Hellooo, Oktane! Okta, Okta is almost 15 years old, and I want to thank you, our customers, our partners, our employees, our former employees, and my wife who's here. Roxanne, where are you? Thank you all. Everyone here in person and online. My dad is watching online. Hi, Dad. We are here because we built this together, and in those 15 years, we've come a long way and we've seen a lot of change. And as an industry, we are no stranger to change. Look how much the technology landscape has evolved over the years, from mainframe to personal computing and client server to the Internet and finally to cloud computing, which is where the Okta story begins. When we founded Okta in 2009, during the early days of the cloud transition, I could see that cloud would become a much bigger part of the technology landscape.
The challenge of managing the cloud became an early inflection point for Okta. Our initial goal was to help companies use cloud applications, and as the first cloud-native identity company out there, we approached the problem differently than anyone. Before Okta, the choices were identity silos locked into your app or monolithic platforms that locked you into their stack. But with Okta, identity can be a powerful tool to protect and connect everything without compromising on security or choice. Identity, really, Okta was the driving force behind the rapid adoption and global scale of the cloud. We removed the complexity from building identity from scratch and empowered millions of developers to build apps in the cloud. So while we benefited from the transition to the cloud... No, I thought it was pretty cool, too, so you can clap. We also...
We got a lot of great stuff to show you, so I want to go fast and get to the products and the announcements. While we benefited from the transition to the cloud, we also helped catalyze it, and we're very proud of that, and we're not stopping there, and neither are the major technological shifts. We are entering a new technology era, and it is the AI era. Your taxi can now drive itself. Your computer can write its own code. Images and movies make themselves. You can't be totally sure if ChatGPT is AI, or you're talking to a person. Congratulations, everyone, we have passed the Turing Test. Regulators are diving into AI policy, and over half of Americans believe that AI will become sentient. We've seen technology shifts, but this one provokes a very strong emotional reaction.
Whether it's the way you feel after a long conversation with a chatbot or imagining a world where music and art aren't created by people. Why is this reaction so strong? It's impactful emotionally because these were all things that were previously only done by people, and as people, we are wired to react to human activities and connection. This is core to our identity, so it's not surprising that this can all feel very emotional. AI is everywhere, and it's bringing with it tremendous potential. As developers, entrepreneurs, and companies embrace and succeed with AI, we'll see an amazing new wave of apps, tools, capabilities, and even other platforms built around AI. In five years, the AI revolution will mean that we all use 10 times as many tools, apps, and chatbots than we do right now.
Whether it's AI, voice control, or programs that help us use existing apps, or new AI apps that are not possible before the AI era. Without great identity, this will all be overwhelming, insecure, and unmanageable. This new world of AI, this new world, needs identity more than ever. It goes back to our founding story. Okta has always been about connecting people with technology. First, in the backdrop of the cloud, and now with AI. Some people, they see a world where AI takes over and people become less important. I do not agree. AI isn't taking over. AI isn't taking over. People, people are still in charge. So despite all the emotion, the excitement, and the tremendous potential of AI, the fundamentals still apply. Technology is about serving our needs and providing a great user experience, quick access to information, and the ability to be agile and secure.
AI may raise the stakes, but identity belongs to you. It belongs to you, and here's how Okta is stepping up. For starters, we are fueling the growth of the AI ecosystem, from OpenAI to hundreds of others. They all rely on the full power of Okta to create seamless and secure user experiences that can handle their massive scale and growth. Today's developers want to focus on building AI models and building amazing new AI-driven apps. All the more reason that they shouldn't have to worry about identity. Okta can handle that. And it's not just startups. The biggest tech companies in the world have an AI strategy, too, and it's still broader than just tech companies. We used to say that with the internet and cloud computing taking over, that every company is a technology company. That was once bold, but now it's widely accepted.
The new reality is that every company is an AI company. These major shifts present all of us with the opportunity to either leap ahead or fall behind. You should be asking yourself what you need to do. What's your AI strategy? What markets are you playing in? Can you reach more customers more effectively with a great AI-driven user experience? What advantage, what competitive advantage does AI give you, and how do you infuse AI into all of your company operations to make your team more effective and efficient? If you aren't asking yourself these questions, I guarantee you, your competition is. I've been asking myself these questions for Okta, starting with: what does AI mean for identity? Well, it's an exciting world because organizations will now have proactive security that will learn and evolve to combat any identity-based attack.
Developers can build apps faster with auto-generated identity code, with the right embedded actions. Identity user experiences will become frictionless, and your employees and business partners will become more efficient with workflow automation that learns their patterns. But AI is also introducing new risks. The bad actors have it, too, and they now have access to more attack types and can attack organizations with more focus, more intelligence, and more scale. Non-coders now have access to smarter tools that can exploit a wide range of vulnerabilities. Okta's role in this AI-driven world is clear. In many ways, it's the same as it's always been. We continue to be your trusted identity partner. We focus on delivering real value to you. Real value. It almost sounds quaint. It almost sounds quaint, but it's how we live, it's how we roll. So how do we do it?
Let's take a step back and look at a high level at how AI works. It's three things. First, you need a massive amount of data. Second, you need models to process this data. And finally, you need to be able to take action. Great AI, you can... In Okta, we have a huge advantage in our data and our actions, and we're bringing it all together with Okta AI. Okta AI, it's AI for identity. It's powered by our data about threats, usage, access policies, signal, customers, partners, and it uses that data to perform real-time actions for your security, making your developers more productive for your policies and authorization. To be clear, to be clear, this is your data. It's always handled with our high standards of user consent, trust, and privacy. Okta AI is infused across several of our products.
It makes our existing products more valuable and new products possible. Products that expand the definition of what it means to be integrated and protected. Products like Identity Threat Protection with Okta AI. We are dramatically expanding the role of the identity provider. It extends adaptive risk evaluation from the time of login to any time the user is logged in throughout the session. And not only assesses risk, it helps you prevent and respond to threats fast, because identity is a part of your tech stack. It's the core of it. And Okta AI runs on a massive amount of anonymized, crowdsourced data from our 18,000+ customers and 7,000+ integrations in our ecosystem. We can see and protect against a wide range of threats across all of your security stack, people, apps, and devices. Actions.
Actions are where Okta AI really shines, because ultimately, value is based on what you can do. Identity Threat Protection allows an array of powerful actions. Actions like Universal Logout. Yep, you heard that right. Real, bona fide, genuine, real, Universal Logout. We did it! For the first time in our industry, it's possible to automatically log users out of all critical apps when there is a security issue. It's not just one app, it's not just two apps, it's not just apps from a certain platform. It's all critical apps. All critical apps. Bad actors might be getting more sophisticated, but we are using the power of AI and our ecosystem to keep you a step ahead. Yeah, I like it, too. I'm pumped up, too. I like it. We're bringing AI to the world of identity governance with Governance Analyzer with Okta AI.
This new capability can intelligently predict access risk and proactively launch an Access Certification campaign. It can also equip approvers with key insights, such as past risk events associated with the user to inform better decisions and more secure governance outcomes. Again, Okta AI, it's trained on billions of policies, crowdsourced from our massive pool of anonymized customer insights, and the value is delivered to you. There's more, there's more. We're bringing the power of AI to make things easier for developers with Identity Flow Optimizer with Okta AI. Developers on the Customer Identity Cloud now have inline recommendations on the identity configurations and actions they should add to boost conversions, improve security, and what do they all want to do? They want to build apps faster. Yeah, speed. We are not messing around. We need to build more stuff.
As a developer, you never want to spend time on undifferentiated work. You want to leverage the proven patterns of success while focusing on what's most valuable to your customers. That's where your energy is focused. And with our ecosystem and Integration Network, Identity Flow Optimizer, it makes this possible. We are just getting started. You will see more about Okta AI and our products throughout Oktane. So what started in 2009 as a company looking to accelerate cloud transition, it's grown into much more. We powered the transition to the cloud, and we're powering the AI era. What an exciting time to be alive! What an exciting time. And like many things in life, the more things change, the more they remain the same. In the AI era, freedom and choice are more important than ever.
Our vision is to free everyone to safely use any technology. We believe strongly that technology is the key to progress, success, and helping your organization achieve its vision. We believe that identity is the key enabler of freedom. Identities for everyone, every person, every technology, and every stack. It's a great time to be on this journey with you. We support, we support some of the world's biggest brands. Customers like Steve Williams and the team at NTT DATA, Angie Hirsch of Media O2, Renee Forte, speak at the work keynote later this afternoon. Do not miss that. It's going to be amazing. We help them keep their employees and partners connected and productive. IKEA, Fifth Third Bank, and Booking Holdings, where our three-time Okta customer, Spencer Mott, leads the ship there. Give it up for all you multiple-time Okta customers. We love you. We appreciate you.
We're slightly worried because you can't keep a job, but we'll talk about that later. Thank you so much. They all choose Okta because of three key concepts. First, is our independence and our neutrality. Our neutrality is the reason we can serve every person, every technology, and every stack. We don't have a horse in the race, and we're betting on you. We integrated everything, and we don't shuttle you into vendor lock-in. It's your stack, your way. The second concept, the second concept is our ecosystem. Our ecosystem is realized through our Okta Integration Network. The Okta Integration Network is how we deliver the breadth and depth of integrations to quickly and effectively connect with your stack, your way. This best-of-breed approach is critical, especially when it comes to security. In security, a monolithic platform is the weakest defense against an adversary.
A single vendor is a single point of failure. It's through our ecosystem and our-- It's through our ecosystem, that's global small business platform Xero accelerated time to integrate and deploy apps across their org by over 80%. Before Okta, it used to take their IT team days to deploy a new app. Now they can do it in less than two hours with the Okta Integration Network. The third concept, the third concept is extensibility. We are committed to helping developers and admins create identity their way by providing a wide variety of SDKs, APIs, and templates. We empower developers to move fast, innovate on experience, versus spending time on identity. Capabilities like Workflows and actions extend the core power of Okta to meet your requirements and allow you to deliver identity experiences at scale. Take Wyndham Hotels.
They were able to reduce their development costs by 85% by replacing their custom scripts with Okta Workflows. Combining the strength of our independence and neutrality, extensibility, and our ecosystem is how we make customers successful. We stay grounded in our vision to free everyone to safely use any technology. It's ambitious and long-term. Looking into the future, how will we know when we've reached that vision? How will we know? Well, you'll know it when you'll know. No, I got a better answer than that. When we've freed end users, so they don't ever have to think about security. When they can seamlessly access technology and manage their identity in a trusted and privacy-centric way. When we've freed security teams to stop breaches before they happen, so AI works on their behalf to prevent risks and threats and proactively take rapid action on patterns.
When we've freed IT teams to manage a single interoperable identity layer that reduces inconsistencies while maintaining agility across platform, apps, and services. Last, but perhaps most important, we'll know when we've freed app builders to easily go to market in our interoperable ecosystem. Let's see how Okta is powering a best-of-breed, interoperable world. Over to you, Christiana.
