This presentation contains forward-looking statements. We reserve the right to change the information in this presentation. More information can be found in our SEC filings. Please welcome Okta's Chief Executive Officer and Co-founder, Todd McKinnon.
It's great to see you all at Showcase. We're gonna talk about our industry, and we're gonna talk about our products. In November, we introduced Okta for AI Agents to the world, and it's our most important product ever. It's simple on the surface. It's, you know, it's in the name. Okta connects your people to your technology, your customers to the technology they need to interact with your organization, and so it's Okta for AI Agents. AI Agents are the future exciting foundational technology and Okta for AI Agents makes that connections for agents. The response from all of you and the industry at large has been unlike anything I've seen in my career. It's the interest and the relevance of this product, and it's.
We've had hundreds and hundreds of meetings to talk about this product. It's been purchased by dozens of companies, and it's in production by several companies at this early date, getting real value securing and managing their AI agents, which is incredible uptake. It's not surprising because if anyone that's paid attention to technology, we know that the future is agentic. The future is agentic. There's different takes on this, and I think it's important to understand how we view this to put the broader context of what we're doing and frame it up for everyone. People talk about agentic as a new thing. It's a new layer. It's a new set of capabilities. I see it differently. I think it's the future of all of technology. By the way, all of technology.
Not just enterprise technology, but all of technology. AI agents and autonomous behavior of technology is where the world's going. It's gonna change how we seek and find information. It's gonna change how products and services are delivered to customers. It's gonna change how companies are getting productivity out of their workforces, how they're automating things, how they're getting insights, how they're fundamentally rethinking the core of what they do. It's not like it's gonna be delivered by one company or a set of companies. Everything is gonna be agentic. Your existing vendors are gonna overhaul their software to have autonomous agentic capabilities, or they're gonna be disrupted. Startups are gonna have new agentic services and solutions. There's gonna be existing categories change. Categories are gonna merge. There's gonna be whole new categories of true digital workers that are gonna push existing vendors.
You're gonna build your own agentic systems. You're gonna have create much better customer experiences. It's a profound change. In fact, I think in five years or so, we're probably not gonna refer to agentic technology. It's just gonna be technology. We're talking about the greatest transformation of technology in my career. I've been working professionally for 30 years now, so I've seen internet, I've seen cloud, I've seen mobile, and this is by far the biggest change. It's changing at so many levels. It can be daunting and overwhelming, but it can also be very exciting. The people gathered here today are the people at the forefront that have to make this all work, and hopefully you share this excitement with us. With this new era of technology comes a lot of risk.
It's not a surprise to security professionals and cyber professionals that there's a lot of trade-offs. There's risk and there's opportunities, and this is no exception. This kind of autonomy, the kind of access these agents get, the connections they make, can lead to bad things. In fact, you're starting to see this pop up in the industry already. Anthropic released a very good report last fall talking about a massive cyberattack that was perpetrated using the Anthropic models and Claude Code. This is a massive scale agentic system automating work, automating software development, and it was used for a massive cyber campaign. This report details what they found and some lessons learned about how to prevent it.
I think the biggest takeaway here is that these systems, while they're powerful, can be used for bad things. We have to have a good concept of risk management and put the right controls and governance processes and controls in place to make sure it's secure. The threat actors in this case actually, as you would expect, Anthropic has a ton of controls in their models and frameworks to make sure that they can't be used for bad things. The attackers in this case actually socially engineered the model. They socially engineered the model to trick it and say they were a respected threat research firm using this for research capabilities while they were really using it to actually prosecute this massive campaign.
It was using the normal tools and techniques available to the industry hooked up to the model. They weren't using any novel types of zero days or types of tools to actually perpetrate the attacks. It was just the fact that it was all hooked up to this scalable agentic framework that was socially engineered that kinda made it all work. The other interesting thing about this is that throughout the process, Anthropic published this by the way, so we could all learn from it, and they could share with the industry some of these risks. They also noticed that during the execution of this attack, the model was actually overly confident about the targets it was finding to try to attack, if the attacks would work or not.
