AI Agents: Hype or Hope

Channel: Alex Kantrowitz

Published at: 2025-10-29

YouTube video id: ZMihv78C_OE

Source: https://www.youtube.com/watch?v=ZMihv78C_OE

What next steps do AI agents need to
take to have a chance at widespread
adoption? Let's talk about it with Octa
President and Chief Operating Officer
Eric Keller, who joins us to talk about
it today in a conversation brought to
you by Octa. Eric, great to see you.
Welcome to the show,
>> Alex. Thanks. Thanks for having me on.
>> Great to have you here. you know a lot
about where AI agents are today, how far
they have to go um and what the
necessary ingredients are to get them to
the state that I think the entire tech
industry is trying to get them to. So
can you give us your perspective before
at the very beginning here about where
the state of the AI agent rollout is
today? Um what are we seeing on the
ground?
>> Yeah, this is something everyone's been
looking at. I think there's there's so
much awareness and hype over what's real
and what's not real and how do we get
into production and and we spend at octa
our our objective and our vision is to
help companies safely use any technology
and ensure that we protect the identity
of people that are taking action with
software and one of the challenges with
agents is they're right now in the
innovation phase where companies are
looking to see what's possible and look
to see how much work they can offload to
agents working on their behalf to
complete tasks and they're finding out
late in the process that there's a lot
of work that's involved in making sure
those agents are secure. So, one of the
things that's that's important for
companies to get right when we as we
enter this world where agents are come
online into production is users need to
have confidence that the agents are
securely managed and companies need to
have confidence that agents that are
deployed have secure access to the
systems that are being used at their
companies.
>> So, do you think it's there yet?
I don't think it's there. In fact, we
just ran a survey two weeks ago. Um we
we shared the results at our user
conference at Octane in Las Vegas a
couple weeks back. We talked to hundreds
of enterprises and ask them their state
of AI readiness. And there's really two
fundamental questions that we included
in that. One of one of them was asking
how many of those companies had agents
deployed in production today. And the
second question was how many of those
agents felt how many of those companies
felt that the agents were appropriately
managed and governed and secured. And
the results were pretty stark. So our
customers that we spoke with told us
over 90% of them today have agents that
are deployed in production. Yet only 10%
of them believe that the agents in
production are currently being
appropriately managed and secured. And
so right there, that stark contrast
really illustrates the state of the
industry right now. We're all racing to
innovate because we see the potential
for this technology and we have work to
do to make sure that we're deploying
this in a way that's responsible and can
be appropriately governed. Okay, I
definitely want to get into those
numbers in a bit, but first let me just
ask you, what is your definition of AI
agent? You know, we had somebody that
came in recently in our comment section
and basically said that what tech
companies are promising with AI agents
is a version of what they've uh been
promising for years, trying to mend
systems together that don't want to work
together and automate uh you know by
basically going you know as a back-end
way of trying to get them to communicate
and promising information uh to
seamlessly appear uh in this magical
promise. I mean, so I think that I'm
curious to hear what your what what what
what your definition of AI agents are
and why you think this is different than
previous iterations.
>> Yeah, it's a very fair question. I think
the way that we think about agents that
I think about agents is autonomous
software that's capable of taking
actions on a user's behalf, not
synchronously, but asynchronously, and
that's capable of of applying its own
judgment on which actions to execute and
how to execute them. That autonomy is
one of the key differences for this
conversation relative to conversations
we've had about technical technical
solutions and software and API to API
communications. The autonomous
decision-m capabilities of of artificial
intelligence are really what sets this
particular uh wave apart from the prior
technology shifts we've seen. So your
definition would be basically
if you trust AI to do something on your
behalf when you're not around.
>> That would be a good way of saying it.
Yep.
>> Now a lot of people have talked about
well we have agents but we need a human
in the loop. So uh that sort of
contradicts like the definition that
you're giving. So where's the human's
place in this equation then?