So in my role, it's not uncommon to get requests that are urgent, just like this one. Given the skill gap and AI roadmap commitments that we have, we need to implement this L&D solution for engineering as soon as possible. I have to say, I'm dreading it. I have a fully committed roadmap for Q3.... Since apps don't typically support new capabilities such as SCIM and Universal Logout, this means a manual provisioning of accounts, not to mention this extra scrutiny from our security team, full process down. Well, in the meantime, let me confirm that My Learning Co. is supported in the Okta Integration Network. Awesome, it's there. That should make my life so much easier. Wait, there's a little bit more here. It supports a number of capabilities: provisioning, single logout, and governance. And it looks like I can configure it all with one click.
One click! Now I can centrally manage authentication, provisioning, and respond to security events by logging out those long-lived user sessions. I wish all my apps supported this. Little do I know that My Learning Co. was built with Okta Customer Identity Cloud, which is why it supports all of this and streamlines interoperability while strengthening security for my entire organization. Look at that. I'm already done. As long as My Learning Co. and any other app built with the Customer Identity Cloud is part of my company's identity fabric, it'll support the next wave of standards at scale. Today, that's Universal Logout or entitlements, but tomorrow, who knows? Back to you, Todd.
Thanks, Christiana. Thanks, Christiana. With our two clouds, we have incredible potential to help our industry build a more interoperable, best of breed future. It's how we're oriented. Our focus is on choice and freedom, not locking you into a single platform. Remember, identity can belong to you, not to threat actors, not to platform lock-in. Identity should belong to you! And when... Yeah, and when identity belongs to you and to everyone in your organization, it's the catalyst for you to grow your business, to achieve your goals, and protect your workforce and customer base. I am fired up about this future vision and where we're going, and we have a solid foundation to build on because we built it all together. Okta is the world's largest independent and neutral identity company. That is so cool. That is so cool.
15 years of relentless hard work, we're starting to make a little progress. It's good. The 2022 IDC Identity and Access Management Market Report confirms this, makes it very clear, and we have a wide lead. We're not resting on our laurels. We got more to do, and this leadership is reflected in our product usage as well. We have over 800 million unique monthly users across our two clouds. 800 million. 800 million. That's 10% of the world's population connecting through Okta every month. It will not be long until we're in the three comma club. Our customers love Okta, too. Our customer net retention rate is 115%. Customers have a choice, and every year they choose more Okta.
Our customer base covers over 60% of the Fortune 500 and over 75% of the Fortune 100. We have... Yeah, we have the large-- They love-- You guys love the Fortune 500. That's great. I love them, too. We have the industry's broadest and deepest set of integrations through our Okta Integration Network with over 7,000. All this success, it takes a village. Thank you for being part of this growth, and especially thank you to our customers. We could not do this without you. We're in for a treat now because one of those customers, one of those customers is Eric Brohm, CISO at Wyndham Hotels. We power identity for Wyndham's corporate workforce, their franchisees, and their loyalty member. Let's take a look at their story.
If I'm planning a vacation, I want to see all the possibilities of where I can go. What does each place have that would cater to the vacation that I want to have? So when you get to your vacation spot, you're like: Wow, this is going to be fun for me. That's what we want for every person that stays at a Wyndham. We're a vacation company. It has to be fun.
Wyndham, by number of hotels, is the largest hotel company in the world, and so the scope is big. Wyndham really has three customers that we service. We have a few thousand internal employees, 100,000 employees that need identity services at the franchisee level, and then we have over 100 million loyalty members. Okta allows us to service those customers through our Workforce Identity and Customer Identity Cloud. Wyndham started with Workforce Identity Cloud in 2016. As a chief information security officer, I want to be able to enable the business. I want to be able to go beyond the security use cases into the business use cases, and Okta allows me to do that. It allows me to have business conversations with security as the backdrop.
Just the scope of our responsibility has really changed. The third-party and the cloud access has become more important than ever before.
Okta gives you the whole experience. It's a technology that moves with the company. As the needs grow, what else can we do better?
Okta's really been a partner. I would say we grew together. As we continued to use the tool and unlock the power of Okta, we saw that this is going to have implications and provide business benefits, not just to our internal workforce. We could use Workforce Identity Cloud for our franchisees as well.
Everything that they want to do, it could be ordering towels, paying the staff, their reservations, and it's all different systems. Being able to go to one place and just access everything that you need at any time, that was a game changer.
There's nothing a security practitioner loves more than to have everything in one place.
So the next logical step there was to take the successes we had with Workforce Identity and transition that to Customer Identity as well. Our 100 million+ loyalty members expect that they're going to be able to log in easily and safely and securely.
With the switch to Customer Identity Cloud will bring us login protections, logging, Multifactor Authentication. So I think that's the future for Wyndham, is whatever application we're bringing on, has the ability to bring Okta as well as part of the identity piece.
My vision or dream for the future of identity within hospitality is that it keeps up with the rest of the other industries out there. The things that we've implemented with Okta Workforce Identity and the things that we're in the process of implementing with Customer Identity, are going to allow us to utilize a tool like AI with a lot more confidence. If you don't have the confidence that the people are accessing it for the areas that they need, then you can't have the confidence that AI is producing what you need from it.
Okta is bringing us to the next level in identity for our franchisees, for our loyalty members, and for our team members. It's one seamless experience. That simplifies everything, and that's what people want.
All right, you want to go? Dangerous.
Eric, Eric told me I should do a cartwheel. I said, "No cartwheels." That was a beautiful film.
Thank you.
Yeah.
Thank you, guys.
Yeah. You know, we have a-
Huge partner.
I can't believe it. We have people at Okta that can make something that beautiful.
Yeah, it's unreal. And if you look at the-
It's amazing, yeah.
At the customer experience.
I thought we were just making SaaS stuff, and they're just a beautiful artistic film.
You guys do a great job.
Amazing.
You do a great job.
At Wyndham, what's the role of identity?
So identity, strategically, right? Wyndham... Identity services the business goals of Wyndham. So when we think about our mission statement, Wyndham brings welcomes all. And so it's really that concept of welcoming in, whether it is the few thousand corporate employees, whether it is the 100,000 folks out at the franchisee level or our 100 million Wyndham Rewards members, that... The idea of that first point of contact to welcome them in is so key for us in the hospitality industry and allows us to service them well.
If you brought me to a board meeting at Wyndham-
Yeah.
Would they know who Okta was?
Uh, they-
You can be honest.
No, no, no. They would. They would.
Oh, no. All right, next question.
No, they-
Move right along.
I'll tell you, the reason they would is that at the board level, security is obviously-
Yeah
A con piece of the conversation, and identity goes right with security now. And I would say, a lot of times-
When did that change? You said now.
Yeah.
Is that it kind of implied that it wasn't always that way?
Well, for Wyndham, it would have been around 2010 and 2012 when we had our data breaches.
Yeah.
That was a big wake-up call for Wyndham Hotels.
Yeah.
There are very few... You know, when you're presenting to the board as a CISO or any business executive, they tell you to steer clear of tech acronyms.
Mm-hmm.
MFA is not one of those. Those that I need to steer clear of.
Oh, yeah.
They, they know exactly what MFA is and how important it is-
Yeah
to not only just the security strategy, but business strategy as well.
Yeah. So the AI revolution-
Yeah.
You talked about the hospitality industry and trying to differentiate Wyndham inside that industry. What is AI going to do to that industry? And do you see it more of upstarts are going to take over new companies, or is it the established players are going to either use it or not, and, and move forward and be competitive advantage because of AI.
Yeah, I love what you said before in the when you were talking, were just talking-
Thank you.
-um, about-
I appreciate that.
Yeah, I loved all of it, but specifically, about that AI is not taking over, and that's how we feel in the hospitality industry. At the end of the day, as I mentioned, we're there to make people feel welcome, and so AI is a tool that helps us service, helps us serve that goal, for our guests. And so I think there's some opportunity, for new competition to rise, but by and large, that welcoming feeling is a person-to-person connection. And AI will help us serve that, but it will change the way we do things, not what we do. It'll just help us-
Makes sense.
do what we do better.
Is there another player in the hospitality industry that you worry might embrace AI faster than Wyndham?
I mean, we're pretty focused.
If they're here, I can introduce you to them.
They could
Excuse me.
They're amazing. But, Wyndham remains pretty focused on AI. We already have an AI steering committee-
Yeah.
That's focused on how can we use this? What are some ways we can test it out, determine the ROI on these things and be fast implementers of that? We also, for our summer interns, we put them... You know, they had their regular tasks, but we put each of them on teams, and at the end of the internship, needed to present on ways that AI could benefit Wyndham as their-
Oh, that's awesome.
It's-
It's kind of a could be, like, a generational thing, right? The new people coming into their careers.
Certainly a different way of looking at it, and maybe some new ideas that people with gray hair like myself.
Yeah.
Starting to get gray.
Yeah. No, I'm with you on that. When you think about innovation in general, what have you learned about innovating in a large organization?
So, yeah, innovating is, you know, it's... I really liked what José said last night: "Don't plan, adapt." Now, if you went without a plan and presented that to, at your quarterly earnings report and said, "We have no plan," that probably wouldn't be good.
That's right.
I think the heart-
Trust me, I got this.
Yes. I think the heart of what he was saying is adapt, have the process in place to adapt. So when you're innovating, be ready to adapt, be ready to fail quickly, but have the process in place to turn that around, learn from your failures, and move forward in that direction. I think that's a key piece of innovation. I would say the other piece is, as you're innovating, don't innovate in a silo, right? These are all business problems that we're solving, not just technology problems. So as a technologist, innovate along with your business partners.
That's awesome. Well, there you have it, advice from one of the best. Thank you so much, Eric.
Thank you.
It's really, it's really great to have you as a customer, and I look forward to working with you. I love Wyndham's story. We – and thanks again to the whole team for putting that together. We talked a lot about industry trends and the long-term opportunity for AI, but the reality is we all have to execute this quarter and this year in a high-stakes environment with a lot of pressure. There's three big things happening right now. First, the threat landscape is evolving, and it's evolving fast. And you can see it in the numbers. A recent survey by IDC said that almost 80% of organizations did experience a data breach in 2022 alone. So the stakes are high, and attackers, they're coming after all of us, and it's Okta and our customers.
You may have seen some reports in the news recently about a couple attacks, and when these things happen, the natural reaction from vendors is to distance themselves and say, "Well, our product wasn't breached. It's" You know, and we resist that urge at Okta. When a customer has a problem, we have a problem. It's very core and important to our culture. When a customer has a problem, we have a problem. And so, as you would expect, we dive in and aggressively help on an individual level. But we're also doing more and taking it a step further. Our products are incredibly flexible and incredibly configurable, and they can be set up with different levels of security constraints. Expert Assist is a new offering that gives you expert advice to ensure your configuration matches your security risk and threat posture.