It was tricked, it was overconfident, all while under the guise of being massively scalable and massively controllable. It was quite interesting. I suggest you take a read. There was another interesting survey by a small company called Gravitee that did a great job surveying you all. Do you all participate in these surveys ever? Someone calls you up and get your professional opinion about IT. I see a lot of heads nodding. This was about 1,000 people, and it was VPs of IT, directors of technology, CPOs, and the survey asked them basically about how their agentic deployments were going. They noticed a couple interesting things. The first thing they noticed was that almost nine out of ten people said there was already a security issue in their agentic systems.
This could be something as simple as an agentic system was over-provisioned for access. It didn't have the right visibility and controls about what it could do. nine out of 10, which is quite high. Only 20%, roughly 20% treated these agents in their agentic system with complete identity control. Identity is a first-class thing for these agents. In the vast majority of cases, the agents were using reused API tokens, common access to systems that were shared across multiple agents. There's no tracking and control and accountability for these agents when they were actually doing their work. This is a problem for the industry.
I think what we need to do collectively, and what Okta is focused on, is making sure that as we all build this future that we all know is powerful and profound, this future of a agentic enterprise, we make sure that at the same time, we make it the secure agentic enterprise. It sounds simple, but we have to do both. We have to do both. This technology wave has a tremendous amount of potential. It's inspiring, it's exciting to all of us, but we have to make sure we put the right controls and foundational groundwork in place to make it secure as well. If you think about the arc of Okta is 17 years old.
I feel personally, and the company feels personally very blessed and very fortunate to be at the right place at the right time through multiple technology waves in those 17 years. Okta was born out of the cloud. The idea was cloud computing and the adoption of cloud for every layer in the IT stack would require a new kind of identity system. Everything was outside the firewall. You didn't control the servers and the resources. There were all these SaaS applications. You had to have the best identity ever created to secure and control that. Okta's early success was really born on the back of the cloud adoption. We helped the cloud be adopted, and we're also benefited from it being adopted at scale. Came the mobile revolution.
Again, more devices, identity gets more important. There was COVID and work from home, identity gets more important. Through the arc of our history, identity gets more and more important in every technology wave. This agentic enterprise, where every AI agent that is working with your employees and performing digital work, identity is more important than ever. We are perfectly positioned. I mean, who has spent 17 years connecting people to technology? Now, as we try to supplement those people with agents, who's perfectly positioned to do that? We couldn't be more fortunate, and we are not gonna waste this opportunity. We're pouring all of our energy and effort and resources into making this agentic enterprise a secure agentic enterprise.
One of our fundamental things we're doing is we're working closely with all of you, all of our customers that are on the leading edge of this and that have taken this product, Okta for AI Agents, and are working with us to build out the next set of capabilities and features in a way that will most benefit you. What's the right way to put this? There's a lot of hype in AI. There's a lot of hype. I think one of the key things we need to do is make sure that the product we build here is directly linked to the concrete value and the capabilities you need now. We don't spend four years building a science experiment. We build something that you can use now. We're very lucky here. We're very lucky.
We know what problems you have and what solutions that we need to build for you. They all kind of center around three really important questions. The first one sounds simple. What agents do I have? Every vendor I've ever talked to has agents. I wanna build my own agents. New vendors are saying they have agents, and my people around my organization are adopting them. Where are they? Where do they come from? The second question is, what can they connect to? 'Cause that's the keys to the kingdom. Just like people, what resources they can connect to, customers come into your mobile app or website, what can they connect to? What your agents can connect to is absolutely critical. The third thing is, what can they do? Once they use that access, what can they actually do with it?
Those are the key questions informed by our conversations with amazing customers around the world. It's very confusing, especially some vendors propose to answer some of these questions, some vendors say other questions are important, some vendors say they have everything covered, and it's quite daunting. I think it was summarized nicely by a great customer of ours, S&P Global. Seth Fox is the CTO there. I was sitting talking to Seth, and he said to me, "It's very, there's a lot coming at us, Todd, and it's very overwhelming. It's like, what you need to do is just write down a reference architecture. Like, just summarize the landscape for us and tell me where you fit in, where the next vendor I'm gonna see fits in.