>> Yeah. I I think agents can take action
autonomously. Often we think about
agents as taking action on behalf of a
specific human, but they don't
necessarily have to be bound to a
specific human. So as a consumer, I
might have an agent that's my travel
concierge that I tell it I want to take
a family trip to for a safari in Africa
and I can ask it to go off and do work
and it can scan tour companies and it
can look at airfares and airlines and it
can look at what what are the best
seasonal dates to travel. It can look at
lodging. It can look at guides. it can
go off and actually reserve all of those
things for me and it can come back with
a printed itinerary and charge charge my
credit cards for all that work. That
agent in that example can act on my
behalf. But we can also have agents
within our corporations that act on
behalf of a process or act on behalf of
a server. Um that the key for us is that
they're doing autonomous work. They're
doing work that is not specifically
supervised and managed and maintained
with a human being taking action. And so
then how when does act taking action
come into play? Like for instance, I
could have something go and research on
my behalf.
>> Uh but then when you talked about for
instance the consumer example, uh they
go and they book something for you.
>> So how important is the ability to take
action in this picture as well? I think
I think when we talk about the
distinction between an artificial
intelligence, the distinction between a
large language model and an agent, I
think the ability to take action is a
very specific capability of an agent and
it's really the the ability to take
autonomous action which people are
concerned about and it's it's something
that is very very powerful and the
capabilities that this technology brings
to individuals and corporations is
fantastically interesting And it comes
it comes fraught with risk that needs to
be appropriately managed to ensure that
when agents are given access to
production systems and production data
that they can be managed securely.
>> Can you talk about that risk like where
is the risk in the process?
>> Well, one of the I'll give a couple
examples of that. So um so let me give a
little bit about Octa and our
perspective on this. It might help for
some of these conversations. So Octa is
16 years old and we were born in a prior
wave of of technology modernization and
that was the shift um back in in 2009
2010 from on premise computing into
cloud-based computing. So from on-prem
software into software as a service and
our company was founded as Salesforce C
had taken the CRM market from an on-prem
market into into SAS. Um, workday had
taken the HRMS market from on-prem into
SAS and Octa was founded out of that
wave as as our founders recognized and
Todd McKinnon and Freddy Carest had had
spent time in Salesforce and had
witnessed that transformation and saw
what SAS was going to do to the tech
industry and they created octa as a
platform to enable companies to make the
leap into the cloud. So our first use
case was managing human identity and it
was helping companies that were moving
from on-prem and starting to add
cloud-based applications, helping um
companies have employee identities that
could access both on-prem and cloud
applications. And that evolved into
managing that human identity. What does
that human identity have access to? How
is it authenticated into all these
technologies? And over time, how is it
appropriately authorized so that when we
once we know a human is who they say
they are, that they can only do the
things that they're given permission to
do? You can think about that if you're
in Office 365 or Google Workplace, when
you log in, you're you're authenticating
that you are who you say you are, but
then when you click on a document, that
platform is going to verify that you're
authorized to use that particular
document. And so Octar grew up in the
space of managing identities and
authenticating and authorizing
identities for human identities to
start. Our customers over time pulled us
into um what's described as non-human
identities. And these are typically
service accounts, machineto-achine
accounts where APIs are logging into
APIs. So your forecasting system is
logging into your Salesforce automation
system or your payroll system is logging
into your employee benefit system. Those
service accounts also need to be
authenticated and authorized. And now
we're entering this third wave of agent
agentic identity. And agents have some
of the characteristics of human
identities in that they show up and they
take actions and they have some of the
characteristics of non-human identities,
but they need to be secured and managed
and governed just like the human
identities and the non-human identities.
And so at Octa, we're bringing platforms
to market that allow companies to manage
all of those identities across human,
non-human, and agentic for all of their
identity use cases.
>> Okay. And so then the risk of uh you
said there are risks with AI. So what
are the risks
>> associated with it is as an industry
we're we're at this period where where
technologists see the potential of what
this technology can possibly do. And
over the past year, you've seen
companies work on the uh work on
prototyping agents and understanding the
capabilities, the technical capabilities
of how they can make firms more
productive, how they can help them lower
costs, how they can help them be less
dependent on headcount and have more
scale and and more productivity out of
their organizations, how they can be
more competitive. Every company is under
pressure to explore that technology. I
know at octa our board of directors
every board meeting I sit in our
directors want to know how we are doing
keeping up with the capabilities of this
technology are we experimenting fast
enough are we learning fast enough are
we benchmarking against our compare
companies and our our peer companies are
we looking at examples where they're
being more competitive and moving faster
with AI and are we ensuring that we're
keeping up and setting the pace with AI
we're under that pressure and every
company I talk to is under the same
pressure from their board of directors
and from their executives And that
pressure is what's what's helping drive
innovation and it's driving focus and
it's driving investment in exploring the
technical capabilities. But as we
explore the technical capabilities when
we see what's possible, it also that
that intensity also brings pressure to
just push things into production. So
you've got it working. It's technically
interesting. We never seen technology
that could solve that problem before.
