Latest news with #OktaPlatform
Time of India
5 days ago
- Business
- Time of India
Okta introduces Cross App access to help secure AI agents in the enterprise
Okta, Inc., the leading independent identity partner, today announced Cross App Access, a new protocol to help secure AI agents. As an extension of OAuth, it brings visibility and control to both agent-driven and app-to-app interactions, allowing IT teams to decide what apps are connecting and what information AI agents can it matters: More AI tools are using protocols like Model Context Protocol (MCP) and Agent2Agent (A2A) to connect their AI learning models to relevant data and apps within the enterprise. However, for connections to be established between agents and apps, such as Google Drive or Slack, users need to manually log in and consent to grant the agent access to each integration. These app-to-app connections occur without oversight, with IT and security teams having to rely on manual and inconsistent processes to gain visibility. This creates a big blind spot in enterprise security and expands an increasingly unmanaged perimeter. This challenge will be amplified with the explosion of AI agents, which are introducing new, non-deterministic access patterns, crossing system boundaries, triggering actions on their own, and interacting with sensitive data. Today's security controls aren't equipped to handle their autonomy, scale, and unpredictability. Existing identity standards are not designed for securing an interconnected web of services and applications in the enterprise – and while MCP improves transparency and communication between agents, it doesn't help manage access. "While we're actively working with the MCP and A2A communities to improve AI agents' functionality, their increased access to data and the explosion of app-to-app connections will create new identity security challenges,' said Arnab Bose, Chief Product Officer, Okta Platform at Okta. "With Cross App Access, Okta is excited to bring oversight and control to how agents interact across the enterprise. Since protocols are only as powerful as the ecosystem that supports them, we're also committed to collaborating across the software industry to help provide agents with secure, standardized access to all apps.' What we're introducing - Cross App Access Okta, working with industry-leading ISVs, is launching Cross App Access to help ISVs deliver secure, enterprise-ready integrations in an AI-powered world. Anticipated to be available for select Okta Platform customers as a feature in Q3 of this year, it will enable ISV's enterprise customers to better connect their AI tools to other apps and data, deliver more seamless experiences for the end user by removing repetitive authorization consent screens, and manage agent access for better security and compliance. For example, an AI tool may need to access an internal communication app to retrieve information or take action on a user's behalf. Without Cross App Access, the user must log into the AI tool via their company's SSO and then manually approve each integration, logging into and consenting to the internal communication app separately. This process would then need to be repeated for other necessary applications, such as a file storage service or a project management application. Each consent and access is invisible to the enterprise customer. With Cross App Access, the AI tool can instead request access to the internal communication app from Okta, which evaluates the request against enterprise policies and determines whether the tool is authorized to access that specific user's internal communication app data. If permitted, Okta issues a token to the AI tool, which it presents to the internal communication app for validation. Once validated, the internal communication app provides access—all without additional user interaction, and under enterprise-defined security controls. The enterprise has visibility into when the AI tool accesses the internal communication app on behalf of the user. What challenges does this solve for ISVs? ISVs face growing pressure to support secure, seamless cross-app experiences for their enterprise customers, but the underlying identity and access flows are often inconsistent, fragmented, and hard to scale. These integrations typically rely on risky token exchanges and user-granted access, leading to token sprawl and visibility gaps. As AI agents begin to autonomously connect across systems, this complexity and the risk only increases. How Cross App access can help: Cross App Access enables ISVs to deliver secure, enterprise-grade integrations for AI agents and other autonomous systems, such as workflow automation tools. By shifting access control to the identity provider, like Okta, ISVs can reduce security risks, simplify integration complexity, and better support their customers' compliance and governance needs. What challenges does this solve for enterprises? Integrating AI tools with existing data and systems presents significant hurdles. Many businesses currently rely on ad hoc methods like long-lived tokens and fragmented access controls, making these integrations inherently risky. AI adoption is being stalled by this lack of visibility and control over how agents access data across apps. Beyond security, the user experience is also impacted when agents can't act seamlessly on behalf of users, due to repetitive and outdated authorization flows. How Cross App access can help: With Cross App Access, enterprises can enhance security and usability, empowering IT to manage agent access while enabling seamless, low-friction experiences for users. It supports secure interoperability between apps and AI systems, making it easier to adopt innovative ISV solutions without compromising oversight or performance.
