Okta Seeing ‘Acute’ Demand For AI Agent Security Amid Massive Identity Risk: Execs

Prior to the emergence of agentic AI, ‘we’ve never seen interest for product launches like we’ve seen in this particular area,’ Okta President Eric Kelleher tells CRN.

The surging adoption of AI agents in the enterprise is prompting an unprecedented spike in demand for assistance with identity security, as organizations recognize the massive risk of powerful but over-permissioned agentic tools, according to Okta executives.

In an interview with CRN Thursday, Okta President and COO Eric Kelleher said that the shift in focus to securing identities for AI agents has been most evident in just the past few months, with the topic dominating discussions with most customers.

Even since the company’s Oktane conference in September, what’s changed is that nearly all customers want to discuss “this acute, present problem and exposure they have today with agents in their organization,” Kelleher said. “And so we’ve really found ourselves consumed with large enterprises [and] helping them navigate that. We’ve met now with over 500 of our largest customers to talk through all of the challenges.”

Those discussions are only expected to continue with the vendor’s recent release of its Okta for AI Agents offering, he said. The offering, which was released into general availability in late April, aims to provide a streamlined integration of agentic identities into an organization’s broader identity system.

“There’s this huge exposure in the industry right now—where companies have agents deployed in production and they’re very often over-permissioned, with standing permissions and [improper] data access,” Kelleher said. “They need tools and technologies to capture the identity of those agents and govern them effectively. And so our conversations for the past six months have really been dominated by that.”

Ultimately, prior to the emergence of agentic AI, “we’ve never seen interest for product launches like we’ve seen in this particular area,” he said.

Kelleher made the comments as Okta released financial results for the first quarter of its fiscal 2027, ended April 30, which surpassed Wall Street expectations.

Revenue for the quarter climbed to $765 million, up 11 percent year over year, ahead of the analyst consensus estimate of $751.8 million. Okta’s quarterly earnings also beat expectations, with the vendor reporting that non-GAAP diluted net income per share came in at 91 cents for the quarter, 7 cents higher than the Wall Street estimate.

Highlights of the quarter included the fact that more than 25 percent of Okta’s bookings were for products beyond its core access management offering, including identity governance.

The general availability launch of Okta for AI Agents meant it was not a significant contributor to the vendor’s revenue during its latest quarter, and it’s not being treated by the company as a major factor in its forward-looking guidance, he noted.

However, “we see the success and momentum and excitement and pipeline here is all upside to the guidance that we’ve set for the year,” Kelleher said. “So we’re very encouraged by what we’re seeing.”

Partner Perspective

Without a doubt, there is substantial customer interest right now around securing identities for AI agents—and specifically in Okta’s capabilities in that area, according to GuidePoint Security’s Kevin Converse.

Customer loyalty to Okta is strong, with many that are “very dedicated to Okta,” said Converse, vice president for identity and access management at Herndon, Va.-based GuidePoint, No. 37 on CRN’s 2025 Solution Provider 500. And that is extending into the new agentic arena in a major way, he said.

“I think that makes [Okta] an easy choice as the solution for them,” Converse said.

While GuidePoint sees identity as a central piece of managing and securing all AI usage, identity security must be an especially high priority when it comes to agentic, he said.

All in all, “the demand is high for [solutions to] manage agentic AI right now,” Converse said.

Answering Key Questions

Meanwhile, Okta also recently disclosed what it’s calling the “new blueprint for the secure agentic enterprise,” with the unveiling of a new framework for addressing the most critical questions amid the adoption of agentic AI.

The framework addresses the questions of, “What agents do I have? Do I know what agents are actually running inside my company?” said David Bradbury, chief security officer at Okta, in an interview with CRN.

The next question addressed by the framework is, “once I know that I have agents, what actually do they have access to?” he said. “And then lastly, what can they actually do with that access? Those are the three big questions that we solve as a company.”

While some of the functionality covered by the Secure Agentic Enterprise Framework is pivoting off existing Okta product lines—now extending them into the AI space—“others are actually brand new,” Bradbury said. “It’s taking a different perspective on how we secure things like MCP servers, which obviously didn’t exist in the past.”

The bottom line is that Okta is helping partners and customers to accelerate their shift into the agentic-enabled future through ensuring that identity and access are fully protected, he said.

“It’s important to look at us as part of a holistic architecture,” Bradbury said. “Identity is protecting everyone, ultimately, when it comes to securing AI. If you’re not securing identity, you’re not securing AI.”