Compare what you're doing, what we have to what my friend's company has. How does it all fit together?" That's what we've done. Informed by hundreds of conversations, along with work with our partners in the cyber ecosystem, partners in the application and technology ecosystem, and most importantly, conversations with customers like you. We're excited about this blueprint for the secure agentic enterprise. It is what it says. It's a blueprint. It's not a product. It's not a "This is an Okta thing," it's an industry thing we're putting forward and saying, "This is the reference architecture. This is how the ecosystem together could build not only the agentic enterprise, but the secure agentic enterprise." It answers these core three questions. Where are my agents? What can they connect to? And what can they do?
You can see in this blueprint the capabilities on how you detect agents are broken down in logical categories, everything from integrations with agentic systems to edge browser-based detections to endpoint network. We all have gateways and all the gateway vendors are helping out here. How do you assess risk of those agents? It's all the capabilities are outlined in this blueprint. One thing about, I talked about Okta being perfectly positioned to help be the backbone of the secure agentic enterprise because we've spent 17 years connecting people to technology, and we're very good at that. We also know that agents are different. The protocols are different. How you build them is different. How they connect to things and how the interaction works. That's all prescribed in the capabilities around what they can connect to.
There's different capability. No person has ever logged into an MCP server, at least not that I know of. Agents do, and agents also log into SaaS. How do you connect an agent to SaaS? Is it OAuth? Is it the API with a token? What is the catalog of things that are possible? What are the best practices, and how do you keep it secure? Then, of course, agents connect to agents, and that's a different set of protocols. Then you have legacy.
You need to get these agents data from legacy systems, and those legacy systems don't have OAuth, and they don't have these fancy REST APIs, so that, those are service accounts, and you have to vault credentials and just, it just orients the whole conversation in a way that makes sense of it all and lets us get to the business of making our, not only our agentic enterprises, but our secure, agentic enterprises. Finally, we talk about what can they do? This is about fine-grained permissions, and this is about do you do the enforcement at runtime, or is it agent setup? Then what's the lifecycle of an agent? When is an agent created, and how do you manage it?
You know, people simplistically say, "Oh, it's like a person," and other people say, "Oh, no, it's like just, you know, a privileged account and a service account." The answer is it's somewhere in the middle, and the blueprint tries to lay that out. When do you get a human involved, and how do you track and log things? These are the capabilities, and there's a ton of details behind this and the flows and how they work together. I don't mean to gloss over the complexity. If you've ever looked at a blueprint, you know that on the first couple pages it's very, like the site and, like, what materials are gonna be used and who the contractor is and how it's definitely gonna go over budget.
Not that I have any scaring about that. You flip through and it has other pages of all the details, the subsystems, the plumbing, the electrical, the foundation, the site, you know, details of the outside site plan. It's the same thing true here. It's how these things fit together is prescribed in the blueprint, 'cause there is a lot of important capabilities here under the covers. Now, this is a blueprint for the industry, and I don't purport to stand up here and say that Okta has a product that solves all of these things. It's definitely gonna take a village to make this all work together.
The reason I started my comments by saying I thought that Okta for AI Agents is our most important product ever, it's because the potential of the agentic enterprise is so profound, and this Okta for AI Agents has such a core place in this ecosystem, has such a core capability. It's connecting your agents to all of your technology and controlling how they connect and what they can do. It plays a very important role. Now to talk a little bit more about that in detail and the detailed capabilities here for Okta for AI Agents is my amazing colleague, Shannon Duffy. Please welcome Shannon.
Thank you so much. Thanks, Todd. Todd just showed our amazing blueprint for the secure agentic enterprise. I get to show you some product. I am so excited about Okta for AI Agents. This is the first and best implementation of the blueprint, and customers are already using it to see amazing success. We're gonna show you how that blueprint helps you answer those three questions. Where are my agents? What can they connect to? And what can they do? As we like to say in cybersecurity, you can't protect what you can't see, so let's jump into the demo and take a look and answer that first question. Where are my agents? Okay, so Okta helps you find agents in two ways, both the ones you know and the ones that you don't.