Get it into production. Let's go. You
can look at examples of where that
becomes a problem. So for example um
several weeks back there was a very well
publicized incident where one of the
world's largest restaurant chains um had
deployed an agent to help job applicants
on its its recruiting website. And this
is this is a restaurant that interviews
millions of peoples per year. Um it had
a very large applicant database with
people that were coming through. and
they deployed an agent um with the
intent of providing a great guided
concierge to job applicants to walk them
through what the process of applying for
and what it means to onboard as an
employee for this particular restaurant
chain. That prototype was so compelling
when they when they um when they demoed
it that they pushed it into production.
Um, and uh, it was it was very quickly
targeted by threat actors who were able
to compromise the agent and get access
to a bunch of data that they should not
have access to, including the personal
information for job applicants for over
60 million job applicants.
>> My goodness.
>> And when you look at how that happened,
the agent had been built by developers
under pressure. I'm sure under I don't
have inside knowledge to this, but I'm
sure it was under pressure from their
board and their executives to to build
and show that this was possible. And
when they were doing that, they built it
and they did not build it with the idea
of securing it. In fact, they built that
agent with a default password of 1 2 3 4
5 6
>> and the threat
>> strong password
>> the threat actor and because it was
pushed and raced into production that
they they did not give enough um enough
consideration to how to properly protect
the agent when it was in the wild. And
so once it got to production, it was
very very quickly exploited by threat
actors. And so that race to innovate and
the the intense pressure companies are
under to not lose the competitive edge
in this space is causing us to get these
things out. I I mentioned at the opening
we have 91% of the companies we survey
tell us they have agents in production,
but only 10% tell us that they're
confident they have them secured. This
is the risk. It's this balance between
innovating and securing that companies
really need to get right.
>> I'm astonished that people still use the
password 1 2 3 4 5 6. You would think at
this point in technologies evolution
that doesn't happen anymore, but clearly
it's still going on.
>> Yeah, it uh it's not not a great not a
great use case, but it is important as
an illustration of just how risky this
pace between innovating and production
really is. The shift from prototyping to
production is really important and and
and we're trying we believe we have an
obligation as a thought leader in
securing identity to help companies
understand how to secure a gentic
identity because it's it's fundamentally
important that they get it right right
from the start.
>> So 91% of companies are have agents uh
that they already are they're in
production at this point. Um that's a
that's a large number. I mean, what does
that tell you about the enthusiasm
around around this technology that you
have such a large percentage of
companies that have actually gone out
and deployed something?
>> Well, I I think it's what I described
earlier. I think there is genuine
enthusiasm. I think if you
>> So, it's not just it's not just pressure
like it's it could be pressure from the
board, but also bottomup enthusiasm.
Maybe it's a combination of both.
>> I would say it's a combination of both.
I think if you look at, you know, my
generation right now in the workforce.
So I I entered the workforce in the
early 90s and I I was blessed in my
career. I have been blessed in my career
to navigate through some pretty
significant uh changes in the tech
landscape and in during my career the
shift from mainframe to client server
computing happened and the shift from on
premise to cloud happened and the shift
from desktop to mobile happened and the
um and the shift now is going to be on
what we do with artificial intelligence.
And so people that have been through
those those transformations understand
this is big and I understand and and
many of my peers and colleagues in
industry understand this feels even
bigger. It feels bigger than the
introduction of the internet. It feels
bigger than the shift to cloud. It is we
expect it to fundamentally transform how
businesses operate and how humans
operate. And because of that we all are
yes excited. We also feel pressure to
make sure that we don't concede a
competitive edge to companies that are
more progressive than we are. And so all
the all the customers I talk to and I
spend a lot of time with chief
information officers and chief
information security officers. They're
all grappling with a version of this
which is they need their company to be
as competitive as possible. And so
they're excited by the possibility of
what they can do by developing in this
space. And they're also under pressure
from their board and their executives
and themselves to make sure that they
remain as competitive as they can be.