It has two parts. One is a services offering that brings our security experts, these are people who have seen thousands of policy configurations, and they know the best practices, brings them directly to you for a thorough review and recommendation in line with your security posture. It also has a product component that will evolve and automate this process over the next several quarters, and Okta AI will be a big part of this. So the stakes are high, and if it's not enough, we are all operating in a very different economic environment than we were a few years ago. 84% of CEOs in-- take a U.S. recession. I mean, they're cautious with their budgets, and they're trying to do more with less, and they're expecting all of us to do more with less.
And despite all of this, customers are still in charge, and, and they're in more control than ever. They want the best experiences possible, or they'll leave and get it from someone else if they aren't getting it from you. 89% of customers say that they compete primarily on the basis of customer experience. So the pressures of today are complex, and we are here to address these challenges through our Customer Identity Cloud and our Workforce Identity Cloud. The Customer Identity Cloud is powered by Auth0, and it's the enabler of amazing digital experience, experiences across consumer and SaaS applications. The Workforce Identity Cloud powers identity for employee, contractor, and business partner use cases. These two clouds deliver identity that goes beyond.... You need customer identity that goes beyond login.
While login box is the first touch point to all things digital, companies must look beyond login to truly know, protect, and delight their customers. You need workforce identity that goes beyond MFA. Businesses have to think further than the traditional approach to access management to thrive in a world of security threats and complex IT. Today at Oktane, we are helping you go beyond with ID. Now this show is really going to start to roll. Please welcome our next speaker. He is the president of Okta's Customer Identity Cloud. Please welcome Shiv Ramji.
Thank you. All right. Thank you, Todd. Hello, everyone. I'm glad to be here. Thank you. At this year's Oktane, we have many sessions focused on developers and even have a developer day dedicated just to you. So developers, are you in the house? Yes, welcome. It's been a year since we launched the Customer Identity Cloud powered by Auth0, and what a year it has been. In only a few short months, we've seen generative AI go mainstream, ushering in a new era in technology and launching several new companies. At Okta, I believe that AI is not just a trend, it's the beginning of a new era in customer identity. Now, you can leverage AI to get to market even faster. You can unlock power of AI to enhance the customer experience, and you'll be able to use AI to rapidly remediate threats and reduce risk.
In this new era of AI, you need to focus your developers on innovating fast, not creating login boxes. You need to raise the bar on the customer experience. All this means looking beyond login. The login box is so much more than a simple square. It's an opportunity to put your best foot forward and create a lifelong customer, all while keeping them safe and secure. Going beyond login means solving for authorization. Where authentication allows you to verify who the user is, authorization allows you to verify if that same user has access to specific objects or action inside your application. Now, developers still spend too much time with homegrown systems, building authorization capabilities over and over and over again, versus spending time actually innovating. It doesn't have to be this way.
Authorization is where authentication was a few years ago, and Okta pioneered solving authentication in the cloud. Now we are doing the same for authorization. Developers need solutions that allow them to implement authorization in a way that fits their application and user needs and frees them up to drive innovation. They need solutions that will scale with their organization, operate at incredibly low latency, provide high reliability, be secure, and be auditable. We have built a product to do just that. Deliver authorization at scale to reduce latency and downtime with Okta Fine-Grained Authorization. In fact, if you registered for Oktane this year, the registration was powered by Customer Identity Cloud, and the viewing experience online today is actually powered by Fine-Grained Authorization. We're using our own products, too. FGA benefits go beyond just application builders.
Our vision is that through the Workforce and Customer Identity Clouds, security and IT teams will get improved governance, auditing, and analytics through an integration with our Okta Identity Governance solution. You can create an account and start experimenting with FGA today at fga.dev. Just try it out. We'd love to get your feedback. Now, launching a new technology and authorization model introduces yet another capability that developers have to learn. We know that authorization is hard, which is why we created Guide with Okta AI. This will deliver comprehensive onboarding assistance and help developers intuitively define their authorization model. Developers won't have to worry about learning how to build authorization into their application. Instead, they'll get recommendations that map out the best steps to get to market even faster.
Next, imagine a world where an AI assistant can auto-recommend actions and suggestions to reduce login friction and improve your customer experience. Sounds magical. Well, that world is possible now with Actions Navigator with Okta AI. Actions Navigator will leverage AI to make it easier for developers to discover and implement marketplace integrations, or even write an action by simply asking for it in plain English through a search prompt. This is going to make developers way more efficient. And what if you could go further, so your users never have to remember any credentials again?... I mean, wouldn't it be great if you could log in without a password? Well, now you can with Passkeys. Passkeys provide a phishing-resistant experience for your consumers, making them less reliant on legacy credentials. Now we will finally rid ourselves off passwords.
Okay, let's take a look at how all of this comes together. We'll show you how your digital teams will use Identity Flow Optimizer with Okta AI to make login recommendations that improve conversions, and how your developers will implement Passkeys to drive phishing-resistant and convenient customer experiences. Let's welcome the demo team.
So, Nav, I've been reviewing our conversion and drop-off rates. They're really not where they should be. I'm getting a little bit concerned about the impact on our business. Have you looked into what might be causing this?
Let's check out Funnel Analytics in Okta Customer Identity Cloud. Funnel Analytics integrates with our existing customer data and marketing platforms and helps us better understand our conversion and funnel performance for all our apps. Looks like when users access Streamward from a new device, we're seeing a significant number of drop-offs. This isn't ideal, especially given the number of devices folks use these days.
All right, so does your fancy tool give us any insights into why this might be happening?
Well, if we dig in, it looks like a lot of customers abandon the login process when they have to type in a username and password, whether it's on the same device or a new one.
Okay, I get that. Passwords are so 2021 anyways. So if this friction of repeated logins is driving our conversion rates down, what could we actually do to fix this? You know our CISO loves passwords.
Okta Customer Identity Cloud just launched new AI capabilities that can help us with this. This one's called Identity Flow Optimizer with Okta AI. It analyzes all of our tenants' authentication data and provides suggestions on improving the customer experience. This is really going to help us boost conversions, engagement, and security. Let's try it out. Let me type in my question: How can I increase the conversion rate in my sign-up flow? And search. Okay, so check it out. Identity Flow Optimizer is suggesting that we enable passkeys as a way to reduce sign-up friction.
Okay, so I've heard about Passkeys before, but how's that going to help us here?
Passkeys eliminates the need for typing in passwords, and they provide a seamless cross-device experience. When users authenticate from a new device, passkeys are generated, making the process secure and frictionless.
All right, so I'm going to be honest, this sounds way too good to be true. You're telling me that users don't need to type in passwords anymore, and it's more secure? How long is this going to take to implement?
Not long with Okta. I'll set up a new connection, and I've already added phone number as an identifier, so our customers have the flexibility to choose how they want to log in.
All right, nice! So our users don't even need to remember a username anymore. This is already going to be a way better experience than we have now. Let's enable it so I can be the first one to test it out.
Well, we're actually already done. Passkeys is enabled. Let's see if you can sign in from your phone without a password.
Okay, cool. So I already registered for Streamward on my laptop, just like our customers would. So now I'll just try signing in from my phone. So I'll go ahead and type in my phone number. This time I'll continue with the passkey. I'll go ahead and save it, so this works on other devices. And then I'll authenticate with Face ID, and I'm in! No password required. This is great, and I'm, I'm really excited about it, but a ton of our users watch Streamward on their tablets. So is this going to work on those devices?
Yes. In fact, Passkeys works across multiple devices in the same ecosystem. So that Passkey you just made on your phone is the same one you use on your tablet. Let's try it out.
All right, good idea. I'll just go ahead and go to the Streamward app on my tablet. All right, looks like it's just going to recommend that I sign in with my existing account using Passkeys. I'll continue with that. Then I'll use Face ID to authenticate. And again, I'm in. Super easy. I like this.
With Okta's universal login, we can easily customize the sign-up and sign-in flow and have a consistent look and feel for all devices.
Okay, easily? Does this mean I'm not going to have to wait months for my A/B Testing anymore?
Not only that, Okta AI can make recommendations for our sign-up and sign-up flow. Let's see what this recommends for streamward.com.
All right, so let me see this. Okay, it looks like it's making a recommendation that we promote the newest island... or the newest season of Puppy Island on our sign-up page. That should really help boost sign-ups. Let's enable that too.
Sure. Just a couple of clicks, I can customize our branding and theme.
Awesome. Yeah, this is really going to make A/B Testing and optimization a breeze.
Definitely. Now that Okta saved us a ton of time, should we get back to tackling that Streamward account sharing problem?
You read my mind. Back to you, Shiv!
Give, give it up to the demo team. So cool. A single toggle, and you have passkeys enabled for all your customers. It's great to see how identity is powering these new advancements in technology. Now, we all play a vital role in shaping the digital user experience that differentiates our products and services. You don't have to wait to take action. All of you here today and everyone watching this live online can try all of the powerful capabilities of the Customer Identity Cloud right now by creating a free account. Simply visit Okta.com or scan the QR code to get started. To sum up, Okta Customer Identity Cloud is leading the charge in enabling you to embrace AI's potential. We envision a future where AI enhances our defense and offense, delivers great experiences that drive growth, and enables us to innovate even faster.
Together, we will shape a more secure and innovative future. So let's take the leap into the age of AI and move beyond login. Now, this is just a preview. We've got so much in store for you today. To learn more, make sure you join us at the Customer Identity Cloud keynote this afternoon, where you will hear from our customer, Twilio, and their journey of moving beyond login. Now, let's welcome Sagnik, our President and Chief Development Officer, Workforce Identity, to the stage, so he can share all of the innovation we have coming for Workforce Identity. Please welcome Sagnik.
Hi, everyone. It's really exciting to be here with all of you. I saw Shiv started with a shout-out to developers. That worked very well, so I feel like I need to do something like that for Workforce. So will all employees, employers, past employees, past employers, future employees, future employers, give a cheer? The Workforce Identity Cloud is a unified offering that enables customers to ensure that the right people get the right access to the right technology, in the right context, at the right time. It helps thousands of customers make sure that they actually get the best work done, drive identity-powered security, accelerate automation, modernize IT for employees, contractors, and business partners. That, coupled with the depth and breadth of integrations, really ensures that you can harness the full power of your technology stack while keeping your businesses secure in today's modern, AI-driven world.
Today, we are introducing a range of new products and capabilities powered with Okta AI, that will help improve agility, flexibility, and security of your organization. The first of which is Policy Recommender with Okta AI. Policy Recommender gives admins key insights and policy recommendations based on security best practices, and aggregated AI-driven intelligence from the broader Okta community. It helps ensure that you configure the most secure access policies for every app. Now, protecting access to resources is very important, but in this modern AI-driven world, it's just not enough. To understand how much the threat landscape has changed, let's just rewind back a few years to 2019. Back then, a simple MFA with SMS as a factor could prevent 96% of all phishing attacks. Isn't that crazy? 96% of all phishing attacks.
