Skip to Content

Okta Introduces Shadow AI Discovery with Identity Security Posture Management

Okta's new Identity Security Posture Management (ISPM) adds real‑time discovery of unsanctioned AI agents, OAuth consents, and non‑human identities, helping enterprises mitigate hidden identity risks.
12 February 2026 by
TechStora Editorial Board

Overview

Okta Inc. announced a major expansion of its Identity Security Posture Management (ISPM) platform that now detects and remediates "shadow" artificial intelligence agents—digital workers created without IT oversight that can expose critical data through unchecked OAuth grants.

Why Shadow AI Matters

The rapid democratization of AI agent builders allows any employee to provision a digital worker, leading to a growing "visibility drift" where security teams lose sight of who is accessing what.

  • Unsanctioned agents can request OAuth permissions that bypass traditional controls.
  • Hidden agents increase the attack surface across SaaS, cloud, and on‑prem environments.
  • Untracked non‑human identities make it difficult to enforce least‑privilege policies.

New ISPM Features

Okta’s latest release adds three core capabilities:

  • Real‑time agent discovery: Detects agents built on unauthorized platforms, captures OAuth consent signals, and maps relationships between client and resource applications.
  • Non‑human identity hardening: Provides a unified view of service accounts, bots, and other digital identities across SaaS, identity providers, cloud infrastructure, and on‑prem Active Directory.
  • Remediation workflow integration: Generates alerts and automated remediation plans when unknown agents gain access to critical data.

Future Roadmap

Okta plans to extend continuous discovery to leading AI development platforms, including Microsoft Copilot Studio and Salesforce Agentforce, in the first quarter of fiscal 2027. The expansion will surface ownership details, permission scopes, and top risk vectors for each agent.

Industry Context

The announcement arrives alongside a wave of AI‑focused product launches, such as Aurasell’s AI‑native Go‑to‑Market OS for Salesforce/HubSpot and The Biological Computing Co.’s $21M funding round for lab‑grown brain chips. Together, these trends underscore the urgent need for identity‑centric controls over emerging AI workloads.

Conclusion

By integrating shadow AI detection into ISPM, Okta gives enterprises the visibility and control needed to secure both human and non‑human identities in an increasingly AI‑driven landscape.