Mr. Nandagopal seshagiri

Securing AI Agents

Abstract:

AI agents upend traditional identity‑and‑access management (IAM) models and this talk proposes a blueprint for securing these new non‑human actors. Titled “Securing AI Agents”, it opens by explaining that AI agents are fundamentally different from human users: they act autonomously on behalf of people, call APIs and UIs across an architecture, and operate at unprecedented scale - creating trust challenges that conventional IAM wasn’t designed to handle. To address this, the keynote describes an expanded trust model where systems delegate tasks to AI agents, leading to multi‑stage trust chains. New security requirements - verifiability, auditability and contextual trust - are necessary to maintain confidence as identity relationships become more complex.

The presentation then defines what identity looks like for an AI agent and proposes a new authentication model built around ephemeral, scoped and audited credentials. It illustrates a delegated identity flow in which users explicitly grant bounded rights to an agent, the agent receives session‑bound credentials, and every action is logged with rich metadata tied back to the original user. The talk emphasizes that attestation - proving who instructed the agent and verifying the integrity of its runtime environment - is foundational for accountability and regulatory compliance. Finally, it lays out the building blocks for secure AI‑agent integration: agent keys and short‑lived credentials, delegation APIs, cryptographically verifiable attestation logs, policy‑as‑code, and session trust boundaries. With continuous monitoring, degradation of access and real‑time anomaly detection, these measures form a blueprint for integrating autonomous agents into enterprise environments while preserving trust and security.

Profile:

Mr. Nandagopal Seshagiri is a seasoned Senior Software Architect at Okta, specializing in Infrastructure and Application Security. With over a decade of experience, he has been instrumental in translating zero-trust principles into robust, scalable systems that protect millions of identities daily. His core mission is to engineer secure-by-default platforms that empower product teams to innovate confidently, backed by uncompromising security foundations.

At Okta, Nandagopal has spearheaded several of the company’s critical security initiatives, including Unified Asset Management, Cloud Security Posture Management, Just-In-Time IAM, and Role-Based Access Control (RBAC). On the product front, he played a foundational role in building key components of Okta’s Multi-Factor Authentication (MFA) and the Okta Access Gateway (OAG), enhancing the platform’s security capabilities at scale.

Known for bridging the gap between high-level architecture and hands-on engineering, Nandagopal drives end-to-end project delivery—from whiteboard to production—while aligning technical solutions with business and compliance objectives. His expertise spans a broad technical stack including Java, Go, Python, Terraform, Kubernetes, and AWS.

Beyond implementation, he is a strong proponent of secure-by-design culture. He actively mentors engineers, creates reference security patterns, and speaks on topics like zero-trust, PKI automation, and cloud-native security at internal forums.

Passionate about the future of identity and trust, Nandagopal welcomes opportunities to collaborate and exchange ideas on topics such as zero-trust adoption, supply chain security, and large-scale identity infrastructure.