Fast-forward to today, and a staggering 86% of breaches stem from some form of credential abuse. AI is a major factor, powering a 47% growth in successful phishing attacks. To protect against identity threats today, one has to think and go beyond SSO and MFA. At Okta, we are doing just that with a new capability to FastPass, Okta's phishing-resistant authenticator called Context Reevaluation. Context Reevaluation helps run device security checks every time a new app is accessed. This means we can prevent further access anytime a device or a session is compromised. The best part, it works for all apps on all devices, managed or unmanaged. This is the first step of many that we are taking here at Okta to protect our customers beyond just the initial point of authentication. Identity is the only technology that universally integrates with your entire technology stack.
You can think of it as the connective glue that brings your entire tech ecosystem together. That is why it is no longer sufficient to think of identity as just the front door to your tech stack. Powered by AI, identity has to become the backbone of your entire technology story. At Okta, we are working hard to make this vision a reality. Along the journey, we are bringing the entire ecosystem along with us, be it network security providers, XDRs, all the way to devices and the many, many apps that run on them to make your business successful. Working together, we can unlock unique outcomes that were just not possible before.... That is why today we are unveiling a new product, Okta Identity Threat Protection with Okta AI. Identity Threat Protection helps customers automate detection and remediation of identity threats across their entire tech stack.
Think of it as an ITDR for Okta. You no longer need another ITDR solution for a single actionable view. Identity Threat Protection enables three critical capabilities. First, it integrates risk signals from a variety of sources to provide you with a single, actionable threat intelligence solution. We are working with best-in-class security partners like CrowdStrike, Palo Alto Networks, Zscaler, Jamf, and many, many others to bring their data along with Okta's rich data. Second, it leverages AI to continuously evaluate a risk score for the user, device, and session. And third, it provides a wide range of flexible inline actions to remediate identity threats in real time. One of the most powerful adaptive inline actions we are supporting is Universal Logout. Universal Logout allows customers to log users out of critical apps across all devices immediately. Let me repeat that.
Now, as a response to an identity threat, you can log users out right away. This means even if a bad actor manages to hijack a session, we at Okta can work with you to invalidate that session. The industry has been requesting for this for a very long time, and we're excited to be the first ones to deliver this to our customers. Finally, in order to help you better deal with the huge amounts of data available in Okta, we are introducing a new capability, Log Investigator with Okta AI. Log Investigator helps admins rationalize, analyze, and understand the massive amount of data available in their Okta system logs. Powered by AI, it provides a conversational interface on top of Okta's rich data.
Together with Identity Threat Protection, now customers can get access to critical insights like risk signals, risk scores, anomalies, user access history, and so much more, simply by posing a question to Okta in natural language. Now, we say seeing is believing. We discussed a lot of really cool functionalities, so let's invite Jen and Alvin to the stage to show how all this comes together. Be prepared to get your mind blown.
Thanks, Sagnik. Now, let's take a look at how Okta AI can help you harness the full power of your security stack to detect, assess, and respond to identity threats.
Oof! It's busy at work, and just like any other day, I'm logged into my work apps through Okta, like email, Salesforce, and Box, and more. But I got to let you in on a little secret. I'm a huge Taylor Swift fan. And I scored last-minute tickets to her upcoming concert. And I can't help but to check to see if my ticket order came through. I sent it over to my personal email, so let's take a look there. Oh, my God! They arrived! Can't wait to get my hands on these. I always thought Taylor was spelled with a Y. Anyway, I'll just go ahead and print these. Look, I've got to let my friends know. I'll send them a message on Slack.
What Alvin doesn't know is that as he clicks this link, Okta AI is working behind the scenes to continuously evaluate risk from across our tech ecosystem.
Uh-oh. Looks like my Swiftie spirit got me into some hot water. I was logged out of Slack. Let me check my other applications, just to be sure. And I was logged out of Box and my email, and I got this security alert?
Oh, Alvin, and here I thought you would have already learned your lesson after your Beyoncé incident. But the good news is, this attempted security breach has been blocked. As you saw, Alvin clicked on a malicious link. However, Okta was able to terminate his sessions across all apps and prevent him from logging in again until SecOps is able to investigate. This means that even if malware got onto his device, his sessions would have already been invalidated, leaving an attacker little to no room for action. Now, what you just witnessed is a Universal Logout event that Okta executed in response to a security incident. Universal Logout has long been a moving target in the industry, and this means we finally have a solution for Single Sign-Out, not just Single Sign-On. Now, let's take a look at how an admin would experience this incident.
Upon getting alerted that a user has been logged out, an admin can gather the forensics she needs simply by asking a question. Using Log Investigator with Okta AI, we can ask something like, "Why was Alvin logged out?" Its natural language processing capabilities will give us an answer in plain English. For example, here you can see that Alvin's risk score jumped, triggering the Universal Logout policy. Now, let's dive in a bit deeper. Switching over to the Identity Threat Analytics, we can see a broad set of risk signals coming from across our tech ecosystem. For example, you can see some from Palo Alto Networks, Jamf, or other security tools you may be using. All this is contributing to a user's risk score, which Okta AI continuously evaluates.
Let's pause here for a moment. This is a unifying moment for the security industry. These best-in-class security tools are posting signals to Okta in real time, and the good news is that Okta brings the broadest ecosystem of partners and continues to grow by the day.
Looking at our partner, Palo Alto Networks UI, we can see that as soon as Alvin clicked on that malicious link, Palo Alto Networks detected a high-risk event and immediately posted that to Okta. Back in the Okta dashboard, we can see that Alvin's risk level is elevated and that Okta triggered the Universal Logout as a result. All right, now that we've contained this incident, let's take a look at one more item on my to-do list. I've been meaning to check out the new Policy Recommender with Okta AI to ensure that our access policies are as secure as possible. For example, as I set up Google Workspace, I can go to this Authentication tab, and if I scroll down, I can click on this Recommend a policy button.
Policy Recommender will start generating custom insights to protect all of your applications based on millions of data points within Okta and industry best practices. So to recap, we're using Okta AI to do three powerful things. The first is to detect, assess, and respond to identity threats. The second is to gather insights from Okta system logs simply by asking a question. And the third is to get customized policy recommendations for every app to protect you, your workforce, and any other eager concertgoers out there. Thank you.
Thank you so much, Jen and Alvin. That was awesome. Workforce Identity Cloud, helping customers, employees, and Taylor Swift and Beyoncé fans for 15 years now. So to summarize and recap, one, AI is driving a big paradigm shift when it comes to security and identity, and identity has to leverage AI to stay ahead of the curve. Two, in this modern, new, AI-driven world, one has to think and go beyond SSO and MFA. And three, it's time now to reimagine the role identity plays when it comes to security. One has to think of identity as the backbone to a holistic security strategy. We introduced a lot of cool products and new capabilities, but keep in mind, they were just previews. To learn more about all of them and so much more, please join us for the Workforce Identity Cloud keynote section later this afternoon.
We are really, really excited to take Workforce Identity forward, partnering with all of you. Thank you so much, and please welcome Todd back on stage.
Thanks to Sagnik and Shiv and Alvin and Jen and Nav and Mallory and Christiana. You guys are amazing, and I love seeing the products in action. We've covered a lot today about how Okta technology solves some of the most pressing issues of our time. As we look around, we see people and talent as more important than ever, yet the technical talent gap is still growing. The U.S. Department of Labor predicts that by 2030, we'll be short 85 million of these high-skilled technical people. In my conversations with customers, a common theme is this lack of identity and cybersecurity talent. Okta is driving forward with a solution and two major initiatives to help, both in the short term and the long term.
First, in the short term, Okta is providing 5,000 Okta certification grants to professionals in career transition to help them grow their Okta skills. This provides access to the training courses and free Okta certifications exam, and they're targeted at unemployed technology workers, veterans, and military spouses. These certifications are incredibly valuable. If you purchase them as a customer, they would cost over $10 million. But the real value, beyond the monetary value, is what it does for these folks' careers. In fact, for the sixth year in a row, Okta-certified individuals are among the top 20 highest-paid IT admins. Pretty cool. Over the long term, we're staying focused on the communities that we live and work in, that have always supported us. It is very critical at Okta that we give more than we take.
We know there's a large group of people that just need some help starting their technology careers. It's an inspiration, an encouragement, some early-in-career advice and input, and that's where Okta for Good comes in. Okta for Good is granting over $1.6 million to cybersecurity and STEM workforce development organizations to support these early-in-career individuals. These grants extend our reach across the globe, and they're going to help a broad range of diverse folks in critical areas of cybersecurity and software development. So we have covered a lot today. First, how our customer and workforce identity clouds help you navigate today's most pressing issues, like the dynamic threat environment, economic uncertainty, and elevated customer expectations. We've announced a ton of innovation across our two clouds to help you tackle not just the challenges of today, but the opportunities of tomorrow.
Okta AI, Identity Threat Protection, Governance Analyzer, Identity Flow Optimizer, and much more. In fact, we built a QR code summary view, so you can see it all referenced in one place. So scan this code. Scan this code! So everything we announced is summarized here, when it's coming, what product, what products it's in, and it covers things announced today and later this afternoon. And this is the only time I'll ever feel like Taylor Swift with these phones up. I am so, so, so honored and proud of our product teams for what they've done this past year. If you work in product at Okta, please stand up. That's good. Yeah, you are amazing. And they're actually... A lot of them are back at the office, making sure the demos are working. So don't be overwhelmed by the small number.
These folks are firing on all cylinders. So thank you for your hard work, and next year, I think you can do more. In fact, we have to because we see so much opportunity in the AI era for organizations like yours as identity powers the AI revolution. We all have the opportunity to either leap ahead or fall behind, and we build identity so you can leap ahead. Thank you, and enjoy Oktane.
All right. Welcome, everybody. Welcome to the investor breakout session for Oktane. Hopefully, you all got a chance to either sit in or listen in to the keynote this morning. There's a tremendous amount of new product innovation that's going on, so we're happy that we're here to answer any and all your questions about that. So really, we just have 60 minutes for Q&A. This is your hour. We don't have any prepared materials to review, so we're just going to open it up for questions. But we do have Todd McKinnon, our Chief Executive. We have Eugenio Pace, who is our President of Business Operations, and Brett Tighe, our Chief Financial Officer. So again, this is your hour. Please, raise your hand. We're only taking questions in the room, and, when we get to you with a mic, please state your name and your firm.
With that, we'll take the first question. Sit next to me.
Hi, it's Keith Bachman from BMO.
Hey.
Nice to see everybody.
Nice to see you.
Good presentation this morning.
Oh, thank you.
Todd and company. It was great. I had two, one macro and then one micro, but on... There's a lot of information, and new solutions, new activities announced this morning. And, you know, if you called out over the next six to 12 months, what could be more impactful amongst the new that we could think about? And, you know, how AI may infuse in some of that differentiation, but maybe sort of just give us, you know, a couple that you think could be more impactful, and then I'll wait for my micro.
