Okta teams up with Google Cloud to secure the AI-powered workforce

- Okta and Google Cloud have expanded a collaboration to secure/govern AI agents.

- New integrations: Auth0 for AI Agents now supports Gemini Enterprise Agent Platform

- Coming soon: Okta for AI Agents will centralise agent identity/policy via Gemini

- Okta/Chrome Enterprise secure browser work stack with threat response now available.

Okta is expanding its collaboration with Google Cloud to bring together best-of-breed identity, cloud, and productivity solutions that help joint customers strengthen security and resilience across their AI-powered workforce. Through new integrations between Okta and Gemini Enterprise Agent Platform and Chrome Enterprise, the companies are extending enterprise-grade security and identity governance to AI agents while protecting users, access, and devices across browser-based work.

With enterprises deploying more AI agents and embedding AI into everyday workflows, they need the ability to secure and govern agents in a similar way to how human identities are managed today. At the same time, organisations must evolve their internal security architectures to reflect that modern work is increasingly browser-based. The urgency is reflected in today’s landscape:

- Modern work is evolving quickly as AI becomes a routine part of the workplace, with 92% of executives reporting moderate or widespread use of AI agents, yet only 34% of organisations applying the same security controls to them as to human workers.

- Identity-based attacks, such as session hijacking, are surging, with a 127% year-over-year increase, as attackers steal the 'post-auth' session tokens stored in the browser.

- Platform flexibility and interoperability are growing concerns, with 62% of IT leaders viewing vendor lock-in as strategic risks.

“Organiaations shouldn’t have to choose between the AI and productivity tools their teams want and the security their business requires,” said Ely Kahn, Chief Product Officer, Okta.

“Okta and Google are a natural fit because we pair Google’s leading product suite with an identity layer that can work across the entire modern, AI-powered work stack.”

“Securing the AI-powered enterprise requires a layer of identity security that operates seamlessly across the core platforms that power modern work," said Vineet Bhan, Director and Global Head of Security and Identity ISV Partnerships, Google Cloud.

"Together with Okta, we're extending that foundation across Google Cloud – so customers can confidently deploy AI agents in production, govern how they interact with critical systems, and maintain strong protection across the browser."

Auth0 for AI Agents

Available now, Auth0 for AI Agentsintegrates with Agent Runtime on Gemini Enterprise Agent Platform to more securely move agents from pilot to production. For customers building the next generation of applications on Gemini Enterprise Agent Platform, Auth0 for AI Agents provides the secure identity layer needed to move from pilot to production fast. Developers can embed enterprise-grade identity and access controls into their workflows, reducing the burden of custom coding, with features such as:

- User authentication: Verify that only authenticated users can invoke an agent.

- Token Vault: Securely connect agents to third-party and downstream services by storing, managing, and refreshing OAuth tokens within a Token Vault, enabling agents to safely act on a user’s behalf.

- Human-in-the-loop workflows: Trigger human approval checkpoints for sensitive or high-risk actions, so agents can continue working in the background while users remain in control.

- Fine-grained authorisation (FGA): Ensure that agents deployed and managed on Agent Runtime perform only the specific actions a user is permitted to take, helping prevent overprivileged behaviour and better protect sensitive data.

- Auth for Model Context Protocol (MCP): Add authentication and authorisation to any MCP server, giving users granular control over exactly who gets access and what they can do.

Okta for AI Agents

Coming soon, Okta for AI Agents and Gemini Enterprise Agent Platform will help secure AI agents with centralised visibility and policy control. According to Okta, scaling to tens of thousands of agents at the enterprise level can lead to dangerous identity blind spots, while fragmented policy enforcement creates governance risks. The combination makes it difficult to answer some of the questions that map back to the blueprint for the secure agentic enterprise: 

- Where are my agents? 

- What can they connect to? 

- What can they do? 

Okta for AI Agents will integrate with Gemini Enterprise Agent Platform to help ensure agents are created with a verified identity, tied to a human owner, and access is governed by centralised enterprise policies. Integrations include: 

- AI Agent Import & Registry: For agents built on the Gemini Enterprise Agent Platform, Okta for AI Agents will enable continuous importing and registration in a centralised directory. This allows every agent to be linked to a human owner, maintaining accountability. 

- Okta Policy Enforcement via the Google Agent Gateway: As external agents interact with Google services, Google Agent Gateway, within the Gemini Enterprise Agent Platform, will act as an enforcement point. It will delegate real-time authentication and authorisation to Okta for AI Agents. This helps ensure every request—human or agent—is governed by a single set of enterprise policies all managed within Okta. 

Okta and Chrome Enterprise

With the browser now serving as the primary environment for software-as-a-service (SaaS) and AI-enabled work, it’s key that IT and security teams prioritise safeguarding the browser layer, Okta said. Organisations face threats such as session hijacking and credential theft, while malicious extensions and unmanaged browsing activity can create new risks and visibility gaps. 

