Okta launches Agent Discovery in ISPM to combat shadow AI risks

Okta has announced Agent Discovery within its Identity Security Posture Management (ISPM) framework to help organisations detect shadow AI, identify hidden identity risks and misconfigurations, and map the potential blast radius of both known and unknown AI agents.

The new capability, part of the Okta for AI Agents solution, enables enterprises to discover, onboard and secure AI agents throughout their lifecycle. By assigning human owners and enforcing baseline security policies, organisations can transform shadow agents into governed assets within the Okta platform.

Addressing the Rise of Shadow AI

Harish Peri, SVP & GM of AI Security at Okta, said identity is the control plane for the agentic enterprise. He noted that AI agents operate primarily at the application layer, using multiple non-human identities with broad, long-lived privileges. By mapping every agent and its permissions, Agent Discovery provides the visibility and governance required to secure sanctioned and unsanctioned AI deployments at scale.

The urgency of this capability reflects a broader industry shift. Gartner has reported that a significant proportion of organisations suspect employees are using prohibited generative AI tools. It also predicts that by 2030, over 40% of enterprises will experience security or compliance incidents directly linked to unauthorised shadow AI.

As agent creation becomes democratised and no-code or low-code builder platforms proliferate, IT teams face increasing difficulty tracking unsanctioned AI tools. These tools often use OAuth grants to access enterprise data, creating blind spots and potential compliance exposure.

Discovering and Governing Unsanctioned AI Agents

Agent Discovery detects OAuth consents and identifies AI agents built on unsanctioned platforms or unvetted builder tools. By surfacing these connections at their origin, organisations gain early visibility before integrations evolve into complex backend API connections.

Through browser integrations, including Google Chrome, the solution captures real-time signals to map relationships between client applications (AI tools) and resource applications (enterprise data sources). It alerts security teams when unknown agents gain permissions to critical data and reveals the exact scopes and privileges granted.

James Simcox, Chief Operations and Product Officer at Equals Money, said unmanaged AI agents create dangerous blind spots where tools connect to enterprise systems without oversight. He emphasised the importance of continuous discovery to understand which agents exist, who owns them and what they can access.

Once identified, organisations can register these agents as managed identities in Okta, apply secure policies and assign human accountability, closing the governance gap.

Expanding Continuous Discovery to High-Risk AI Environments

Looking ahead, Okta plans to extend continuous discovery capabilities beyond unsanctioned platforms to include managed AI/ML environments and large language model ecosystems. This expansion aims to secure high-value AI environments by converting sanctioned yet high-risk identities into governed assets.

With AI adoption accelerating, Okta’s Agent Discovery capability reinforces the need for identity-centric governance as enterprises transition toward agent-driven operations.

Read More:

Lenovo Tech World ’26 India Edition Focuses on AI

Cisco 360 Partner Program and Cloud-AI enterprise transformation

Qlik partner program: Harnessing Cloud and AI for enterprise transformation