Techday NZ
23-06-2025
- Business
- Techday NZ
Okta launches Cross App Access to boost AI security in firms
Okta has announced Cross App Access, a protocol designed to bring security, visibility, and control to the way AI agents interact with enterprise systems and applications. The protocol, extending the capabilities of OAuth, provides IT teams with oversight over both agent-driven and application-to-application interactions within an organisation. Through Cross App Access, teams can manage which applications are connecting, and the types of information AI agents are permitted to use or access. Security landscape The introduction of Cross App Access comes amid increasing enterprise adoption of AI-powered tools, which often use communication protocols such as Model Context Protocol (MCP) and Agent2Agent (A2A) to connect learning models to organisational data and applications. In current practice, establishing these connections typically requires users to grant manual consents and login approvals for each integration, such as linking AI tools to platforms like Google Drive or Slack. These processes frequently occur without clear oversight, leaving IT departments to handle access management through inconsistent manual methods. This situation, according to Okta, presents a security vulnerability that expands as the use of AI agents increases, creating what many describe as an unmanaged perimeter with limited visibility into agent and app activities. Arnab Bose, Chief Product Officer, Okta Platform at Okta, described the changing risk landscape as both a technological and security challenge for organisations adopting AI agents at scale. He stated: "While we're actively working with the MCP and A2A communities to improve AI agents' functionality, their increased access to data and the explosion of app-to-app connections will create new identity security challenges. With Cross App Access, Okta is excited to bring oversight and control to how agents interact across the enterprise. Since protocols are only as powerful as the ecosystem that supports them, we're also committed to collaborating across the software industry to help provide agents with secure, standardized access to all apps." Technical approach Cross App Access is aimed at software vendors that support enterprise customers, enabling them to facilitate secure integration between AI tools and other business applications. The protocol is set to become available as a feature for select Okta Platform customers in the third quarter. In the typical workflow described by Okta, an AI tool needing access to an internal communication app would—under existing processes—require the end user to sign in and approve each integration individually. Each instance of authorisation is usually not visible to the IT team, limiting the ability to monitor or control access at the organisational level. With Cross App Access, the workflow changes. The AI tool submits an access request to Okta, which then evaluates the request in line with company policies. If authorised, Okta issues a token to the AI tool, which presents it to the communication app for validation. The process is completed without further user interaction, and all interactions are logged and visible to enterprise IT. Impact for software vendors Independent software vendors (ISVs) are under pressure to create secure and seamless cross-application experiences. The complexities associated with current identity and access flows can lead to risks such as token sprawl and inconsistent user authorisations. These issues are compounded as AI agents increasingly initiate connections across disparate systems autonomously. Okta states that the protocol will address these challenges by shifting access management and control responsibility from individual integrations to centralised identity providers. This could help reduce risks and help ISVs with customer compliance requirements. Use by enterprises Many organisations currently implement AI integrations through patchwork processes that use long-lived tokens and fragmented control systems, which, Okta notes, are inherently risky and often stall further AI adoption. Without an overarching management system, businesses risk losing visibility into how, when, and why AI agents interact with sensitive data. From the end-user's perspective, repeated authorisation requests and outdated login flows can make adopting new AI-powered applications burdensome and inefficient. Cross App Access aims to address these issues by allowing IT administrators to manage agent access centrally, providing both security improvements and more streamlined user experiences. Companies can then integrate new AI applications with existing business systems while meeting requirements for oversight, compliance, and governance.
Yahoo
21-05-2025
- Business
- Yahoo
OKTA vs. Fortinet: Which Cybersecurity Stock Should You Bet On?
