Okta Agent Discovery for shadow AI security unveiled

Okta has announced Agent Discovery within its Identity Security Posture Management platform, introducing new capabilities to detect and manage shadow AI risks inside enterprises. The move reflects growing concerns around unmonitored AI agents operating beyond traditional security oversight.

Positioned as part of the Okta for AI Agents solution, the capability is designed to help organisations identify unknown and sanctioned AI agents, uncover identity misconfigurations and assess potential risk exposure.

Identity as the control layer

According to Okta, AI agents operate primarily at the application layer rather than at the network or device level. These agents often rely on non-human identities with broad and long-lived privileges.

Harish Peri, SVP and GM of AI Security, Okta, stated that identity acts as the control plane in what he described as the agentic enterprise. He noted that discovering and mapping every agent and its permissions enables organisations to secure both approved and shadow AI deployments at scale.

The Okta Agent Discovery for shadow AI security capability focuses on providing visibility into how AI agents interact with enterprise systems and what level of access they hold.

The rise of shadow AI

The announcement highlights a shift from shadow IT to what the company describes as shadow AI. Organisations increasingly face scenarios where employees deploy AI tools without formal approval.

According to industry data cited in the release, 69 percent of organisations suspect or have evidence of employees using prohibited generative AI tools. It also predicts that by 2030, more than 40 percent of enterprises may experience security or compliance incidents directly linked to unauthorised shadow AI.

This shift is driven by the democratisation of agent creation. Employees can provision digital workers through agent builder platforms, often without IT oversight. Many of these tools use OAuth grants that allow data movement outside established security perimeters.

Discovering unsanctioned agents

The Okta Agent Discovery for shadow AI security feature identifies OAuth consents and detects agents built on unsanctioned platforms. By surfacing these connections at their origin point, organisations can track AI tools before they evolve into backend integrations or complex application-to-application connections.

Through browser integration, including Google Chrome, the system captures real-time signals to map relationships between client applications and resource applications. It alerts security teams when unknown agents gain permissions to access critical data.

The tool also reveals specific scopes and permissions granted to AI agents, exposing applications that may have bypassed formal security reviews.

James Simcox, Chief Operations and Product Officer, Equals Money, stated that unmanaged AI agents can create blind spots where enterprise systems connect to external tools without oversight. He emphasised the need for continuous discovery to understand which agents exist, who owns them and what access they hold.

From discovery to governance

Once discovered, organisations can register AI agents as managed identities within Okta. This allows security teams to assign human ownership, enforce baseline security policies and bring agents under formal governance controls.

The broader objective of Okta Agent Discovery for shadow AI security is to convert unknown digital workers into accountable and policy-enforced assets within enterprise environments.

Expanding into high-risk AI environments

Okta also indicated that it plans to expand continuous discovery capabilities beyond unsanctioned platforms. Future updates will extend coverage to managed AI and machine learning environments, including large language models.

The company stated that this expansion will help security teams govern high-risk identities associated with critical AI systems.

As enterprises adopt AI tools at scale, visibility into non-human identities and agent permissions is emerging as a core security requirement. The introduction of Okta Agent Discovery for shadow AI security reflects a broader industry shift toward identity-centred governance in increasingly automated environments.

Read More:

AI Impact Summit 2026 in New Delhi: Getting there, the glitches, and the apology that followed

RiskProfiler Asia-Pacific expansion with Viraat Bindra

Qualcomm $150 million AI startup investment in India expands edge AI focus