Press ReleaseArtificial IntelligenceCyber SafetyIdentity & AccessThreat Detection & Defense

New Okta Platform Innovations Extend Identity Security Fabric to Non-Human Identities in an Agentic AI Future

Okta introduces platform-wide innovations to extend identity security to non-human entities like AI agents, addressing the growing risks of identity sprawl in a rapidly evolving enterprise environment.

Photo of CSA Editorial CSA Editorial Send an email April 11, 2025
3 minutes read
Okta
Wew identity posture management capabilities for AI agents and automation tools, enabling unified control of human and non-human identities across enterprise ecosystems.

Okta, Inc. announced new Okta Platform capabilities to help businesses secure AI agents and other non-human identities with the same level of visibility, control, governance, and automation as human ones. The Okta Platform will now bring a unified, end-to-end identity security fabric to organisations for managing and securing all types of identities across their ecosystem, from AI agents to API keys to employees.

Why it Matters:

  • The number of non-human identities is set to grow exponentially, with Deloitte¹ forecasting that by 2027, half of all companies using GenAI will also adopt agents in some capacity. Some companies have already begun deploying hundreds of AI-SDRs and thousands of customer service agents.
  • Non-human identities (i.e., service accounts, shared accounts, break-glass identities, API keys, access tokens, and automation tools) are inherently difficult to secure because they are often non-federated, lack MFA, and have static credentials that aren’t regularly rotated. These factors, combined with excessive privileges and a high blast radius, create an attractive attack vector for adversaries.
  • Last year, only 15% of organisations² said they remain confident in their ability to secure them.
  • With more types of identities, machines, and agents trying to access increasingly critical data and resources, across larger numbers of devices, organisations will be faced with managing this added complexity and identity sprawl.
  • Now more than ever, organisations will need to implement an identity security fabric, which is defined as a unified framework for securing, managing, and governing both non-human and human identities across ecosystems at scale.

“Amid the excitement of embracing the next wave of generative AI, companies are moving quickly to deploy agentic use cases, often overlooking the critical need to secure these systems and control the sprawl of non-human identities,” said Arnab Bose, Chief Product Officer, Okta Platform at Okta. “By bringing these identities into the identity security fabric, the Okta Platform can help organisations secure the rising digital labour force with the same rigour and vigilance as the human workforce.”

Comprehensive Identity Security Capabilities for Managing Every Type of Identity

The rapid adoption of cloud services, SaaS applications, remote work, and now the rise of non-human identities has transformed the security landscape. Homogenous tech stacks don’t exist and would present their own set of security risks.

This fragmentation creates complexity, gaps in security tools, and an expanded attack surface, making it harder for security teams to maintain a holistic view of their security posture. An extensible identity security fabric enables organisations to build best-in-breed stacks and connect disparate security tools across the enterprise. However, to be effective, companies need the right identity tools, including posture management, threat protection, privileged access, governance, device access, and more.

With new and enhanced Okta Platform capabilities, organisations can have more comprehensive security for all identities—human and non-human—with solutions that are seamlessly interconnected and fully integrated across the business.

Caption: Identity Security Fabric in Practice (Okta Platform)

What’s New – Identity Security Posture Management and Okta Privileged Access

New capabilities for Identity Security Posture Management and Okta Privileged Access, provide companies with a comprehensive, end-to-end solution for protecting AI agents and other non-human identities, including service accounts, shared accounts, break-glass identities, API keys, access tokens, and automation tools.

Organisations can better discover, secure, and manage non-human identities, while ensuring AI-driven automation and machine-to-machine interactions remain governed under Zero Trust policies. These tools also continuously monitor NHI risks and vulnerabilities.

Caption: Executive NHI report (Okta ISPM)

What’s New – Separation of Duties

Available today for customers in GA preview, Separation of Duties (SoD) in Okta Identity Governance (OIG) helps ensure that users do not accumulate conflicting access permissions that could introduce security risks or compliance violations. By enforcing SoD policies based on pre-defined business rules, SoD helps organisations prevent fraud, maintain regulatory compliance, and reduce the risk of insider threats.

What’s New – Secure Device Features 

Available today for customers in Early Access, Okta is releasing new Secure Device Features under Okta Device Access and Adaptive MFA that minimise MFA fatigue and the risk of credential theft by seamlessly integrating device context and hardware protection for Zero Trust access control. These features integrate with the customer’s ecosystem of tools to gather signals that inform access policies and continuous risk assessment and enforcement.

Protecting Identities, Across Every Application and Environment

Since no enterprise today has a fully homogeneous tech stack, organisations need deep and secure identity integrations into every single application they use. This approach unifies user context, resources, policies and risk signals across infrastructure, apps, APIs, and more regardless of the identity types.

What’s New – Secure Identity Integrations (SII)

Generally available today for customers, Okta Secure Identity Integrations provide an unprecedented level of comprehensive, out-of-the-box security integrations for the most business-critical applications. Now available as a collection in the Okta Integration Network, companies can quickly configure deep integrations for applications, like Google Workspace, Microsoft 365, and Salesforce, that go beyond SSO and lifecycle management to manage user privileges, uncover hidden risks, and rapidly contain threats with built-in remediation and universal logout.

Other New Innovations: 

  • On-prem Connector: Available today for customers in Early Access, Okta On-prem Connector is a new out-of-the-box connector that allows customers to integrate their on-premises apps with Okta Identity Governance, enabling the discovery, visibility, and management of fine-grained application entitlements within Okta.
Tags
Photo of CSA Editorial CSA Editorial Send an email April 11, 2025
3 minutes read
Photo of CSA Editorial

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

Systemic

Beyond Culture: The Systemic Security Flaw in Modern Software Development

April 11, 2025
Cohesity

Cohesity Advances Partnership with Google Cloud to Enhance Cyber Resilience and Data Insights

April 11, 2025

The Ghosts Within Your Network Could Be an In for Ransomware – Barracuda’s Mark Lukie Breaks It Down

April 11, 2025
Russia

Inside the Russian-Speaking Underground: The Frontline of Global Cybercrime

April 10, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *

(c) Asia Online Publishing Group 2024 - Media and PR enquiries - editor@aopg.net