Transcript
So Todd just showed our amazing blueprint for the Secure Ejecting Enterprise, but I could just show you some product. And I am so excited about Okta for AI Agents. This is the first and best implementation of the blueprint, and customers are already using it to see amazing success. And we're going to show you how that blueprint helps you answer those three questions, where are my agents, what can they connect to, and what can they do? As we like to say in cybersecurity, you can't protect what you can't see. So let's jump into the demo and take a look and answer that first question, where are my agents? Okay, so Okta helps you find agents in two ways, both the ones you know and the ones that you don't. Let's talk about the ones you know. So here we are in the Universal Directory, and this is your central system, this is your single source of truth, it's your agent inventory. And at Oktane, we showed you how you can register those AI Agents, but we're taking it one step further. We're taking everything you love about the Okta integration network, the standards, the breadth, the flexibility, and we're extending it. We're essentially making it your agent integration network. Now the thing about these agents is they can't live in silos, right? They need to be connected to the tools you use every day. That's going to make them more valuable and more powerful. So here you can browse the agent catalog and you can see all of the tools that your company is using. And as your team starts working with new platforms, those are going to be here as well. The point is, we are focusing on identity, so you can focus on innovating with technology and you never have to worry about vendor lock-in. Alright, but what about the apps you've already configured for your human users? Well, you can go right from the app integration page and you can see a new tab, AI Agent Import. And with Okta for AI Agents, you can import those agents and all the metadata with one click. So you're going to get the name, the title, the description. And the important thing to remember here is identity is managed separately. So if an app gets compromised, security is going to be centralized, right, in Okta. Okay, what about question number two? What about the agents you don't know about? Well, people in your company, I guarantee you, right now, as we sit here, people are spinning up agents in your company. And you need to know about them. So this is Agent Discovery, and Agent Discovery automatically flags OAuth grants. So when an agent is connected to an enterprise application, you are going to get notified. So you can see the scope and you can see the blast radius, but most importantly, you're going to get a remediation plan to take action. So you can go ahead, you can register the agent, assign a human owner, and baseline security policies. Now, the important thing to remember, this is not a one-time process. Discovery is running continuously in the background, so you can find all your agents, both the ones you know and the ones you don't. All right, so now you know where your agents are, let's answer that second question. What can they connect to? Well, it starts with MCP servers. So you can model agents, but you can also model MCP servers, and you can search a catalog of all the ones you might want to use. But connecting agents to MCP servers directly, that can be risky, which is why we're introducing Agent Gateway. And the first use case is managing access to the virtual MCP servers, so that you can select exactly which tools and scopes can be accessed. And with Okta for AI Agents, you can securely secure those third-party coding agents, like Cloud Cursor and Cloud Code. But what about everything else your agents need to integrate with? Well, today we have three ways to manage those connections, Okta authorization server, API keys, and service accounts. But now we're adding three more ways to integrate agents securely, Okta virtual MCP servers, and OIDC apps. No custom code and no direct path from agent to MCP servers, and security is centralized in Okta. Okay, question number three. What can they do? Well, you need to establish exactly what agents are accountable for, and you have to cut off access if it goes wrong. So here's the governance dashboard, and you can see access on an ongoing basis to what these agents have access to, down to the scope and tool level. And you can review their access to make sure they have access to everything they need, but nothing they don't. But what if? What if an agent goes rogue? Well, you need a kill switch. And with Okta for AI Agents, you can trigger universal logout if an agent starts accessing things it shouldn't. It's automatically going to revoke the tokens and deactivate that agent access. So now you know what agents can do, but you can cut things off if something goes wrong. And as your agent footprint changes, you are always secure. We are evolving right there with you. Okay, so you just saw Okta for AI Agents in action, and how it helps you answer those three questions. Where are my agents? What can they connect to, and what can they do? These are just a few of the ways we are helping you become a secure agentic enterprise, and this, this is how Okta secures AI.