And so that's creating enthusiasm to get
90% of companies putting agents out into
production. And it creates a need for
those companies to also be thinking
through their security architecture for
how they secure those agents.
>> Yeah. And speaking of that, let's just
go back to another one of the stats that
you brought up that 10% of the companies
that have agents out there feel good
about the security uh of their agents.
How is that possible? I I just don't
understand how you could have such a
large number of companies deploying this
technology knowing going back to your
definition that it takes action and then
also like raising their hands and being
like, well, it's probably not secured
well.
>> Yeah. It's it's the reality of the race
to innovate. It's now and that has been
fine while these agents were in
prototype, but it is now the case that
they're now shifting into production and
they're doing it faster than customers
had anticipated. And so it creates added
urgency to make sure that we we are um
we are considering how those agents can
be managed. One of the challenges is
historically and then history here is
not going back that long, there hasn't
been a standard for how agentic identity
can be managed. Um, so one of the ways
that octa is helping the industry
address that problem is we've advocated
for a new open standard um called cross
app access. I think Alex you might be be
familiar with that. What the standard
does is it defines a standard protocol
for how an agent's identity can be
registered and managed with any identity
provider um including octas but with any
identity provider. And the goal is to
allow developers who are building agents
to build them from the start in a way
that the credentials for those agents
can be appropriately vaulted and
secured. They can be managed by policy
and rotated um and that they can be
governed um so that they're provisioned
and deprovisioned as they're needed as
opposed to being static credentials that
are just always available. Um these
basic capabilities need to need to have
a standard in order to allow companies
to manage them. Otherwise, you know, if
if I activate Google Gemini on my
personal Gmail, my company wouldn't know
about that. If you were to activate a
tra a travel agent doing work on your
behalf, your company by default wouldn't
know about that. But having an identity
security fabric in place such as the one
that octa provides that supports
crossapp access allows you to take all
of those agents that are developed with
support for crossapp access and manage
them, which means you know that they
exist. You can discover them, you
register them, you can manage their
credentials and rotate them, and you can
just in time provision and deprovision
them. So now you have the ability to
control these agents when they have
access and what they have access to. And
that really is the fundamental problem
we're helping our customers solve.
>> So concretely, um, with and without uh
cross app access, uh, what does the
state of the buildout look like without
it versus with it? Like what can you do
with this cross app access that you
couldn't do otherwise?
>> Yeah. So uh without it it's it's
pointtooint and everything is different.
If you're building an agent on
Salesforce agent force or Google agent
space, if you're building an agent on
writer, any any platform where you're
developing your agents, you're you will
develop them with point-to-point
permissions. So if I as a user deploy an
agent that was built on one platform, it
will ask me if it needs access. So let's
say it's a Google agent space agent and
it wants access to my Gmail. It'll it
will prompt me, can I have access to
your Gmail? and I'll say yes because I
want you to do work for me with my
email. It'll ask me if it can have
access to my calendar and I will say
yes. And in that world, my company won't
know that I've given it that permission
because it's it's a permission that I as
a user have granted to the agent I I
deployed as a user, but I have now given
it access to my production corporate
data. And so that is an exposure where
companies have agents that they don't
control. It's software written by a
third party that's now accessing
corporate data assets. And that is
fundamentally a problem. What cross app
access will do is it will allow agents
to um to be registered into into your
IDP to as I mentioned to have their
credentials managed to have them
appropriately rotated to have governance
deployed where they can be just in time
provision and deprovisioned as they're
needed and it and it can allow the
company to deactivate it permanently if
it detects there's there's a threat or
some anomalous activity if it suspects
the agent is being impersonated by a
threat actor which is increasingly a
common a common concern for people as
these get deployed.
So cross app access allows companies to
only activate agents. If a company only
allows only allows agents to be
activated that implement cross app
access, then it can manage those agents.
And so at Octa, for example, um one of
the teams I manage is our internal IT
organization. We have a policy that we
will only support we will only allow
agents um for our employee use if the
vendors of those agents have committed
to implementing cross app access support
because that will allow us to then
manage those agent identities
appropriately and make sure that they're
secured.