Okta OKTA and Fortinet FTNT are both major players in the field of cybersecurity. While OKTA focuses on identity and access management, providing cloud-based solutions that help businesses safeguard user data, Fortinet is a well-known provider of network security appliances and a Unified Threat Management network global security market is expected to benefit from growing usage of generative AI, machine learning and the cloud. Gartner expects global end-user spending on information security to hit $212 billion this year, growing 15.1% year over year. This bodes well for both Okta and Okta or Fortinet, which of these cybersecurity stocks has the greater upside potential? Let's find out. OKTA is benefiting from strong demand for its identity security solutions. An innovative portfolio that includes Okta Identity Governance, Privileged Access, Device Access, Fine Grain Authorization, Identity Security Posture Management and Identity Threat Protection with Okta AI is expected to help OKTA shares surge in rides on strong demand for new products, with more than 20% of fourth-quarter fiscal 2025 bookings from new products. OKTA's innovative portfolio is helping the company win clients, driving top-line growth. It exited fourth-quarter fiscal 2025 with 19,650 customers and $4.215 billion in remaining performance obligations, reflecting strong growth prospects for subscription revenues. Customers with more than $100 thousand in Annual Contract Value increased 7% year over year to 4, offerings include Okta AI, a suite of AI-powered capabilities embedded across several products, which empowers organizations to harness AI to build better experiences and protect against cyberattacks. Okta Platform and Auth0 Platform are compatible with public clouds, on-premises infrastructures and hybrid is benefiting from a rich partner base that includes the likes of Amazon Web Services, CrowdStrike, Google, LexisNexis Risk Solutions, Microsoft, Netskope, Palo Alto Networks, Plaid, Proofpoint, Salesforce, ServiceNow, VMware, Workday, Yubico and Zscaler. The company has over 7,000 integrations with cloud, mobile, and web applications and IT infrastructure providers as of Jan. 31, 2025. Fortinet continued to demonstrate strong momentum in network security, driven by its dominance in firewall deployments and secure networking. The company maintains its position as the most deployed firewall vendor globally.A key driver of Fortinet's performance has been the expansion of its unified Secure Access Service Edge (SASE) platform. Fortinet remains the only vendor to organically develop all core SASE capabilities within a single operating system, including next-gen firewall, SD-WAN, DDNA, Secure Web Gateway, CASB, and DLP technologies, improving user experience while reducing complexity and has been showcasing growing traction with its sovereign SASE solution, tailored for highly regulated sectors, such as finance and healthcare. This offering ensures full on-premise or in-country data control, addressing compliance needs without compromising performance. As a result, Fortinet's secure networking business is continuing to gain market share, supported by high performance and a unified approach to continues to invest in expanding its AI capabilities. The company currently holds more than 500 issued and pending AI patents. New AI capabilities like FortiAI Assist for automating security tasks, FortiAI Protect for advanced threat detection, and FortiAI Secure AI for protecting AI infrastructure are driving clientele. Year to date, Fortinet shares have appreciated 10.9%, while OKTA shares have surged 60.5%. Image Source: Zacks Investment Research Valuation-wise, FTNT and OKTA shares are currently overvalued, as suggested by a Value Score of D and terms of forward 12-month Price/Sales, Fortinet shares are trading at 11.38X, higher than OKTA 7.49X. Image Source: Zacks Investment Research The Zacks Consensus Estimate for Fortinet's 2025 earnings is pegged at $2.15 per share, up 1.9% over the past 30 days, indicating a 2.74% increase year over year. Fortinet, Inc. price-consensus-chart | Fortinet, Inc. Quote However, the Zacks Consensus Estimate for OKTA's fiscal 2026 earnings is pegged at $1.09 per share, unchanged over the past 30 days, indicating a 172.14% jump year over year. Okta, Inc. price-consensus-chart | Okta, Inc. Quote Both FTNT's and OKTA's earnings beat the Zacks Consensus Estimate in all the trailing four quarters. However, OKTA's average surprise of 204.9% is better than FTNT's surprise of 30.98%, reflecting a good quality of earnings beat on a consistent basis. Fortinet is benefiting from rising demand from large enterprise customers and growth in the company's security subscriptions. The company is gaining from the robust growth in Fortinet Security Fabric, cloud and Software-defined Wide Area Network (SD-WAN) offerings. However, OKTA is suffering from challenging macroeconomic conditions due to higher carries a Zacks Rank #2 (Buy) that makes it a better buy compared with Okta, which currently has a Zacks Rank #4 (Sell). You can see the complete list of today's Zacks #1 Rank (Strong Buy) stocks here. Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report Fortinet, Inc. (FTNT) : Free Stock Analysis Report Okta, Inc. (OKTA) : Free Stock Analysis Report This article originally published on Zacks Investment Research ( Zacks Investment Research Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
