AI Agents Could Kill Enterprise SaaS: Okta CEO Warns

Todd McKinnon just said what most enterprise software CEOs are afraid to admit: AI agents — autonomous software that performs tasks and makes decisions without constant human approval — could make enterprise SaaS products obsolete. The CEO of Okta, a $14 billion identity security company used by 20,000 organizations, told The Verge's Decoder podcast that he's "paranoid." For someone running a $3 billion annual revenue business, that's a striking admission. The paranoia is grounded in a concrete reality: AI automation tools are now compressing software development from 18 months to weeks.

The "SaaSpocalypse" — a term spreading through enterprise tech circles — describes a scenario where AI development tools become capable enough that companies simply build what they used to buy. With AI coding tools maturing fast, any competent engineering team can now replicate features that once required years of dedicated product investment. McKinnon's public acknowledgment of this threat matters: he's not performing strategic humility for investors. He's adapting in real time.

Why Enterprise SaaS Is More Fragile Than It Looks

For decades, enterprise software companies competed on features and integrations. The unspoken contract was simple: "You pay us, we handle complexity, you never think about it." That contract is fracturing fast.

Here's what changed: AI development tools have collapsed the time required to build working software. A feature that once took 18 months now takes weeks. What required a team of 20 engineers might now require 3 with the right AI tools. The moat — the competitive protection — enterprise SaaS (Software as a Service, cloud-based subscription software) companies built was always complexity. AI handles complexity efficiently now.

The vulnerability splits across clear tiers:

• Productivity tools (highest risk): Scheduling, note-taking, document management — replicable by internal teams in days using AI-assisted development
• CRM and project management (high risk): Core workflow software can be rebuilt as custom internal tools tailored to a company's specific needs
• Identity and security (moderate risk): Requires compliance certifications, years of uptime data, and legal accountability — harder to DIY, but the threat is real
• Infrastructure (most defensible): Deeply embedded, heavily regulated, massive switching costs built over years

McKinnon acknowledged the gap directly: "Getting the features to work is 10 percent of the battle. Making sure it works 100 percent of the time takes years and years and years." That 90% gap — between a working prototype and a production-grade enterprise system — is the final moat established software companies are counting on.

Okta's Pivot: Managing AI Agents Instead of Just Humans

Rather than defending against disruption passively, Okta is placing a calculated strategic bet: become the company that manages AI agents (autonomous software programs that access systems and make decisions on behalf of users or entire organizations) the same way it currently manages human employee identities.

Okta is actively building two critical new capabilities:

1. Agent verification: Confirming that an AI agent connecting to a corporate system is authorized and legitimate — similar to how Okta currently verifies human employees at login
2. Kill switch mechanisms: The ability to instantly revoke an AI agent's access to corporate systems if it behaves unexpectedly, gets compromised, or simply needs to be deactivated

McKinnon frames AI agents as "something in between a person and a system" — a new organizational category that doesn't fit existing security models (frameworks that govern who and what can access which resources within a company). Human users get accounts with passwords and multi-factor authentication (a second verification layer, like a code sent to your phone). Software systems get API keys (digital credentials for automated programs). AI agents need something new: dynamic permissions (access rules that adjust in real time based on context and behavior) that can be granted, scoped, and revoked instantly.

This isn't a product update. It's a full strategic repositioning — from "manage your employees' logins" to "manage everything that acts on behalf of your company, human or otherwise." The agent identity problem is genuinely hard to DIY, giving Okta a defensible new category while its existing identity business faces mounting pressure.

The Numbers Behind the AI Automation Threat

To understand why McKinnon is genuinely worried — not performing strategic humility — look at Okta's current position:

• $3 billion in annual revenue with a 10% year-over-year growth rate
• 20,000+ enterprise customers concentrated in regulated industries
• $14 billion market capitalization — requiring continued growth to justify investor confidence
• $300 million added per year at current growth rate — healthy until you factor in accelerating internal competition from AI-powered dev teams

A 10% growth rate at $3B revenue sounds solid until you consider that AI automation could compress software development cycles by 10x or more. The real risk isn't a competitor building a better product — it's McKinnon's own 20,000 customers quietly building good-enough alternatives internally using tools like Claude Code or GitHub Copilot.

McKinnon's recommended antidote is organizational: shift the ratio of change to stability from 20/80 (spending 20% of effort on new capabilities, 80% on maintaining existing systems) to 60/40 or higher. "If you don't question and look at how you've built your own company and realize that the world is changing, you're just naive," he told The Verge's Nilay Patel. That's not a quarterly product tweak. It's a massive operational overhaul for a business where 20,000 customers depend on rock-solid reliability every day.

Why Liability Is the Last Real Moat for Enterprise SaaS

Here's the uncomfortable truth for any organization considering replacing Okta with an internally-built alternative: legal liability. McKinnon articulated it plainly — enterprise decision-makers want "a vendor rich enough to sue if something goes wrong."

That's not cynical. It's a real institutional requirement. If an internal team's custom identity tool suffers a breach and 50,000 employee credentials are exposed, someone needs to be accountable in a way that survives board scrutiny and regulatory examination. A vendor with $14 billion in market capitalization and enterprise liability insurance offers accountability that an internal engineering team simply cannot match.

This liability-as-moat is strongest in regulated industries — financial services, healthcare, and government — which happen to be Okta's densest customer segments. These organizations need audit trails, compliance certifications (SOC 2, ISO 27001, FedRAMP — security standards required by large organizations and government agencies), and a legal entity capable of bearing responsibility when systems fail. An internal dev team with AI tools can build the features. They cannot buy the credibility.

Bigger Than Cloud: How AI Automation Is Disrupting Software Vendors

McKinnon and other industry leaders are calling the current AI transition "bigger than cloud computing." Cloud computing made it cheaper and easier to run software. AI automation makes it cheaper and easier to build software. These are different disruptions with different victims. Cloud hurt hardware vendors and data centers. AI threatens the software vendors themselves.

Okta's bet on agent identity management assumes that even when AI agents can perform more and more of what enterprise software does, governance doesn't disappear — it becomes more critical. Controlling which agents can do what, on whose behalf, with what permissions, and with full audit accountability is a problem that scales with AI adoption, not against it. For Okta, the SaaSpocalypse might actually be a growth catalyst — if the pivot executes cleanly.

If you're managing software procurement or IT strategy at any organization, this is the moment to evaluate your critical tools by a new standard: not just features and price, but accountability and track record under pressure. For a practical starting point, explore our AI automation implementation guides — the right questions to ask vendors in 2026 are very different from 2024.

Related Content — Get Started with AI Automation | AI Guides | More AI News