>> Okay, that's smart. Um we should talk
about AI governance by the way. Yeah. So
um it when people are building in AI a
lot of people have this fear that they
don't really know what these agents are
going to do like uh you spoke about that
fast food chain um that you know this
again idea of going to take action um is
I guess it's both thrilling but also
somewhat scary um especially if you
don't have the right governance in
place. So can you just talk about like
the state of governance around these
around these agents and why that's
important?
>> Well, I I think all of us are working to
catch up with the capabilities of the
technology and we believe that we have a
responsibility to help elevate the
industry's readiness to deploy agents in
a way that they can be safe, secure and
productive and and the industry's race
to innovate has focused more on
production than safe and secure. And so
we we believe we have a very important
role at helping companies get the
balance right. So I spend many of my
days every week talking to customers and
I mentioned CISOs, chief information
security officers and CIOS um about
these challenges and what they see in
their businesses. And one of the most
common
questions that I hear them addressing
within their companies is the issue of
data governance. And specifically, what
data is an agent able to get access to?
And this this is similar to the problem
of um authorization I mentioned
previously. When you authorize an agent,
what is it going to have access to read?
But here the concern is really twofold.
One is what data should it be able to
see? The second is what data should it
be able to use? And one of the latent
concerns people have as they're
deploying deploying thirdparty agents is
they want to know if that data is going
to be used anywhere else. So is it going
to be used just for my query to help me
do my work which is usually fine or is
that data potentially going to be pulled
and aggregated and exported somewhere
else in another user's query because now
the the LLM is is learning and is
benefiting from the data that it's
ingested on my behalf. That problem of
governance is a real problem for
companies and you can imagine as an
executive I have access to a lot of
sensitive data within the company for
octa. I can't allow an agent to farm
that data and use it for answering other
users queries. It's got to be we have to
make sure that we're authorizing the
data the flow of data to only people who
are authorized to see it even if it's
aggregated and surfaced through through
different queries. So that's a problem
that that Octa is managing through its
own governance policies, but every
company needs to find out its policies
for how it's going to govern the
authorization for these tools and how
it's they're allowed to use the data
that they have access to. Eric, you
mentioned that it's really moving fast.
Um I I'm just curious to hear your
perspective on I mean how fast is it
moving compared to other you've talked
about other technological shifts. How
fast is this AI uh moment moving and how
does that impact any company's like
ability to plan or to sort of say okay
we'll work with today's models versus
tomorrow's
>> you know I I mentioned I I lived through
the introduction of the internet and
that moved really fast and I moved
through the transition from on-rem to
cloud computing and that was a little
bit slower and I lived through the shift
to mobile which was pretty quick this
feels like the fastest wave for me
personally that I've experienced and it
and I say that based upon not only the
the the coverage that we see in the
trades and the press and and shows like
yours covering these topics and as they
evolve, not only not only the headlines,
not only the the cyber the cyber related
activity that we're seeing in this
space, but also just the real customer
conversations I have every day. This
feels to me like there's more urgency,
there's more excitement, there's more
drive for people to move fast. And I
think over the past 18 months as I look
back at at at what we've seen develop in
the industry, I think mo and many of my
colleagues are very surprised to see
just how far things have been able to
come in such a short amount of time. So
I wouldn't describe this as hype. I
think there's there is a lot of genuine
excitement and capability that really
bright people are innovating to show us
what's possible and I don't think I
don't think we've hit the ceiling for
what's possible with this. I think it's
really exciting to watch. At the same
time, companies are struggling with how
to get real value out of this
technology. And what I hear frequently
is companies have a good mix of tops
down urgency. As I described, our our
board and our executives are driving us
to learn how to deploy these these
technologies as fast as we can. Our comp
customers are telling us the same. And
then on the from a bottoms up
standpoint, companies are working to
encourage their employees to experiment
and to learn from their peers and to try
the different capabilities. With Octa
internally right now, we have over 60 AI
tools that we have we have secured and
provisioned within our enterprise. And
we're encouraging our employees to see
what's possible with them and how they
can help us be a more competitive
company and a more agile company. So, we
have this tops down uh this tops down
drive and we have this bottoms up and uh
effort and really where we're starting
to get to as an industry is is the
middle. And the middle to me is largely
about how do we measure the actual
impact and return of these investments.
