IT Brief Asia - Technology news for CIOs & IT decision-makers
Asia
Apac it control room ai agents identity governance kill switch
#
SaaS
#
Robots
#
Digital Transformation

Okta unveils security blueprint for enterprise AI agents

Tue, 17th Mar 2026
Author image
By Mark Tarre, News Chief

Okta has released a new security blueprint for companies deploying AI agents, along with plans for a product called Okta for AI Agents that it says will operationalise the approach.

The blueprint focuses on three questions security and technology teams face as software agents become more common in business workflows: where AI agents operate, what systems they can connect to, and what actions they can take once connected.

Okta for AI Agents is scheduled for general availability on April 30, 2026. Okta positions it as a way to help customers discover and register AI agents, apply standard access controls, and revoke access when required.

Agents and identity

AI agents now handle tasks ranging from customer interactions to internal operations, and can act autonomously across multiple systems. This raises the importance of identity controls and monitoring, since agents can move faster than human users and run continuously.

Okta argues that agentic systems behave differently from traditional software and from human users. A key concern is visibility, particularly when employees or teams connect tools to corporate applications without formal approval.

Okta cited Gravitee's research, "The State of AI Agent Security 2026", which found 88% of organisations reported suspected or confirmed AI agent security incidents, while 22% treated AI agents as independent identities.

Stephanie Barnett, Vice President Presales APJ at Okta, said organisations in the region are adopting AI agents quickly while governance and security practices lag.

"Across Asia Pacific, organisations are moving quickly to embed AI agents into everyday business processes, from customer engagement to internal operations. The pace of adoption is accelerating faster than most governance and security frameworks can evolve. What we are seeing is the emergence of a new identity gap, where autonomous digital actors can access systems, move data and act at machine speed, but many organisations still lack clear visibility or control over that activity. The blueprint for the secure agentic enterprise provides a practical framework to help leaders understand where AI agents are operating, what they can connect to and how their authority is managed. As AI becomes central to growth and productivity strategies across the region, identity becomes the practical control layer that helps organisations scale AI safely and with confidence."

Discovery and registration

The blueprint starts with identifying agents across an environment, including sanctioned platforms and "shadow" agents created without central oversight. Okta for AI Agents includes discovery and onboarding features intended to bring these agents into governance processes.

Okta is also adding agent-related integrations to the Okta Integration Network, extending its catalogue of more than 8,200 integrations with support for AI agent platforms including Boomi, DataRobot, and Google Vertex AI.

Okta plans to expand Universal Directory so AI agents can be represented as non-human identities, placed in a searchable directory, and managed through a lifecycle from onboarding to decommissioning.

The approach also includes detecting employee connections between AI agents and enterprise applications, plus views into permissions and "blast radius" to help security teams assess the likely impact if an agent is compromised.

Boomi's Chief Information Security Officer, Carl Siva, described the work as an example of vendors aligning on common security and governance layers for agent-based systems.

"Securing the agentic enterprise will require industry-wide collaboration," said Siva. "By combining Boomi's expertise in agentic connectivity and modern integration with Okta's identity leadership, we are delivering a unified security and governance layer that helps organizations harden their security posture while maintaining auditable visibility into every agent's actions. Together, Boomi's Agentstudio and Agent Control Tower with Okta for AI Agents enable teams to build and deploy agents faster-without compromising governed security controls."

DataRobot also highlighted the identity angle in agent deployments.

"If an AI agent has the power to act, it must have an identity. DataRobot has always been built for the enterprise that can't afford to get AI wrong," said Venky Veeraraghavan, Chief Product Officer, DataRobot. "This integration brings together the DataRobot Agent Workforce Platform and Okta for AI Agents, allowing our customers to build an agentic workforce with the rigorous identity standards that Okta is known for, and the confidence to scale from the lab to the front lines."

Connection controls

The second pillar focuses on controlling what agents can connect to, including tools, applications, APIs, and databases. Okta said this requires centralised policy enforcement and tighter control over access tokens for each transaction.

Okta for AI Agents will include an Agent Gateway, which Okta describes as a central control plane for agent access to resources. It includes a "virtual MCP server" feature and a tool registry, and is intended to log interactions between agents and resources for audit purposes.

The plan also includes privileged credential handling, such as vaulting and automatic rotation. Okta also pointed to API Access Management, including least-privilege enforcement and policy decisions based on identity, context, and risk.

Actions and revocation

The third pillar addresses what agents can do once connected, including controlling individual tool calls and rapidly removing access when behaviour appears abnormal. Okta said Okta for AI Agents will include "Universal Logout for AI Agents", designed to revoke tokens and deactivate access across systems.

Okta also outlined governance features to treat agents as a managed resource in certification and access-review workflows. System logs are part of the framework as well, with agent activity and authorisation decisions sent to security monitoring systems.

Ric Smith, President of Products & Technology at Okta, said the shift to fast-moving AI agents changes the assumptions behind existing security controls.

"AI agents are evolving faster than any software before them, making traditional security models obsolete. Speed is now a given, but security is the differentiator," said Smith. "With this new blueprint, Okta is establishing the industry standard for the secure agentic enterprise. We enable companies to discover shadow agents, secure connection points, and maintain the ultimate 'kill switch' to protect their enterprise from evolving risks."

Related stories
Protegrity launches AI Team Edition for secure inferencing
OpenAI launches Trusted Access for Cyber with major names
Anthropic launches Claude Opus 4.7 with stronger coding
Testlio launches AI chatbot testing service amid scrutiny
Dropbox launches three apps inside ChatGPT for work

Top stories

TestRail launches AI test script generation in beta
FIRST conference highlights AI & CVE disclosure push
OpenAI expands Codex with desktop & workflow tools
OpenAI launches GPT-Rosalind for life sciences research
Mirantis integrates NVIDIA Run:ai to speed AI deployment