We have a... I don't know if we've shared our PDF with all of you. Have we showed that?
Brett just showed me a snapshot, but I haven't-
Okay. One of the things we did this year, because there is so much innovation and so many things we're announcing, we just wrote it all down for you. So it's in a PDF, and you see which products it's in. For, you know, is it a feature? Is it a new product, where it fits? And because there is a lot there, so we wanted to help you navigate it. The two I'm most excited about are, one, the Identity Threat Protection with Okta AI.
Mm.
And it's really, for the real reason, I think it's really going to be impactful for customers. I think it can really help the defenses be stronger, and more importantly, it's the integration of all the players-
... We're seeing really good technical collaboration between Zscaler, CrowdStrike, Palo Alto Networks, Jamf, and on, and on, and on, and that, that ecosystem is what the industry needs to stop these some of these attacks. So that's really exciting. And then the second one is, Fine-Grained Authorization. It's a new product. It's basically Customer Identity Cloud has been mostly about authentication, and this opens a whole new product or the whole new value prop that's gonna help developers be more productive, do more in their stack than we were able to do before, provide more value. So those are the two I call out.
Okay, terrific. Then, more specifically on IGA or governance, I was walking the show floor last night, and there was some, I thought, some incremental excitement about IGA.
Mm-hmm.
I just wanted to hear, how do you think about IGA combined when with the Workflows? Because some of the, you know, some of the partners talked about how there were some natural tendencies for those to work in conjunction that may actually help pull some IGA. And then secondly, even like insurance company, like, to get your cyber insurance, that governance is becoming increasingly important. So it seems like there are some catalysts to the, you know, for the IGA adoption, but just wanted to hear a little bit more about how you think those things are working with the rest of your portfolio. And then thank you for letting me ask a question before John DiFucci. I appreciate that.
We were gonna make you guys do push-ups for who got to, who got to ask first. You won the push-up contest? So the way to think about it, so we are very, very excited with IGA, both in terms of the long-term opportunity, but also with the execution on it and the progress on it. We updated you in the Q2 earnings call with a little bit of details there. We're very excited about that. I think specifically around what it does and what the solution is, it's a little bit of a... Not everyone really understands it.
So a very simple way to think about it is Okta. It does Single Sign-On authentication and, like, strong authentication with multifactor, but it also has a big part of it that it's basically like a big replication engine and synchronization engine that synchronizes accounts across multiple directories and applications. And in the world of the cloud and the world of SaaS, the whole idea is you can't block things at the firewall. You actually have to go into all the apps and change the profiles and update the permissions. And so we've always done this with a capability called Lifecycle Management. Then over the last five or six years, we've made a ton of progress on, one, making Lifecycle Management more customizable with Workflows. So first step was Lifecycle Management. That's been in the product forever.
We added Workflows to it to make it more customizable. So the simple example is you can't just say, before, you'd say, when you use Workday, when a new employee is hired, you can set up a simple rule that says, "These are the apps that account gets created in." That was good for companies, but many companies needed more power and customization, so Workflows allows them to do anything they want. They can provide any kind of flow without writing any code. They can have the most complex process around how accounts get created in different apps. In fact, the team at NTT DATA actually uses Workflows to essentially, from a global user base of several hundred thousand, create one central, deduplicated, user directory for the entire company across 50+ HR systems and, you know, 100 active directories.
So this is not like some little, you know, out of the box, you can just say, "All right, have a simple rule." This is, like, hard. You have you, you have different double-byte characters, and you have complex names, and you have to rationalize the ambiguity. So that is what Workflows does. So then the next thing that really made it IGA, because an IGA product, what you really want is you want everything automated. You don't want to have to manually or do kind of post-facto review of any kind of access. You want it all automated and, and, and, you know, done out of the box. You know, in terms of an automated solution. So what IGA really does is it takes Lifecycle Management plus Workflows and adds two very important last pieces.
One is the process to do a, what's called an Access Certification workflow, which is essentially like send out an email to all the managers in a configurable way, and let them attest to the fact that the access that the system is automatically given is, in fact, the access they should have. So it's Access Certification process. And then the last piece is basically report on it to your auditors. So, and it's important it's integrated with Workflows and Lifecycle Management because the report is the, like, the final authority to your auditors that says, "Here are the manual attestations through Workflows, and here is the automated process that was, you know, all synchronized to the engine." So when you ask, is Workflows important? It's absolutely important because you have to have that extensibility and customization to do that.
So, we're very excited about it, and the best thing about it is the converged solution with Workforce. So the three legs of the stool are access management, privileged access, and governance. And if you think about access management, it's basically Single Sign-On, and it's strong authentication, phishing-resistant authentication for all your apps. Privileged access essentially brings that to all of your sensitive infrastructure resources, which makes sense, right? You want to be able to have a strong authentication on your servers, as well as your containers, as well as your databases, not just on your apps. And then the third leg of the stool is governance, because ultimately, at the end of the day, you want as much of that automated as possible.
So you can create the server accounts at the right time, just like you create the apps based on someone being hired or fired or changed roles. And then the last thing they want is they want to be able to show one report to the governance, the auditors, and say, "It's everything." It's not just apps, it's not just finance, it's not just one app. It's across critical resources, across different personas, contractors, employees, partners. So that's why the real exciting thing is this. We talk about the governance market, and it's an important market, but really what's gonna happen is that we're in the catbird seat for this converged solution, which is why we're pumped about it.
Can I, can I share why I'm excited?
... As well? Okay, so plus one on the things that Todd mentioned. FGA, it's been a long time in the making, and if you've been in this industry for long enough, you will know that authentication is a little bit like natural numbers to math, and authorization is a little bit like real numbers in math. It's an entire different level of complexity because it goes into the domains of the apps. You know, if you think about authentication, is login yes or no, then you can argue with different levels of assurance. But authorization is like, can I approve an expense report of $1,000 if I am in this role? And that goes into the domain of the applications, and it's been very, very difficult to factor out from apps.
And we cracked the code for that. Now we have a service that is able to capture all that complexity and put it in one place for better management, low risk, faster implementation. We removed all that complexity from the application developer, and it's really, really exciting. But what makes it more exciting now, and the reason why now it's, it's probably the best time for this to happen, is that now we can use AI as the way—as a translator of a policy into the actual runtime. Because before, we had to encode all those rules in either in code or in domain-specific languages, which are very difficult to understand and master, and it's easy to make mistakes. But now, AI is actually a way of transforming English into runtime. And you can write that rule.
It says, "Only people in this role, you know, if I am the CFO, I can approve an expense report over $1 million.
Yeah.
I think you can do that.
That's good.
That's pretty exciting. But there, one thing that we didn't mention in the keynote, which I am very excited about-
There is something we didn't mention?
There's plenty of things that we didn't mention, is that we are using AI for ourselves, too. So we showed you what we're doing for our customers, which is a lot, and it brings a lot of value and a lot of productivity to them. But as you all know, I have a different role in our company, and I am looking after how, when we use AI for ourselves to drive productivity, we are using it for account enrichment in our sales processes. We are using it for finding correlation between our two products and how customers are using one product and taking advantage of the other product and making our own processes more efficient, which is pretty exciting to see as well.
So two things before the next question that I forgot to mention. One, is that there is a PDF on our IR website that summarizes all of our new product information. So go there, download it. Secondly, in less than 10 minutes' time, there's gonna be, at 11:20, a test from the emergency broadcast system. So everybody's phone's gonna go off with this test. So just to let you know, you don't have to... Janice is gonna take the next question.
Maybe just sticking with things not mentioned during the keynote, any update on PAM and timing that?
Yeah, I thought we announced that. Maybe we're doing it in the WIC keynote this afternoon.
Yeah.
The GA is December.
December?
Yeah.
Okay.
It's all on track. Everything's great. The early access is proceeding as planned.
Okay, awesome. And then just on AI-
That keynote this afternoon is, we had the keynote this morning was too long, so we had to put that in the Workforce Identity Cloud keynote. That's planned this afternoon.
Okay, makes sense. Thank you. And then just on AI, how should we think about monetization? And then just any sense of gross margin impact?
Yeah, so one of the things about the PDF is you got to look at, you know, there's two ways to monetize it. One is with new products, it's powering. You know, it's, it's... I would say it's the, for the two I was most excited about, threat protection and fine grain authorization, it's probably more impactful in threat protection, but there are elements of it in fine grain authorization, as Eugenio was talking about. So on that list, you can see the new products and, the, you know, they're powered by Okta AI, so you can see the direct impact there. And then the second thing is that it's, there's, it's in a bunch of other areas of the company as well, in the product suite. And there, it's like, you know, for example, one of the examples is Policy Recommender.
That's not gonna be—we're not gonna monetize that directly, but it's gonna make Okta as a workforce ID solution, you know, even more compelling than it already is and, you know, add the value. And so that's how you kinda decode that.
Hi. Hey, guys.
Hey.
John, Guggenheim. And usually, I go before Keith because it's age before beauty, and that's what happens. But PAM is something that's really interesting, and I like the way, Todd, you explained the whole platform. And as you know, people have tried to do this before. Like, I mean, go back 20 years, Oracle tried to do it, buying companies, plumbing together. CA tried to do... I mean, other companies tried, IBM, they had components, but it never really worked. Now, you're different 'cause you control everything in the cloud, so I think that's sort of the answer. But I guess, I wanted to, just even on Joe's question, too, so if you could hit that, but also I know you had early release PAM, too.
If you could just share a little bit about how that's going, you know, it just would... And the way you described it all truly sounds like one platform.
Mm-hmm. Yeah.
I just have one quick follow-up after.
Yeah, so you got-- you're gonna be started about the history of the identity industry.
You knew-
But you and I-
You knew which investor Q&A you were coming to. You knew you were gonna get-
... I think that the, if you look at some of the IBM, Oracle, especially, and CA to a lesser degree, and I guess IBM as well, I think they had it was software, and they bought a bunch of companies. And that's pretty hard to make that work. I think the difference with Okta, you know, we've done a major acquisition, and it was there's a distinction between trying to take the Workforce Identity Cloud and force it together through acquisitions and, and doing what we're doing, which is there's really two big pillars of the identity market writ large, and they're customer and their workforce. And we're, we're working on some integration to, to integrate the two functionally, but those two teams are running fast in parallel.
One of the reasons why we can deliver so much innovation is because they're focused on customer, and these guys are focused on workforce, and that's powerful. So I think we struck the balance right of where we used M&A to bolster our portfolio, not in a way that was gonna take away from the obvious value out of being converged. So now let's talk about workforce. So we have done a bunch of technology tuck-ins. We bought a company six or six years ago called Advanced Server Access. Or, sorry, it was called... It was a company that led to Advanced Server Access.
ScaleFT.