Together, Okta and Chrome Enterprise are turning the browser into a policy-enforced work environment, protecting apps, data, and AI use on both managed and unmanaged devices without disrupting work. Available today, the integration features:

Chrome Enterprise Universal Enrollment: Available through the Okta Integration Network, Universal Enrollment enables IT teams to enforce enterprise-grade policies through managed Chrome profiles on any device, whether managed or unmanaged, without requiring identity synchronisation to Google.

Device trust enhancements: Okta integrates Device Assurance with the Chrome Device Trust Connector to evaluate browser and device posture in real time before granting access to an Okta-protected application. New antivirus (AV) signals allow Chrome to block logins at the browser level if a device’s AV is disabled or out of date.

Extensible single sign-on (SSO) for macOS: Chrome now officially supports Apple’s Extensible Single Sign-on on macOS with support for Okta as the identity provider. Chrome now enables users to better leverage Okta FastPass and Okta Device Access for a more seamless sign-in experience across applications.

Support for device bound session credentials (DBSC): Okta worked with Google Cloud as a design partner on DBSC, an open standard that cryptographically binds a session to a specific device via the Chrome browser, and implemented support in the Okta End-User Dashboard. While multifactor authentication (MFA) protects the login process, DBSC prevents attackers from hijacking sessions by helping ensure that on supported apps, successfully exfiltrated cookies cannot be used on another device.

Dan Mountstephen, SVP and GM, APJ at Okta said: "We're at a pivotal moment across Asia Pacific. Organisations have moved past the AI experimentation phase, AI agents are now embedded in daily operations as part of the actual workforce. These agents need the exact same governance, visibility, and control we've long applied to human identities. It's non-negotiable. 

"But there's another reality we're seeing. Our customers aren't locked into a single AI platform or cloud provider. They're navigating multiple environments and tools, and they want the freedom to choose best-of-breed solutions without introducing new silos or vendor lock-in.

"That's exactly why this partnership matters. Okta and Google Cloud are enabling organisations to deploy AI at scale, securely, with accountability built in from day one, while preserving the interoperability and choice that drives genuine innovation. Sustainable AI isn't about betting everything on one ecosystem. It's about giving organisations the control, visibility, and flexibility to build what they need."

Comments

Post a Comment

Popular posts from this blog

Fortinet enhances FortiRecon to align with CTEM framework

Fortinet, the global cybersecurity provider driving the convergence of networking and security, has turned the FortiRecon platform into a comprehensive solution aligned with the continuous threat exposure management (CTEM) framework. The latest release introduces expanded internal attack surface monitoring, adversary-centric dark web intelligence, and security orchestration, all in a unified platform. These enhancements help organisations proactively identify and prioritise real-world exposures, validate risks like an attacker would, and accelerate response. “CISOs and security teams are overwhelmed by growing attack surfaces and an endless stream of unprioritised alerts,” said Nirav Shah, Senior VP of Products and Solutions at Fortinet. “With the latest enhancements to FortiRecon , we’re giving organisations an attacker’s eye view of their internal and external exposures, backed by AI-powered threat intelligence from FortiGuard Labs, real-world validation, and automated response...
Read more

SentinelOne recognised as a 2025 Gartner Peer Insights Customers’ Choice for XDR

SentinelOne, a global provider of AI-powered security, has been named a Customers’ Choice in the 2025 Gartner Peer Insights ‘Voice of the Customer’ for Extended Detection and Response (XDR) report* – one of only two companies with this distinction. A hundred and forty-four users reviewed SentinelOne's Singularity Platform, and 97% said they would recommend the solution to respond to threats across endpoints with AI-powered security, while 97% rated the solution four stars or better.** “With the growing complexity of cyberthreats, organisations need more than siloed security—they need AI-powered, autonomous protection that delivers real-time detection and response across their entire attack surface. Customers have made it clear that SentinelOne’s XDR provides the intelligence, automation, and efficiency they need to stay ahead of threats and secure their environments with confidence,” said Ely Kahn, VP, Product Management, SentinelOne. Gartner defines extended detection and ...
Read more

AWS: AI adoption grows 20% in Singapore

Image
Amazon Web Services (AWS), an Amazon.com company, has found* that AI adoption continues to accelerate in Singapore. In the past year alone, 27,000 1 Singapore businesses adopted AI for the first time—equivalent to over three new adopters every hour. In sum, nearly 170,000 (48%) of businesses in Singapore have adopted AI 2 , up from approximately 143,000 (40%) a year ago. This represents a 20% year-over-year growth rate, AWS said. AI adoption is the strongest in the financial services industry (71%), followed by the technology sector ( software developers, data analytics firms, cloud service providers, and digital startups) at 70%, and healthcare at 63%. Among Singapore’s businesses that have adopted AI, 82% reported an increase in revenue, at an average increase of 19%, while 90% report significant productivity improvements. A large majority (85%) of those who have adopted AI say the technology is likely to increase their growth in the next year, and 89% expect an average of 17%...
Read more