Let's talk about the ones you know. Here we are in the Universal Directory, and this is your central system. This is your single source of truth. It's your agent inventory. At Oktane, we showed you how you can register those AI agents. We're taking it one step further. We're taking everything you love about the Okta Integration Network, the standards, the breadth, the flexibility, and we're extending it. We're essentially making it your agent integration network. Now, the thing about these agents is they can't live in silos, right? They need to be connected to the tools you use every day. That's gonna make them more valuable and more powerful. Here you can browse the agent catalog, and you can see all of the tools that your company is using.
As your team starts working with new platforms, those are gonna be here as well. The point is, we are focusing on identity, so you can focus on innovating with technology, and you never have to worry about vendor lock-in. All right, what about the apps you've already configured for your human users? Well, you can go right from the app integration page, and you can see a new tab, AI agent import. With Okta for AI agents, you can import those agents and all the metadata with one click. You're gonna get the name, the title, the description. The important thing to remember here is identity is managed separately. If an app gets compromised, security is going to be centralized, right in Okta. Okay. What about question number two? What about the agents you don't know about?
Well, people in your company, I guarantee you right now, as we sit here, people are spinning up agents in your company, and you need to know about them. This is agent discovery, and agent discovery automatically flags OAuth grants, so when an agent is connected to an enterprise application, you are gonna get notified. You can see the scope, and you can see the blast radius, but most importantly, you're gonna get a remediation plan to take action. You can go ahead, you can register the agent, assign a human owner, and baseline security policies. Now, the important thing to remember, this is not a one-time process. Discovery is running continuously in the background, so you can find all your agents, both the ones you know and the ones you don't.
All right, now you know where your agents are. Let's answer that second question: What can they connect to? It starts with MCP servers. You can model agents, but you can also model MCP servers, and you can search a catalog of all the ones you might want to use. Connecting agents to MCP servers directly, that can be risky, which is why we're introducing Agent Gateway. The first use case is managing access to the virtual MCP servers, so that you can select exactly which tools and scopes can be accessed. With Okta for AI Agents, you can securely secure those third-party coding agents like Claude, Cursor, and Claude Code. What about everything else your agents need to integrate with? Today we have three ways to manage those connections. Okta authorization server, API keys, and service accounts.
Now we're adding three more ways to integrate agents securely: Okta virtual MCP servers, third-party MCP servers, and OIDC accounts, OIDC apps. No custom code and no direct path from agent to MCP servers, and security is centralized in Okta. Okay. Question number three: What can they do? Well, you need to establish exactly what agents are accountable for, and you have to cut off access if it goes wrong. Here's the governance dashboard, and you can see access on an ongoing basis to what these agents have access to, down to the scope and tool level. You can review their access to make sure they have access to everything they need, but nothing they don't. What if? What if an agent goes rogue? Well, you need a kill switch.
With Okta for AI Agents, you can trigger universal logout if an agent starts accessing things it shouldn't. It's automatically gonna revoke the tokens and deactivate that agent access. Now you know what agents can do, but you can cut things off if something goes wrong. As your agent footprint changes, you are always secure. We are evolving right there with you. Okay. You just saw Okta for AI Agents in action and how it helps you answer those three questions. Where are my agents? What can they connect to? And what can they do? These are just a few of the ways we are helping you become a secure agentic enterprise, and this is how Okta secures AI. Back to you, Todd.
Very cool. I love seeing that come together. Thank you all that have been involved in the early access of Okta for AI Agents. As I said, it's really valuable to inform the product direction and help shape our view of the future based on substantive leading-edge conversations with real powerful organizations that are trying to build these agentic enterprises. The team has made a ton of progress, and the most exciting thing out of everything I'll talk about today is the fact that this product is gonna be generally available to all of you on April thirtieth. That's amazing. You're all gonna be able to get your hands on this. The world is gonna be able to start going from agentic enterprises to secure agentic enterprises on April 30th.
Nice work, everyone that's worked with us on this, and the teams at Okta that are building this together. Good job on that. Okay, we've talked about the blueprint for the secure agentic enterprise. We've talked about Okta for AI Agents, and now we're gonna ground it in one of those real concrete conversations with an amazing company and amazing leader at an amazing Okta customer. This is a conversation with John Roese from Dell. John, come on up here.
Let's start. I want to put Dell in the AI context. How do you think about the industry, Dell's place in the industry, how the industry's changing? How do you how where does Dell fit into there?