Yeah, it was a company called ScaleFT. 15 years, I've never had this happen. So the... And then we also bought, we did a technology tuck-in around, that was the genesis of Workflows, a company called . And these were, these were, they weren't done from a, like, we're gonna take some businesses and, and merge them together. They were done from a technology roadmap perspective. We knew that the Workflows acquisition was something intentional that we didn't have in the platform, that we went out and bought this component that would add to it. Advanced Server Access was very different than what we were doing at the time. It was speaking a different protocol for servers, and the PAM solution is actually, it's actually, there's a...
You upgrade from ASA into PAM, but PAM is actually gonna be even more integrated to the core platform than ASA was. And that was an intentional choice based on the history of ASA and how customers have used it and the value they saw and integrate it more deeply to the platform. So think of PAM as not just an upgrade to ASA, but a more integrated upgrade to ASA.
Okay. Okay.
One, one platform is not equal to one implementation. You know, there's spreadsheets and documents, but it's copy-paste in both. So we are focusing on, you know, the tailored, optimized experience for what we're trying to do, customer identity and workforce, but we have the equivalent of copy-paste across both. So we take advantage of the fact that we have we are on both sides. And there was a demo today that showed, maybe for the first time, one of those, you know, copy-paste moments we have in our platform. And it was a demo where somebody onboarded an application from the Okta Integration Network, you know, that was powered by customer identity, and therefore, it had all these features: Single SIgn-On, single logout, governance, provisioning, all of that was just worked because we are on both sides.
Okay. And if I could, just for a high-level question, Todd, I remember talking to you a year ago when things were not as bright at Okta, and just saying, like, wondering what you were gonna do because you had some executives that departed at the time. And you, I remember you just saying: "Hey, John, I'm the founding CEO. I take all responsibility, and I'll figure this out, and we're gonna work hard. I got a good team here." And you've sort of proved that over the last year, I think, anyway.
Well, definitely the work hard part.
And, and, and, and-
I'm always not good at that.
And even Auth0, the Auth0 acquisition, at least from the investment community, when it was first done, it was, like, questioned a lot, but now it is... Eugenio, I don't know you, but I know a lot of pe- not a lot. I know some people on your board and, and that you thought the world of him, and, and I thought, wow, this is gonna be-
Thank you.
A good acquisition in that way, too, and it looks like it has been that. So, but there's still, I don't want to say holes, but you don't have permanent people in certain executive roles, and I just wonder how you see that playing out, 'cause so far, I mean, it's my opinion, it's played out pretty well. But that's it.
Yeah, I think that... When I first started the president search, eight months ago, I thought it would be a six to nine-month process, and we're coming up on nine months, so I think you'll hear more about that in, you know, not too long.
Oh, hey, thank you very much. Hi, thanks for taking the question. Colin DeShon with Sterling Capital. One maybe for Todd and Eugenio, and it's really just on the two cloud strategy going forward. Todd, you talked a little bit about merging some of the functionality now between those two clouds. But given that we're in a slower growth environment, I, you know, I recognize years ago, when the acquisition was first completed, it's harder to integrate while you're trying to keep up with free capital and go-go growth cycles. But now we've got an opportunity in a slower growth environment to kind of build the long-term platform the right way.
I'm wondering if you can just maybe shed some color on the continued decision to maintain those two separate clouds, or can you use this slower growth environment to maybe rearchitect or have them much closer integrated?
I think it would be-
Thanks.
We won't do that. I think it'd be a huge mistake. And I think it'd be a huge mistake because these, our strategy is we're capitalizing on this early lead we have in being a big and independent neutral identity company. So the strategy is very clear. The strategy is we need to have the best identity products in all the categories of identity. If we're really, really gonna elevate identity to be one of the most important platform choices a company makes, you know, up there with their infrastructure cloud or collaboration cloud. We have to have the leading identity product, from on all the use cases, PAM, IGA, Access Management, Customer Identity. And so Customer Identity, particularly, that market is, the complete solution, like, what are the boundaries of the market? It's still early. We have a chance to define it there.
Like, is fraud prevention in there? Is actually verifiable IDs in there? Is bot detection in there? There's a lot of areas where we can help define that market, so it would be absolutely the wrong time to slow that team down and slow the workforce team down and smash stuff together. That's not gonna happen. Now, we are very conscious of margins and being prudent in this environment, but I just think the wrong... You know, when we're all back together in 10, 15, 20 years and we're massive, we're gonna look back on this and be like, "That was a smart decision.
It wasn't a smart decision to just slow down those teams and make a bunch of coupling and mix things together. Now, that being said, we are being very thoughtful and smart about how we build synergies between the two platforms. And Eugenio gave one of the examples with this concept of one of the hardest things if you're a SaaS app builder, is building the functionality and then helping enterprises adopt it in a way that's, quote, unquote, "enterprise ready." And so if you use Customer Identity Cloud, it's just gonna work with Okta Workforce customers, 18,400+. So that's powerful.
And what it leads to is this, the whole ecosystem being more interoperable and more extensible, and companies aren't gonna have to worry about, like, "Oh, does this app support this protocol, or does this app support Universal Logout? Can it respond to identity threats? Can it log people out? Can it take other actions? Can it... You know, when I do governance, does the application that is being delivered to my users, does it speak the same Fine-Grained Authorization level that my IGA product from Workforce expects?" That's powerful. It's never been possible. And so this is the kind of thing we're focused on from a strategic perspective, while trying to win both these markets. The last thing about our strategy that's super important is we are an identity company, which means we are focused on identity use cases.
We're not gonna go compete with CrowdStrike, we're not gonna go compete with Zscaler. We have a very different worldview than Microsoft, which says, and I believe all big platforms will get there eventually, Amazon and Google, and they're all gonna... Salesforce already does it to some degree. They're all gonna think, "Oh, the identity I'm building for my products and my platform is good enough to be the Okta for the industry." So we think that's totally the wrong approach, because if one platform tries to be the Okta for the industry, all of a sudden, their favorite stuff, their collaboration, their security tools work better. And both by the way, what if you value your tools a bit? What is it for the threat landscape? What do you think are better? We see the world very differently.
We think identity is one of these primary clouds, and we integrate very well, interoperable with everything in the ecosystem. That's the only solution for customers, so that's what we're doing.
I would say, just on the two platforms, we are one company, and it's not that one team doesn't talk to the other team at all. Now, we are focused on the specifics. It's like, you know, we are a car manufacturer, and we have two types of cars. We have minivans and sports cars. I'm not gonna say which one is which.
You're the minivan. You're the minivan.
So both have wheels, and both have transmission, and maybe the same transmission both, but the purpose of one and the other is very different. Somebody buying a sports car is not gonna buy a minivan. We have a similar experience because, you know, we sell to IT organizations, and we sell to product organizations. The way they evaluate, the way they... What they're trying to achieve, even though it's, you know, more in the car, is like moving from one place to another. And they expect to have a steering wheel, and they expect to have, like, you know, seats and whatnot. There is commonality, but the reason they're purchasing one another is very different. With that said, IGA, back to the Fine-Grained Authorization, is not tied to one or the other.
It can be used in anything, and it can be used in both. And because we are one, one team, really, one company, now we are building stuff that it can be actually leveraged in across the entire spectrum of our product portfolio, and that gives us also an advantage. But we are optimizing in the things that are providing value, like us migrating to a single database. What good is it gonna make? You know, we use in CIC, there's like five databases in the same solution because they're inside the product. They're being used for different reasons, too.
How do you think about the margin part of that question?
Margin of... In terms of having two different businesses?
No, just in general, like, the how we're managing margins and-
I think we're doing an excellent job of managing margins. Have you guys seen the improvement over this last year?
Yeah.
It's a, I think it's-
With respect to the two clouds, though.
I think, we obviously are gonna make the trade-offs to the right thing for the business to be able to grow the business profitably over the long term. So, you know, we'll make, you know, obviously, address the market as best we can. I, I don't... Frankly, the growth is the most important thing for us, and we will continue, but we'll continue to drive margins up as well. So, yeah.
Thank you for getting me involved. I was like, "It's nice listening to you guys," and, like, just been waiting for a question from one of these guys.
Okay, Gray Powell from BTIG. Thanks for-
Yeah, no worries.
Yeah. Thank you for taking the question. And, Todd, you literally just hit on my question a few seconds ago. So I guess just talking with a lot of people on the conference floor, it does seem like there's a lot of interest in the different integrations that you have with other independent security vendors.
Yeah.
Could you maybe, like, elaborate on what exactly you're doing there? How that further-
Yeah.
Yeah, and just what you... How that further differentiates you from Microsoft?
Yeah. How was the buzz? Like, how was the energy? It feel good?
I thought it was pretty good, yeah.
Yeah, good. Appreciate that feedback. Yeah, when I'm there, it's people always act excited around me. It's good to get again. So I think the Identity Threat Protection with Okta AI, it's really like a new... Think about, like, a new protocol to exchange risk signals. So it's how does something on the endpoint communicate and collaborate into the identity stack, and what are the semantics around what those signals are and mean? And that's the, that's the that quote, unquote, "protocol" between all these partners that we've signed up for this exciting product. You know, Jamf, Zscaler, Palo Alto Networks, CrowdStrike, the ones we talked about there, and there's many more as well. It's like, what is the signal?
What are the semantics of the signal, and how does it get passed between different things, both on a client and also, you can, they can be shared on, not on the client, too. Like, the Zscaler server can share a security risk signal across the wire. So that's really the technical. And the differentiation is the differentiation is really, is in the, the, the, in this both from, specific product and more broadly, that we are building Okta for everything, and Microsoft is building Okta for Microsoft. Essentially, that's what they're doing. Like, when they have their version of, you know, they have some prototypes of a universal logout, but it only works on their apps. They haven't been able to reach outside of their ecosystem.
Part of this is this protocol concept, where it's hard for them to collaborate and communicate with all these vendors because CrowdStrike, they're coming after CrowdStrike, they're coming after Zscaler. So it's like, what is your worldview? Is security gonna be done by one monolithic platform, or is it gonna be done by an open ecosystem? And I think history is on our side here, 'cause the history of the security industry is more on the ecosystem side. There's a reason why no one's ever rolled up the whole security industry. It's because it's an adversarial environment, and once you start doing that, there's new people that come out for new threats, and they have to block the new threats, and you need that to hook into one central identity plane to be successful.
So that's ultimately the specifics about Identity Threat Protection with Okta AI, and just more generally about how we think about... And I know everyone is, Microsoft seems very serious about this, security and identity and, I'm sure that at some level they are serious about it. But I think every big platform will go through this. Salesforce went through it. They said: "Oh, identity for Salesforce. We can extend that beyond our ecosystem." Now they've kind of retrenched, and they're partnering with the, with us more. Microsoft is in the throes of this right now, and I think that they, they've been at it pretty consistently, for a few years now. I think it'll run its course.
