Okta unveils AI security platform & industry initiative
Okta has announced the launch of a generative AI agents security platform and a new cross-industry security initiative.
The new security platform aims to secure how consumers interact with generative AI agents and how developers incorporate these AI agents into their applications. Addressing concerns surrounding generative AI, the platform focuses on controlling personal or proprietary data that enters a large language model and ensuring interactions with AI agents are secure and trustworthy.
Shiven Ramji, President, Customer Identity Cloud at Okta, said: "With the limitless possibilities of GenAI, it's critical to instill trust among consumers and businesses by protecting sensitive data, user credentials, and securing integrations across user applications."
Concurrent with this development, Okta, in collaboration with the OpenID Foundation, Microsoft, Google, and Ping Identity, has initiated a new project to enhance the security of SaaS applications. This initiative addresses the issue that nearly all SaaS applications are not inherently built to be secure, a concern intensified by the integration of AI agents.
As part of this effort, the Interoperability Profile for Secure Identity in the Enterprise (IPSIE) is being established to provide an open framework that SaaS companies can adopt to enhance the security of their products. Todd McKinnon, CEO and Co-Founder of Okta, stated: "Okta is focused on elevating the entire technology industry to be better protected from attacks. Our goal with IPSIE is to standardize identity security and help foster an open ecosystem where building and using enterprise applications that are secure by default is easy for everyone."
The new standard aims to integrate core security measures such as single sign-on, lifecycle management, and risk signal sharing, among others, to form a comprehensive identity security structure. This would facilitate improved governance, entitlements, and continuous authentication.
Moreover, Okta is launching a Secure Identity Assessment (SIA) to support organisations in reducing identity security debt. SIA will offer tools like an Identity Security Checklist, expert guidance, and tailored recommendations to address vulnerabilities and enhance security posture.
Okta is expanding support for GenAI applications through a new product within its Customer Identity Cloud. This aims to equip developers to address AI-specific security risks and effectively integrate GenAI into their products. This product includes user authentication, API calls on behalf of users, and async authentication, which allows users to approve actions taken by AI agents.
The Developer Portal is another highlight, designed to make APIs AI-ready by securely exposing them to developers and partners, thus ensuring robust agent identity management.
Additionally, the introduction of Universal Logout will facilitate the termination of user sessions across applications and devices when a risk is detected.
With over 100 new integrations being developed, Okta is working with top SaaS vendors, including Google and Microsoft, to build features supporting various aspects of the new security standard.