Yeah, we're fairly central because you cannot do AI with the infrastructure of the past. Our business is building out the IT infrastructures of the world, compute, storage, networking, and all things associated with it. That's been good for business. We're doing very well. We're finding ourselves in an entirely new world. However, just building infrastructure for someone else would be difficult because you wouldn't know what to build. A couple of years ago, we made the decision to be customer zero, that we would be the early aggressive adopter of this technology. I took over. I've been the CTO for quite a long time, but I took over as the Chief AI Officer about two years ago. In that two-year period
Was there another person or was it a new position?
There was a person there for a very brief period of time.
Yeah.
We attempted to build consensus and didn't work, and then we decided to go top down. We tried bottom up, didn't work. We went top down when I took over, which fundamentally launched our journey, which was, if we're going to build for this new space, we sure as heck better understand what this space is as a first-hand participant in it. We could spend a long time talking about our journey, but the punchline is, after two years of a very disciplined, if you go look at my YouTube channel and listen to me talk, you'll understand we are somewhat militant, and we are very focused on doing this thing in a very structured way that actually gets to outcome, gets to ROI.
After two years of doing that, we just had our financial reports for the second year that we have done this, more aggressive adoption of technology, but also changing our people and process and redesigning our company for this era. Now we have two years in which something happened that hadn't happened in 41 years before that, and it was our revenue grew dramatically. First year about $10 billion, second year about $20 billion, and at the same time, our costs went down. We have never seen that happen. Every time revenue went up, costs went up with it. But when you redesign for the AI era, people, process, technology, funny enough, you decouple those two because the unit of work is no longer just a human being.
It's an augmented human being or an agent, and that gives you tremendous leverage to grow your business and actually improve your cost structure at the same time. Doing that is nontrivial. It required us to lean in, to be as bleeding edge in terms of thinking as possible, but also very pragmatic about making sure that we didn't break the business, that we did things that matter. One interesting statistic is for all that progress, we never used a single agent yet. We built our first autonomous agents almost two years ago, but the ones in production are pretty minimal right now. However, given the fact that we've had that kind of impact without agents, we are extremely excited about this greater shift to autonomy, the kind of projects we can go after.
In fact, we believe that AI can only be applied to a process, and the only processes we could go after with first generation tools are very simple processes that are very much tied to human work behavior. When you move into the agentic world, you can go after the complex processes, you can go after composite processes, you can go after autonomous processes, and that opens up just a gigantic surface area that we're fairly comfortable is gonna define productivity for the next, probably the next decade at least.
When you think about the agentic technology stack, what are the key technologies? There's process, there's change management, there's strategic direction that has to be in line, and then there's the technology enablement.
Yeah.
You mentioned a bunch of this stuff was done without even agentic. What are the key parts of the agentic stack?
Yeah, you know, you and I talked a while back when we, I don't think we had published it yet, but at the end of last year in October, we wrote it down, interesting enough. We have an internal set of agentic standards, and they're not high-level, hand-wavey stuff. They're very specific. In fact, they included things like we decided all MCP servers would be centralized because at the time, MCP is just too risky to use without putting it in a safe space. That's a fairly straightforward decision. We now make that part of our architecture.
We made decisions about having two kinds of agentic platforms, ones that we wholly own and operate, which we call inner ring, which are our control points and our ability to do things very specialized for Dell, but then it would be surrounded by outer ring agentic platforms that existed within our partners and SaaS services. We decided these would not be separate ships in the night. They would be part of one topology under one architecture. Probably the single biggest decision we made, which is what we were talking about, and which I kind of shared with you guys, and maybe give you some encouragement to go on the journey you're on, is that we decided that every agent in the world that does work on behalf of Dell would carry a digital identity issued and operated by us.
I don't care if the agent's in a third party, I don't care if it's in a SaaS provider, I want control. I authorize it to exist. The reason I wanted to do that is because I know agents will track where work goes on, and work goes on in more than just my data centers and my core businesses, but yet I want to be able to have control over how that work is happening. What we realized is I can't control the underlying infrastructure decisions because those are third parties in many cases. I can't maybe even control the data APIs as well as I could. If I control identity, I can do things like a kill switch. I can make an agent go away if it behaves badly, even if it isn't running on my infrastructure and fully under my control.