'Cause the world is gonna see that, you know, you can either accept the worldview that you have many things beyond Microsoft, or, or you can try to shoehorn this world where, oh, it's all from Microsoft, and I can kind of get these across ecosystem security features without being in the ecosystem. That's gonna be ultimately challenging. So I think that's the way to think about it. You know, do you want Okta for Microsoft, or you want Okta for everything? And we're, we're focused on building Okta for everything.
Hey, Todd, it's Rob Owens from Piper.
Hey, Rob.
Short guy in the back here. Could you build on that a little bit with that Universal Logout capability? How difficult it is to do? Is it automated within the Okta Integration Network, and if a vendor or an application doesn't sit within that network, what is the heavy lifting to be able to do that type?
Yeah, it's really a-
Just one question from me. I'm not gonna pull DiFucci here, so.
It reminds me a lot of the early days, the early days of Okta, where when we... It's weird to think about it now, that when we started Okta... And by the way, one point about Microsoft, another point about Microsoft, I mean, like, having a big, motivated competitor can be scary and intimidating, but when I look at their products, a part of me is really happy because we changed the world. I mean, they have their version of the Okta Integration Network. It looks like our product, and it's like 15 years ago, that was not how people rolled. There was no concept of identity Integration Networks. They were. Everyone was saying, "SAML, SAML, SAML, SAML." We came along, and we said: "Wait a minute, this is crazy.
We should build something so that it's all pre-integrated, and we could do it because we're in the cloud. We could maintain the thing centrally, and we could build the ecosystem around updating those and maintaining those in this flywheel we have." And, you know, and now I look, I look at, Universal Logout, and it reminds me of those early days when you look across the spectrum of critical apps, and they all have a version of capabilities to do an API-driven logout, but they're all different. And back 15 years ago, that was similar for user management or for Single Sign-On. And instead of us saying, "Hey, everyone, adopt this protocol," what we said was, "We are gonna build the integrations.
We're gonna build this one, and we're gonna build this one, and we're gonna build this one, and we're gonna build... And we can amortize that cost over our massive customer base. And now we're gonna say: Hey, application, you know, 28 through 1,000 and 1,000 through 8,000, we have this platform, Customer Identity Cloud, that if you use it to build your SaaS applications, you, you, you're just in there. And now the number of apps that support this Universal Logout goes from 25, 50 to 100,000. Pretty soon, it's gonna be just like, and you won't want to have an app at a company that doesn't support Universal Logout. This would be crazy. Like, why wouldn't you? And so that's how flywheel is gonna happen in this case. And, and this will happen, Rob, for, for many other technologies.
Universal Logout, I talked about the security signals, the security signal sharing, and on and on and on, because we're focused on this ecosystem. We are not focused on, "Hey, we're gonna give you all the apps, we're gonna give you collaboration, we're gonna give you cloud infrastructure, and we're gonna give you everything, and we're gonna give you Okta for that." No, we're Okta for everything.
And think about it, the SaaS application builder, they want to sell to big companies eventually. You know, your enterprise SaaS, you want to sell to... What is the best path towards that, than being on the Okta Integration Network? Because that, you have guaranteed that you have passed the bar, the minimum security bar that any company is gonna demand from you.... It's not gonna be just Single Sign-On. It's gonna be Single Sign-On, single logout, provisioning, et cetera, governance, et cetera, and we make that all automatic.
Thank you. Shaul Eyal with TD Cowen. Thank you for hosting this.
By the way, it's nice to see you all in person, not on Zoom.
One for Eugenio, one for Todd. Maybe starting with Todd, maybe killing the MGM topic right away. And thank you for, you know, the straightforward press release that you guys have put a couple of days after that, after that breach. Is that actually generating new business? Is that impacting business, maybe negatively? Maybe the second question, Eugenio, as an ex-Microsoft guy, what is it that you can tell us about Microsoft, about Entra ID? I know it's been some years since, you know, you left Microsoft, but still, what is it?
A few years.
Yeah. Yeah. But what is it that you're hearing, maybe from your ex people?
Yeah, I think it's weird. It's named a word that sounds just like Okta. It's weird, right?
Yeah.
Why would you name it, name it, rename it to sound just like Okta?
Entra.
What is it? Entra, Okta, Entra.
Okta ID.
Yeah. So on your first question, I think there are organizations in the world that realize the importance of identity and how critical it is, and how it's the root at so much of a robust security posture, and then on top of that, how the processes and capabilities and configurations of the identity system, how critical that is. And then there's people that don't really get that yet. And our big thing from a marketing and a positioning and a customer success perspective is try to move more people into the first category than in the second category. And I think that when you talk about issues like this and are they moving the market, I think the big theme in the market is: Are you kinda understanding how important identity is or are you not?
And I think, broadly speaking, as more and more breaches have involvement of the identity system, and there's an initial compromise that goes to the identity system, I think that raises the profile of identity and moves more people from this camp of, you know, I'm not sure how important it is to be more important. And specifically on MGM, on that topic, one thing we are very clear on is that we can do a better job helping customers understand our capability and flexibility of our platform, and making sure that we give them every opportunity and every piece of input to make it as secure and locked down as their security policies demand. Because if you just look at it, there's one thing to get this powerful tool that can be configured in all these different ways.
But it's another thing to really know how to set it up so it matches your security policies and risks and capabilities of the company. I'm not talking about any specific company. I think all companies can benefit from this, and that's why we have this Expert Assist offering, which is a services engagement, and also is gonna flow into the products as more of it's automated over time.
My question on Microsoft. So-
Why did they name it something that sounds like Okta?
Yes, I don't know. Entra. I understand it because I speak Spanish, but I don't think anybody understands what Entra means. Anyway, I think it's a great thing to have a formidable, capable competitor, because I don't know you, but every time I lift, I lift heavier when I lift with somebody next to me, like him. So, you know, it keeps you sharp, and-
I noticed that. The first time we worked out together, I noticed that. You were really going hard. I was like, "Dude!
So look, that's the more of the philosophical perspective, but you know, on the specifics of what we do and what they do, I think that was covered before by Todd. Let's say, between, let's say, let's pick up any big customer. Let's say, you know, Walmart. Between Walmart asking for a feature or requesting a capability in the identity platform or Office 365, to the same team, to the identity team, who do you think will win? So it's a little bit of a curse and a blessing. I was there. I know. The...
If you're a product that is not one of those, like, major, you know, revenue drivers for the business, like Office or at that time, you know, Windows or the server, the server suite, if you were, like, supporting all of those, then you always lose if you're a customer, because they always have more power. And so in many ways, their, their roadmap, their innovation is conditioned by their own other ulterior motives, which is totally fair and, and natural to happen. But that's not what we do. Because identity for them is a means to an end, and for us, it's the end. We don't do any other things. We don't have any other secret agendas or other products that we want to sell you. We don't do CRM, we don't do productivity.
We are all about identity and access management and all the things that are connected to that, and that's all we do. So for us, you know, that's... We can provide you with the best solution in this world.
Yeah, Okta has a very, on the workforce identity side, specifically, that we have a very important architectural advantage, and it's, we announced and released some additional capabilities that make it more automated and easier to set up and configure. It's called Okta for the Global 2000. But it's, it stems from an architectural advantage we have, which essentially derived, and the difference with Microsoft, derived from the fact that Azure AD was built to be the user database for Office 365. That's how it was built. The team's marching orders were: Make that work for Office 365, and that's how they built the identity stack, tightly coupled to email.
So now, if you're a big company and you want to have a distributed structure, like if you're NTT DATA or many, any other of our large customers with complex distributed environments, maybe there's some M&A, maybe there's just some parts of their business strategy and tech stack they're trying to decentralize and then in a business unit or bring something back in. They want to have security policies for the core apps centrally, but then distribute all of the security policies and technology decisions for other apps out in the business units. You can do that with Okta because we're not coupled to any app. If you try to do that with Microsoft, you're changing email addresses and email domains to do that, and that's very simply because it was built tightly coupled with email.
So this concept of, I want to have different, different rules and different policies distributed versus centralized, to the identity stuff in Microsoft, it's like, oh, that means different domains. Which is, you know, you don't want to do that. You want have different domains because you want your HR rules and your subsidiary to be different.
I'll give you another example. Can you deploy Azure AD on Amazon? No, you can't.
Someone would be fired. That would be bad.
Or on Google Cloud? You know, that's never gonna happen. I mean, never is a long time, so maybe it will happen one day, but it's not happening today. And we have, because we are independent and neutral, we offer our customers choice, the choice of which platform the underlying cloud it's running on.
Yeah, and we work really hard to integrate and cooperate with Microsoft, too. It's one of our most used apps. Azure workloads or in terms of securing those is on the rise. So we will, just like with Salesforce, keep partnering with them even though they have a competing product, and we'll be very diligent in that because ultimately, it's gonna... I mean, I know how it's gonna play out ultimately. They're gonna have to—they're gonna favor their collaboration and their infrastructure business, and they're gonna have to work with the ecosystem, which is where we'll be.
Brian.
Hi, good afternoon, Brian Essex from JP Morgan. Thanks. Thanks for me as well for doing this. This is fantastic, and like Rob, I have just one question. So Todd, I wanted to ask you about the channel strategy and, you know, I mean, we all talk to channel partners and customers. Feedback's definitely been improving, but there's still, you know, some uncertainty-
Yeah
out there, I think, about how well you're going to take care of the channel, and I know you're focused on improving your channel interaction and support. So maybe if you could give us an update of, you know, what have you been working on, seeing the most success with, what inning are we in, and what work do you have left to do to get that effort, in your mind, on par with, you know, large enterprise or, you know, larger peers than us?
Yeah, I kicked off on Tuesday morning, I kicked off the partner summit and gave them a preview of my keynote, and I talked, chatted with them. It's a packed room, a great energy around the partners. I was really excited. One of the things I told them is I said, "You know, we flash up the safe harbor in those meetings," and I said, "You'll probably never hear me talk about the safe harbor." But I was looking at it, and I said, "I think it really should have a line in there about we-- one of the risks is not doing well by the channel." It's that important to us. Lewis, so we can add that maybe? Lewis is back there, right? Because it is that important. I think we're, we're, it's...
Identity is, you know, confusing and complex and intricate and high stakes, and we need help. We need help in the channel. So channel is big, partners in general, is a big priority. We talked about some of the technology partners with the work we're doing, driving this new protocol and this collaboration around identity and threat protection with Okta AI. We're also really strategic priority to be more top of mind and provide a joint value proposition to the global SIs. You know, with all of our momentum in large enterprise, it's a really important part of that momentum because talk about you know, the thought leaders in these big companies, it's, you know, it's Deloitte, then PwC, it's Accenture and the other big SIs, and so that's. We're really focused on that.
