"AI security is identity security" - how Okta is weaving agents into the security fabric (www.techradar.com)

Okta (with Auth0) announced a suite of identity-first security features at Oktane 2025 to close a growing blindspot: AI agents. Research cited by the company finds 91% of organizations use agents in some form but only 10% have mature plans to manage non-human identities. To address that gap Okta unveiled “Okta for AI Agents” (centralized detection, provisioning, authorization and governance), Identity Security Posture Management (ISPM) for discovering risky service accounts, and expanded Identity Governance with full audit trails—plus policies enforcing least privilege to rein in “agent sprawl.” Beyond platform controls, Okta is pushing interoperable standards: Cross App Access (XAA) extends OAuth to secure app-to-app agent interactions and is already backed by Google Cloud and Salesforce, with out-of-the-box support coming to Auth0 for B2B SaaS. Looking further ahead, Verifiable Digital Credentials (VDCs) are planned for 2027 to provide tamper-proof, reusable identity data for agents (IDs, employment records, certifications). Together these measures aim to make agents “fabric-ready”: authenticated both as delegates and as services, granted only the precise permissions they need, and fully auditable. For security teams and developers, this raises the industry baseline—reducing exposure from always-on agents, improving compliance, and enabling safer, governed agent adoption across enterprises.