That stack that has now formed, which is very much a modern AI factory underneath it to provide the engine to basically run it efficiently and scale it, what we call a knowledge layer, which are the knowledge graphs and the graph databases and the RAG systems that basically enumerate data that agents can use, and then on top of it, a control plane. That control plane includes registries, but it fundamentally includes identity and access management and authorization. That stack now is real, it is published. In fact, just recently, we started to provide it as a pseudo RFI to all of our partners to say, "Okay, you wanna do business with us? This is our set of rules." To my knowledge, we're the first ones to do that.
We think the industry ought to take blueprints and use blueprints, because if everybody agrees on kind of the meta architecture, we can actually all align on getting it built because it doesn't fully exist yet.
Yeah, it sounds simple. I'm an identity guy. You guys early on made the decision that agents have to have first-class identities. We saw the survey I mentioned earlier, that only 22% of companies are managing agents as real identity things. It's good to hear that you're seeing success there, but it's a subtle thing that a lot of people don't get to. They try to treat them as more like software and they their scripts and their service accounts, and it's a very profound thing.
Yeah.
That we can make it happen together. When you talk about agents, you guys decided to the platform and the use cases, a lot of them are internal.
Yep.
How do you think about agents operating internally for your enterprise versus agents outside your enterprise accessing your systems and the internal, external, trade-off there?
Yeah. I would say our first thoughts about agents, so over a year ago, we had this belief that we could build one platform and kind of run all the agents on it. By the way, we have a bias. We really protect our intellectual property and our data. I am very hesitant to let black boxes of magic touch my data, so I like doing things that I can control, whether they're in my data centers or in systems that I helped design the architecture for a provider. The bottom line is we very quickly realized, as I said. They are an entity that does work, and that work can exist in many places. Some of that exists in things I fully control, and some I don't.
Early on, we did pivot to have this two concentric ring model where there would be platforms that we fully controlled, and there would be platforms that we didn't control the platform, but we could control the agents on the platform, and that's where identity and access management became kind of this universal substrate. I think interestingly enough, I will tell you just to, you know, give you some industry dirty laundry, we don't have full consensus in the industry about what even an agent is. Some people.
Wait, no way. Stop, John. Stop.
Well, yeah, I mean.
Breaking news.
Breaking news, agent washing, but it's even worse because some people believe agents are a feature of a model that's behind the black box of magic of the API, and you don't need to understand it. I completely disagree with that. We believe agents are software systems that can do autonomous work, and they do use large language models, but they also use knowledge graphs and other types of data expressions. They have a tool use interface today, primarily MCP. They have inter-agent communication with protocols like A2A. That is a system, and, you know, we're kind of. The one thing we're struggling is we haven't quite got to consensus about which of those is the right answer. Is it a feature of a model, or is it a software system that does work? I know where it's gonna end up.
I'm 100% confident the second is the right answer, but that creates tremendous confusion for people. It also makes it very difficult for me, interestingly enough, as I want to have ubiquitous identity and ubiquitous control, that if you believe an agent is a black box of magic hidden behind a master account that is owned by a provider, it's very hard to reach into there and do authorization for what appears to be a knowledge graph that I can't control.
You gotta pull it out. Yeah, you just pull it out.
I gotta pull it out. We are generally treating most of those companies, and they are our partners in this extended ecosystem, and we're deprecating them. They are not agents to us. They are just tools, and the intelligence and the reasoning will happen on our side until they expose that underlying capability. It's, I would say, most of the enterprise ecosystem, we have 650 startups we're working with building enterprise AI stuff, they have all largely gravitated towards these have to be composable systems. They're software entities. They work together. They have this kind of composable architecture. That's good. Some of the bigger providers haven't quite got there yet, and so we have to figure out how to work with it, which is why it's so important in your framework that you don't just assume everything is a first-class agent.
Some agents might not actually be expressible as agents because they're behind a firewall or unexposed to you, so treat them like a tool and then control the tool use access.
Yeah.
Which is another authorization technique.
It all blends together.
Exactly.