And I'm personally really involved in those conversations because, you know, that can really move the needle there, I think, you know, in a, in a way that there's a high ROI for my investment versus the output. And so now on the partner, I would say two things more about the partner organization and the, what we're doing there. We have a really phenomenal team there now and a leadership team with Bill Hustad and his team he's brought in over the last year. They know what they're doing. They're super motivated, hardworking, channel friendly, and really plugged into all the right areas of Okta. And the last thing, very, pretty tactically, is the strategy is basically, focus on the... We still have a wide net, but we want to focus more on the highest value partners broadly.
So instead of, you know, you know, thousands and thousands, who are the partners that are gonna really move the needle from a, a sourcing deals, closing deals, supporting the customer post-deal, and align our resources to really focus on them and structure the incentives and the compensation. So what this means for your conversations with them is, I could imagine conversations of people that, that aren't, that are in that focus group are gonna be amazing. And the channels, the partners that aren't, it's probably gonna be, you know, it's gonna be good, but your channel check should be like, "Are you in the core group, and is it amazing?" Follow me there?
Uh-
'Cause that's our, that's our strategy.
Thanks.
Hey, this is Shrenik Kothari from Baird. Thanks for your time, and really exciting announcements this morning. My question, since you already highlighted threat identity, or Identity Threat Protection as one of the areas you are very excited about, because of the integrated approach... the vast partner ecosystem and the ability to tap into or cutting across technologies, EDR, MDM, and CASB. So since you highlighted key partners in the form of Palo Alto, Zscaler, CrowdStrike, I mean, a few weeks back, CrowdStrike kind of seemed to double down on Identity Threat Protection, and you highlighted opportunity 10x of what it is today. So it kind of validates that particular market and opportunity.
So just curious to hear your thoughts and how you are approaching it, or seeing it in a pure collaborative spirit, or if there is a competitive dynamic. So just wondering how you've been, a quick follow-up there.
Yeah. Identity Threat Protection is... It's really Identity Threat Protection for Okta. I think CrowdStrike has a broader-- They wanna do more. They wanna do on-premise AD, and they wanna do Azure AD, and they're doing a bunch of other identity things. We're focused on Identity Threat Protection for Okta. And they might-- If they wanna build their product to have Identity Threat Protection for Okta, too, I mean, my view is that the more protection for Okta, the better. So I think that can be collaborative. This is not-- Identity Threat Protection is not an XDR. It integrates really well with all the XDRs.
It really is a key tool in the SOC toolbox, but it's not trying to be the one UI for everything in the SOC, and it's gonna integrate and feed logs into the solutions there. Think about it as, we think more and more customers are gonna standardize on Okta, and it's in our interest, both from, you know, as a growing vendor, but also for our customers' best interest, to have an integrated ecosystem of threat protection around that, and that's what our focus is.
Got it. Thanks for that. Just quick follow-up. So the, the announcement, the acquisition announcements you did for, kind of single-click integration for your Okta Personal and... To my understanding, like, Okta Personal, as of now, is not kind of fully monetized or largely unmonetized. So just curious, how are you guys thinking of that opportunity and kind of monetization potential going forward?
Yeah. The in the workforce keynote today, we're announcing Okta for personal apps, which is essentially your Okta SSO experience, but if you work at a company, you can, you can take it with you, and you own it in terms of the terms of service, and if you leave the company, you can keep it. So that's something that, like, for example, at Okta, I all my personal apps password stored Okta, and I was one of those users of Okta Personal. So now they're all in, in my Okta Personal account. So, not that it's ever gonna be an issue, but if somehow I had to leave the company, for, for whatever reason that would happen, that's gonna happen. They're my own. I would be able to keep it. I think this is a powerful...
You know, we want to free everyone to safely use new technology, and we mean everyone. We're not meaning, like, every work, we mean everyone. And I think this is our first foray into the consumer password management and consumer application. It's very early. We also announced an acquisition, a very small acquisition today, to bolster the consumer experience of that team. And I think long term, it's pretty exciting because you can imagine this use case being pretty important, not only from a, you know, you wanna take your personal apps with you, but you also wanna, you know... Let's say you're logging into multiple Okta customers. One is your employer, one is you're a partner of, you know, that's in the B2B collaboration space. It's very interesting.
And also in the consumer space, think about our, think about how many Customer Identity Cloud websites use that for login and the potential integrations between Okta Personal apps and those sites longer term. So it's an exciting area, very early. We're not monetizing the product right now, but in the future, you can see potential of it making the, just the, again, the workforce solution more generated with the ability to offer this to employees and increase security posture and take it with them. And also, on the Customer Identity side, the opportunity to connect into that at a global consumer scale, which we're pretty far away from that right now, though, so it's pretty early to think about how we're monetizing it.
Hi, Luke Mott with Wolfe Research. Appreciate the question.
Hey.
Based on early conversations around the PAM solution, do you think customers will be considering co-pilot accounts for various programs as privileged? Thanks.
So one of the interesting things about it is we started with the resources, our servers and containers, and then working on eventually having database access support. And one of the biggest learnings from early access is people want admin accounts for access. Which seems obvious when you think about it. Okta is very strong in the setup ecosystem, so I think it's not a far stretch to think that co-pilots will have some kind of sensitive administrative access, as well. So not to mention, this is not specific to PAM, but I think there's an interesting opportunity just to prove person identity. You know, like you have co-pilots and bots, and, you know, it'd be pretty cool to, like, unequivocally know when these...
So these chatbots on all these support sites are getting really good, and even our own support site. I was talking to the team and, I was saying, like, "you know, how are we doing to upgrade our chat experience?" It's like: Well, we have a bunch of projects, and we've kind of thought about chat experience, prioritizing it this way, or improvements to chat experience, prioritizing it this way. And I'm like: You don't understand. The world in a year is gonna be like, if your chat experience is not awesome, it's gonna stand out like a sore thumb. So I think the identity play, one of the identity plays here might be, there's gonna be a lot of value in actually when you're on a site and the chat experience is awesome.
You know, I talked about the Turing Test in my, in my, pitch today. Does anyone know what the Turing Test is? Okay. Turing Test is this guy, Alan Turing, who was amazing, talented British mathematician, did all this important stuff. One of the things he said is like: "We'll know we've solved general artificial intelligence when you can have a chatbot, and you can't tell if it's a person or a computer."... So we have that now. You can't really tell if it's a person or a computer. So when that happens, at some point, you're going to be like: Okay, am I talking to a person or a computer? Do I want to press the red button and say, like, "Give me a person?" And if you could identify that it was a person or a computer, I think that would be valuable.
It's kind of like identity verification for online personas that might seem like they're real people but aren't. It could be a valuable interest. That's not what you asked, but it's kind of an interesting area that I think is worth looking at.
And from a customer identity point, because that's the, you know, a person interacting with a bot and not software, you know, but there's the reverse as well. And maybe it's not happening as frequently now, but there is probably a future in which we will create agents for ourselves that will act on our behalf, doing things. You know, they might go pay our bills, they will schedule things like a super assistant, automated assistant, if you will. So from an identity point of view, it's important from the other side to know, is this the person, or is this an agent acting on behalf of the person? And today, there's no like, there's no protocols, there's nothing of that, because you cannot distinguish one element to the other.
But it could be, you know, we could bring to the digital world a notion like a power of attorney, you know, where you can say, "I am empowering this agent to act on my behalf to do these things," with some, maybe some guardrails. You're not going to pay, you know, outrageous amounts of money without checks and balances, without you being involved. Or maybe the application will react and say, "No, I can only deal with the actual principal, not with the power of attorney." That's an enormous opportunity.
I love that, yeah. In a few minutes here, do you want to talk a little bit, Eugenio, about your, the President of Business Operations and what you're doing and how it's going?
If there's interest. There is interest, apparently. Sure. So we, my new role in our company is to lead the operations team, and that includes a bunch of operations teams that were kind of, distributed across the organization, and now they all roll out into my team. And that includes, primarily go-to-market, operations, strategy and operations, that includes sales, marketing, et cetera. I'm also responsible for the technology group in our team, in our company, obviously connected with, with everything we do. I also am responsible for company operations, and that's the, our rhythm of the business, our annual planning, our company priorities, and, a bunch of other, miscellaneous that are all related to, to ops.
Chief Executive Officer.
Yes. Our goal is to bring, you know, operational excellence across the board, and what we provide is essentially technology, tools, and technology to all our teams. Every laptop, every Okta now uses. It's part an example of what we do. We provide insights and data into knowledge to make better decisions, and we provide and oversee all the core processes across our company.
Shiv Ramji, who worked for Eugenio and ran product engineering at Auth0 before the acquisition, now runs the Customer Identity Cloud, is the president of that. And you saw him today in the keynote. What do you, what do you think about operations and execution and-
We can always be better. Always be better. We can always drive out more margin, which is what I think everybody here wants to. So, no, obviously, I'm excited about Eugenio in his new role, and he's already making some great changes, and it's going to make a huge difference for us in the long run.
When in my conversations with all of you, I talk about, we talk about margins, and I say our margin improvement is there's a few things driving it. One is, has been over the past, you know, three or four quarters. One of it is just mapping the go-to-market spend to, you know, a different economic environment and favoring efficiency and go-to-market over growth. That's one thing that's improving margins. So investing less in growth, seeing less growth, but seeing better margins. Second piece is we're just, I think, having more budget discipline. We're just more scrutiny on spending, and I think like a lot of companies, we got a little... And zero, I think we got, could be more discipline there.
The third bucket is actually it's like, it's, it's like in the short term, it's actually hurting margins, and that is we're investing a ton in automation. For example, we, we're opening presence in India. We're automate the whole system that tracks what customers use and what products they bought, eventually leading to automatic billing of upsells and things like that. And all that automation investment is under Eugenio's watch, and so. And, and obviously, a big team doing that. So it's a really important, beyond just overall company executions and planning and process and strategy and the different ops functions, that automation investment is being driven by Eugenio's team.
It's said that, you know, culture eats strategy for lunch. Is that the saying? Well, a big part of culture is getting things done, you know, execution. And you can have a fantastic strategy, but if you don't turn it into action, then it doesn't matter. And we do have a fantastic strategy. We have fantastic products, and now we have to, you know, execute that.
Yeah.
That's great. Gentlemen, appreciate your time. We managed to get through that without a single cRPO question. I'm sorry.
Can I say one more thing?
So sad.
So can I say-
I was expecting one from you, DiFucci.
Just real quick. So first of all, thank you all for coming. It's great to see you, and I do, I really, really value your focus and your attention on Okta. You're really great at analyzing company, and sometimes when you write things, it doesn't always feel great, but I do appreciate the rigor and the intellectual honesty that you all bring to your jobs, and it's very helpful to us. So keep it up.
Lastly, I would highly encourage you to attend the Workforce Identity Cloud keynote at 1:00 P.M., and the Customer Identity Cloud keynote at 3:15 P.M. Lots more information, goes a little deeper in all the areas that Todd talked about in his opening keynote. So again, thank you for coming. Appreciate it.