Where are we actually driving real
business value? And I think the jury is
still out on that. We have there was a
very famous um study came out of MIT a
couple months ago that said 95% of AI
initiatives have yet to demonstrate a
tangible ROI. That that's very real. And
so all businesses are struggling to find
those very specific use cases where they
can they can demonstrate for themselves
that a deployment of AI is making them
more productive. It's it's helping them
innovate in ways they hadn't been able
to. It's helping them grow faster. It's
helping them be more secure. So all
these areas are still areas for
opportunity for the industry, I think.
>> But Eric, do you think there's a risk of
an overbuild here? because I'm like
thinking about the conversation about
the pressure coming from the top down
and of course you have people bottom up
pushing this stuff uh to make folks um
you know aware of the capabilities u but
at its current stage we're seeing so
like really trillions of dollars or
trillion plus uh committed to the
buildout of AI infrastructure and
something that we worry all the time on
this show or wonder about really is is
that being overdone so where do you
stand on that question
>> I I can't really speak to the
macroeconomic investment of what's going
into AI. What I can tell you is from
from Octa's perspective, we really worry
about the security exposure with this
race. Um, so you can look at the energy
investments that are required for this
technology. You can look at the amount
of VC funding that's going into uh
companies in this space. You can you can
assess different opinions on on where
the ROI is going to be and which
investments are overdone versus
underdone. But regardless of how you
feel about all of those trade-offs, the
the challenge of having an industry
where people are racing so fast to
innovate that they're deploying
technologies before they've secured
them, that's a real exposure that
companies are faced with today. And so
from Octa's perspective, our whole goal
is to bring an identity security fabric
that allows companies to control for
that risk and to secure themselves and
their users and their customers so that
they won't be exploited by having threat
actors exploit AI in their environments.
that that's really what we're all about.
>> Yeah, you would imagine that just as if
if the buildout gets to the point that
it's going to get to uh there's just
going to be increasing uh security
concerns. We had, you know, Costa from
Whiz here a couple weeks ago talking
about how this is going to be a big
cyber security challenge. I think it's
probably the reason why Whiz was
acquired by Google for like $32 billion,
uh which is Google's biggest acquisition
ever. Um, that's a company that tends to
make smart acquisitions uh when the time
is right. And it just seems to me that
if we end up seeing the buildout
continue at the pace that it's going,
these issues, the ones we're talking
about on the show today, are just going
to be uh increasingly more important.
>> Yeah, we would agree.
>> Okay, let me let me end uh with this um
fun one for you before we go. Uh I I'm
hearing a lot of uh research labs having
folks talk about whether they would
upload their brains uh to AI. So uh
final question to you. Would you upload
>> my brain to AI?
>> That's a great question. Uh I I think
well from from my perspective which is
related to Octa's perspective, the
security of that AI would be very
important. I'd be very curious to have
an augmented brain, an AI augmented
brain and the ability to have a co-pilot
that can help me navigate my life. Um,
so the idea of that's very intriguing,
but for me for that to be uh something I
would actually do, I would need to have
confidence in exactly how that data was
going to be used and how private was it.
Was this a a local AI running on on my
hardware within my control where I have
confidence it's not feeding things that
I'm not aware of? If so, yeah, I think
that'd be pretty cool.
>> Yeah. No one really talks about the fact
that like all right you can upload your
brain but then what if what if it gets
hacked
>> 8 has your brain do you want that I
don't want that so
>> more and more I think as we start
speaking so much to these bots maybe the
difference between actually uploading
your brain and just having these
conversations won't be that different
but as it stands today it's a pretty big
delta so it
>> it is it is but it is it is still
impressive to watch as they evolve I've
I've been very impressed and It's a
little scary to see some of the
headlines coming out of people that are
forging what they perceive to be actual
relationships with these bots. I think
as as a not beyond the industry, I think
as a society, we've got a lot of lessons
to learn with this technology.
>> Absolutely. So, Eric, if people want to
learn more about uh what you talked
about today, where can they go?
>> Um, octa.com is our corporate website
and it governs how Octa is helping
companies secure AI for all of these use
cases.
>> All right, Eric, thank you so much for
joining. Great to speak with you.
>> Thanks, Alex. Great to have to be here.
Thanks for having me.
>> My pleasure. Thanks everybody for
watching and we'll be back on the
channel with another video soon.