Yeah. You're the CTO, so your job is to predict the future. Tell us what's gonna happen?
Well, well, here's the first thing. I, we have something in Dell called the two-year rule, which, sorry, Todd, we treat all AI decisions of having no more than a two-year lifespan, and the reason for that is.
It's good for us. We have to work our ass off to keep.
You have to work, honestly.
Maintaining your business.
You win, you get us for two years and then we reevaluate because honestly, we can't predict that future. What I will tell you is the one thing that is absolutely certain, and you kind of mentioned it in your keynote. We are in a period where autonomy is becoming the actual characteristic of these systems. It's not the technology by itself. It's the technology can operate autonomously. It will operate in low-grade autonomy like a better tool, or it can operate in high-grade autonomy like a full-on digital expert worker. It is inevitable that that is coming and is happening, and so the biggest shift that we can see is we have to prepare for that. We have to rethink work. We have to rethink our infrastructure.
The other thing that's interesting, you know, and I'm an infrastructure guy, is years and years ago, it was like six years ago, I'm on the record of saying something along the lines of, "There will come a time where the majority of your IT infrastructure is actually in service of AI outcomes. And more importantly, when that happens, you will have to redesign your IT architecture to treat AI as the primary workload, not the secondary." We are actually at that time right now, but I will tell you, the majority of the world's infrastructure was built before generative AI even existed. It was architected. We continue to apply architectural principles to it.
One of the biggest predictions is not only is this coming, but it is gonna force a complete rethink of all the dimensionality of our IT environments, not just so that we can add a new capability, but so we can actually optimize the primary purpose of our infrastructures and IT systems to actually enable this autonomy. That is a big deal. You know, if you read what I just said, clearly you're gonna have to rethink everything. In fact, we encourage customers today that if you have an existing infrastructure and IT strategy, this is a very good time to pause because you probably made every decision in that list before generative AI ever happened.
It's a great time to stop, to get educated, to rethink everything from identity to access control to telemetry to infrastructure choices to where the AIs run and where the data lives and what those data layers look like. That is probably a terrifying prediction because it means we have a lot of work to do, but it's also incredibly exciting because if we optimize for autonomy, this thing accelerates, and when it accelerates, I will guarantee you the result is dramatic impact on GDP, on lifespan, on healthcare. The amazing things that can happen if we get this right by doing it securely will happen quicker, and that's a very good thing for all of us.
Yeah, very well said. I'm very excited. The way I think about it is there are 1.1 billion knowledge workers in the world. We spend about $30 trillion.
Yep.
They produce about $65 trillion -$70 trillion of wealth.
Yep.
How about we cut the cost by 10% and produce twice the wealth?
Exactly.
That would be a pretty amazing future for everyone. Thank you so much, John, for being a customer and trusting us with helping you build this, using Okta for AI Agents to build this identity layer in your platform and be the foundation for the Dell Secure Agentic Enterprise.
Yeah, no, thanks for having us, and you know, we're super excited to see this go GA. We've been on the journey with you to build it.
Yeah.
You know, I think if you haven't looked at it and seen what's going on here, this is a pretty important, kind of very early real example of how to do this stuff. Congratulations.
All right.
On GA.
John, thanks.
Thanks.
Appreciate it.
Yeah.
All right. I think this blueprint is really gonna clarify a lot of things and make it easier for all of us, whether you're building technology as a vendor, whether you're implementing technology as a company, whether you're a member of the cyber ecosystem, to rationalize how it all fits together and more importantly, help us all move forward more safely and more quickly. I'll show you a QR code in a minute, you can get a link to all the details behind this. We're really excited to work with the whole ecosystem and community to build this and keep working on it going forward. I think the big headline here is that Okta for AI Agents is generally available on April 30th .
If you're not using it already, make sure you reach out and learn about it and learn how it can help you build your secure agentic enterprise. You can get all the information here. We're very excited to help you secure AI. Again, thank you for being a customer. If you're not a customer yet, I don't know what you're waiting for. We can take care of that. Thanks again to John for helping us out, and thanks again to for Shannon and the whole product team and the marketing team for putting this on. Thank you very much and enjoy the rest of Showcase.
Thank you for joining us today.