Risky Bulletin Podcast Summary

Episode Title: Sponsored: AI Agents need distinct identities
Host: Casey Ellis (Risky Business Media)
Guest: Harish Perry, SVP and GM for AI Security at Okta
Date: March 1, 2026

Episode Overview

This episode explores the accelerating adoption of AI agents within enterprises and the critical security challenges they introduce, particularly around identity. Host Casey Ellis and Okta's Harish Perry dive into why AI agents need distinct identities, how identity fundamentals are being relearned, and what Okta is developing to address these new requirements. The discussion delivers both high-level context and practical insights into securing agentic AI, highlighting the parallels between current challenges and those seen during previous technology shifts—albeit now at vastly increased speed and scale.

Key Discussion Points & Insights

1. The Rise of AI Agents and the Need for Distinct Identities

• Organizations Are “Waking Up” to Agents: Businesses across all sectors are recognizing the presence and impact of AI agents—entities powered by LLMs, capable of acting autonomously to trigger tasks or access data.
• Seismic Shift: Harish compares the rise of AI agents to the migration to cloud computing: “This is a seismic shift of that size, but it’s happening ten times as fast.” (03:08)
• Fundamental Identity Problems: Agents live in the application layer, so every action they take is an access decision—making identity at the core of security for these new entities.

2. Emerging Security and Regulatory Challenges

• Three Core Requirements for Securing Agents:
  1. Agent Inventory: Organizations need visibility—“Where are my agents?” This “cocktail of LLM chaos” comes from officially sanctioned agents, developer-built scripts, and third-party vendor tools. (02:31)
  2. Agent Capabilities: Understanding “What can those agents talk to?” Each agent requires its own identity, distinct from users, service accounts, or tokens, to allow for proper auditing and control.
  3. Authorization Depth: Once an agent speaks to a resource, “what can they do?” Fine-grained authorization is required to specify exactly what records or actions are permissible.
• Regulatory Forecasting: Harish predicts global regulations will soon require organizations to distinguish between data accessed by humans vs. agents, making individual agent identities essential for compliance. (03:33)

3. Back to Basics: The Identity Renaissance

• Relearning Fundamentals: The speed of change is forcing technologists to revisit identity basics like OAuth 2.0, token exchange, and access tokens. Harish jokes, “Identity is cool again.” (03:15)
• Casey’s Analogy: “They’ve been given a couple of espressos and a free puppy and it’s all moving a lot more quickly.” (04:58)

4. AI Agents: Attack Vectors and Security Concerns

• Classic Threats, New Interfaces: Old attack vectors like token theft persist, but are now amplified by agents’ autonomy and ephemerality. Prompt injection could lead to exfiltration of access tokens or sensitive data. (08:40)
• Authorization Sprawl & Chaining: There’s worry over scope escalation, especially as agents invoke other agents. Central policy enforcement is vital to prevent privilege escalation across agent chains. (10:08)
  • “Scope needs to stay flat or be down scoped... Otherwise, it’s game over.” (10:10)
• Ephemeral Agent Teams/“Swarms”: New AI paradigms like agent swarms create challenges in tracking and limiting identities/permissions as agents are spun up and down dynamically.

5. The Practical Role of Identity Providers (IDPs)

• Identity as a Choke Point: Casey notes identity is the logical control point for governance, prevention, and containment of shadow AI or unsanctioned agents. (05:48)
• Okta’s Response:
  • Okta Agents: Harish describes a new identity type, “Okta agents,” built specifically for agentic AI and AI-to-AI authorization flows.
  • Literal Approach: “We are very literal. Our customers are very literal. So, let’s call it what it is.” (12:32)
  • Fine-Grained Authorization: New capabilities target permissions down to the specific tool/action level and combine traditional attribute/context-based models with policy based on the intent of prompts.
    • “It’s not about reback and abac... It’s about combining all of that along with the notion of intent.” (13:32)

6. Looking Forward

• Transformation in Progress: Casey references past tech hype cycles, likening AI’s current moment to the early days of the web: “AI in 2023 was kind of like having a website in 1997… enormous hype… but then it does go on to ultimately transform everything.” (13:47)
• Harish’s Call to Action: Okta is all in on agentic AI identity. Find details on their website or reach out on LinkedIn.

Notable Quotes & Memorable Moments

• On the Speed of Change:

  “This is a seismic shift of that size, but it’s happening ten times as fast.”
  — Harish Perry (03:08)

• On Identity Hype:

  “Identity is cool again is what we’re seeing.”
  — Harish Perry (03:15)

• On Revisiting Fundamentals:

  “Brush off the old MCSE from 2001 and some of those kind of fundamentals… It’s the same concepts, but for a different speed and also for an unpredictable entity.”
  — Casey Ellis (05:35)

• On Threats:

  “The threat actors are after the same thing... But now you have a new window into that data that is an agentic interface with an entity that is created to please, meaning it will do what it needs to execute the prompt.”
  — Harish Perry (09:22)

• On Product Philosophy:

  “We are very literal. Our customers are very literal. So, let’s call it what it is.”
  — Harish Perry (12:32)

• On AI Adoption Parallels:

  “AI in 2023 was kind of like having a website in 1997… But then it does go on to ultimately transform everything.”
  — Casey Ellis (13:47)

Timestamps of Key Segments

• 00:51–04:42 — Fundamental shift and three agentic identity requirements
• 05:07–06:33 — Return to identity security basics & need for rapid, real-time enforcement
• 07:54–11:42 — Attack vectors, scope sprawl, ephemerality, and agent swarms
• 12:23–13:47 — Okta’s new product capabilities; agent-to-agent authorization and fine-grained policies
• 13:47–14:52 — Parallels to previous technology transformations & Okta’s resources for further information

Takeaways for Listeners

• AI agent adoption is accelerating—and bringing old identity issues back to the forefront, now amplified by the scale and unpredictability of LLM-driven autonomy.
• Distinct, traceable identities for agents (separate from users, service accounts, and simple tokens) are essential for security, governance, and future regulatory compliance.
• Traditional AAA (authentication, authorization, accounting) approaches are being adapted and extended for new threats and ephemeral, autonomous entities—requiring fine-grained, real-time controls.
• Okta is investing deeply in purpose-built identity features for agentic AI, including unique agent entity types and advanced, intent-based authorization capabilities.
• Now is the time for security and IT professionals to revisit identity best practices in light of agentic AI, before productivity gains are offset by governance and breach risks.

For more hands-on information about Okta’s agentic AI identity solutions, listeners are encouraged to visit Okta’s website or contact Harish Perry directly on LinkedIn.