. It was overconfident. All while under the guise of the guise of being massively scalable and massively controllable. So it's quite interesting. I suggest you take a read. There is another interesting survey by a small company called Gravity that did a great job surveying you all. Do you all participate in these surveys ever? Someone calls you up and get your professional opinion about I.T.? A lot of heads nodding. This was about a thousand people. And it was VPs of I.T., directors of technology, CPOs. And the survey asked them basically about how their agentic deployments were going. And they noticed a couple interesting things. The first thing they noticed was that almost nine out of 10 people said there was already a security issue in their agentic systems. So this could be something as simple as an agentic system was over provisioned for access. It didn't have the right visibility and controls about what it could do. Nine out of 10, which is quite high. And then only 20 percent, roughly 20 percent, treated these agents in their agentic system with complete identity control. So identity is a first class thing for these agents. In the vast majority of cases, the agents were using reused API tokens, common access to systems that were shared across multiple agents. So there's no tracking and control and accountability for these agents when they were actually doing their work. So this is a problem for the industry. So I think what we need to do collectively and what Okta is focused on is making sure that as we all build this future, as we all build this future that we all know is powerful and profound, this future of agentic enterprise, we make sure that at the same time we make it the secure agentic enterprise. It sounds simple, but we have to do both. We have to do both. This technology wave has a tremendous amount of potential. It's inspiring. It's exciting. It's exciting to all of us. But we have to make sure we put the right controls and foundational groundwork in place to make it secure as well. And if you think about the arc of Okta, Okta is 17 years old. And I feel personally and the company feels personally very blessed and very fortunate to be at the right place at the right time through multiple technology waves in those 17 years. Okta was born out of the cloud. The idea was cloud computing and the adoption of cloud for every layer in the IT stack would require a new kind of identity system. Everything was outside the firewall. You didn't control the servers and the resources. There were all these SaaS applications. You had to have the best identity ever created to secure and control that. And Okta's early success was really born on the back of the cloud adoption. We helped the cloud be adopted and we were also benefited from it being adopted at scale. Then came the mobile revolution. Again, more devices. Identity gets more important. Then there was COVID and work from home. Identity gets more important. So through the arc of our history, identity gets more and more important in every technology wave. And this agentic enterprise where every AI agent that is working with your employees and performing digital work, identity is more important than ever. So we are perfectly positioned. Who has spent 17 years connecting people to technology? And now as we try to supplement those people with agents, who is perfectly positioned to do that? We couldn't be more fortunate and we are not going to waste this opportunity. We're pouring all of our energy and effort and resources into making this agentic enterprise a secure agentic enterprise. And one of our fundamental things we're doing is we're working closely with all of you. All of our customers that are on the leading edge of this and that have taken this product, Okta for AI agents, and are working with us to build out the next set of capabilities and features in a way that will most benefit you. What's the right way to put this? There's a lot of hype in AI. There's a lot of hype. And I think one of the key things we need to do is make sure that the product we build here is directly linked to the concrete value and the capabilities you need now. So we don't spend four years building a science experiment. We build something that you can use now. And we're very lucky here. We're very lucky. We know what problems you have and what solutions that we need to build for you. And they all kind of center around three really important questions. The first one sounds simple. What agents do I have? Every vendor I've ever talked to has agents. I want to build my own agents. New vendors are saying they have agents, and people around my organization are adopting them. Where are they? Where do they come from? The second question is, what can they connect to? Because that's the keys to the kingdom. Just like people, what resources they can connect to. Customers come into your mobile app or website. What can they connect to? What your agents can connect to is absolutely critical. And the third thing is, what can they do? So once they use that access, what can they actually do with it? So those are the key questions informed by our conversations with amazing customers around the world. And it's very confusing, especially that some vendors propose to answer some of these questions. Some vendors say other questions are important. Some vendors say they have everything covered. And it's quite daunting. I think it was summarized nicely by a great customer of ours, S&P Global. Seth Fox is the CTO there. And I was sitting talking to Seth, and he said to me, he said, there's a lot coming at us, Todd, and it's very overwhelming. So it's like, what you need to do is just write down a reference architecture. Like, just summarize the landscape for us and tell me where you fit in, where the next vendor I'm going to see fits in. Compare what you're doing, what we have, to what my friend's company has. How does it all fit together? So that's what we've done, informed by hundreds and hundreds and hundreds of conversation, along with work with our partners in the cyber ecosystem, partners in the application and technology ecosystem, and most importantly, conversations with customers like you. We're excited about this blueprint for the secure agentic enterprise. It is what it says. It's a blueprint. It's not a product. It's not a this is an Okta thing. It's an industry thing. We're putting forward and saying, this is the reference architecture. This is how the ecosystem together could build not only the agentic enterprise, but the secure agentic enterprise. And it answers these core three questions. Where are my agents? What can they connect to? And what can they do? And you can see in this blueprint, the capabilities on how you detect agents are broken down in logical categories. Everyone from integrations with agentic systems to edge browser based detections to endpoint network. We all have gateways and all the gateway vendors are helping out here. And then how do you assess risk of those agents? It's all the capabilities are all outlined in this blueprint. And then one thing about I talked about Okta being perfectly positioned to help be the backbone of the secure agentic enterprise, because we've spent 17 years connecting people to technology and we're very good at that. But we also know that agents are different. The protocols are different. How you build them is different. How they connect to things and how the interaction works. So that's all prescribed in the capabilities around what they can connect to. There's different capability. No person has ever logged into an MCP server, at least not that I know of. But agents do. And agents also log into SAS. And how do you connect an agent to SAS? Is it OAuth? Is it the API with a token? What is the catalog of things that are possible? What are the best practices and how do you keep it secure? And then, of course, agents connect to agents and that's a different set of protocols. And then you have legacy. You need to get these agents data from legacy systems. And those legacy systems don't have OAuth and they don't have these fancy REST APIs. So those are service accounts and you have to vault credentials. And it just orients the whole conversation in a way that makes sense of it all and lets us get to the business of making not only our agentic enterprises but our secure agentic enterprises. And finally, we talk about what can they do. This is about fine-grained permissions. And this is about do you do the enforcement at runtime or is it agent setup? And what's the life cycle of an agent? When is an agent created and how do you manage it? People simplistically say, oh, it's like a person. And other people say, oh, no, it's just like a privileged account, a service account. But the answer is it's somewhere in the middle and the blueprint tries to lay that out. When do you get a human involved and how do you track and log things? So these are the capabilities and there's a ton of details behind this and the flows and how they work together. I don't mean to gloss over the complexity. If you've ever looked at a blueprint, you know that on the first couple of pages, it's like the site and what materials are going to be used and who the contractor is and how it's definitely going to go over budget. Not that I have any scarring about that. But then you flip through and it has other pages of all the details, the subsystems, the plumbing, the electrical, the foundation, the site details of the outside site plan. And it's the same thing true here. It's how these things fit together is prescribed in the blueprint because there is a lot of important capabilities here under the covers. Now, this is a blueprint for the industry. And I don't purport to stand up here and say that Okta has a product that solves all of these things. It's definitely going to take a village to make this all work together. But the reason I started my comments by saying I thought that Okta for AI agents is our most important product ever, it's because the potential of the agentic enterprise is so profound. And this Okta for AI agents has such a core place in this ecosystem, has such a core capability. It's connecting your agents to all of your technology and controlling how they connect and what they can do.
