sb-nz logo
Story image

Okta launches offerings for threat detection and remediation

14 Oct 2019

Identity and access management service provider Okta has announced Okta SecurityInsights, a family of product innovations that provides global organisations with personalised security detection and remediation capabilities at the end-user, administrator, and customer network level.

Okta is introducing two features of SecurityInsights: UserInsight, suspicious activity reporting for end-users, and HealthInsight, customised, dynamic security best practice recommendations for administrators.

These end-user and administrator functionalities build on Okta’s ThreatInsight, network effect-driven protection that prevents threat actors from compromising user accounts by identifying and blocking malicious IPs pre-authentication.

Collectively, SecurityInsights enables large enterprises to take meaningful action across their organisations to improve security.

Global enterprises have built rapidly-evolving, expansive workforces that continuously adopt new technology and engage with new markets.

As a result, tens of thousands of employees, contractors, and partners are interacting with and accessing sensitive information.

Aside from the efficiency hurdles, a distributed and disparate workforce presents an increasingly difficult security challenge, especially in the face of growing attacks and breaches where everyone from the rank and file to the executive suite could become attack targets.

In a global threat landscape in which 80% of attacks involve compromised or weak credentials, enterprises must maintain a security posture that accounts for dynamic and global workforces while still enabling robust protection at scale.

That means implementing and maintaining access management best practices across global workforces and simultaneously turning those potential victims of attacks into first responders.

“Enterprises operating at tremendous scale are faced with the seemingly impossible task of managing technology access, with each application requiring individual policy configuration in order to avoid potentially catastrophic risk.

“By centralising identity, these organisations can not only deploy new technology faster but do so securely,” says Okta chief product officer Diya Jolly.

Empowering administrators

As global security and IT administrators implement policies that govern identity and access management within their organisations, the security landscape continues to evolve.

Approaches that were once the gold standard fall out of practice, with new approaches being adopted regularly.

To counter this shifting security playing field, Okta has introduced HealthInsight, a new, dynamic offering that monitors adherence to security best practices and provides tailored configuration recommendations, like enforcing strict password policies, creating a block list for known malicious IP addresses, and requiring strong factors during factor enrolment.

“HealthInsight offers a tailored assessment of an organisation’s security posture as well as providing the ability to automate policy responses across hundreds of apps,” Jolly says.

Administrators can easily act on these recommendations from the HealthInsight console to help prevent credential-based attacks.

In addition to implementing security best practices through dynamic monitoring, Okta has also unveiled new, stronger authentication capabilities for administrators, unlocking passwordless access through FIDO2/WebAuthn factors, including biometrics.

These non-phishable factors go even further to empower large organisations to protect themselves against account takeover and potential data loss.

Engaging end-users and the ecosystem

With UserInsight, an organisation’s tens of thousands of end-users serve as the first line of defence against credential-based attacks.

Once attacks are identified, the Okta Identity Cloud works with technology partners including security orchestration, automation & response (SOAR) and security information & event management (SIEM) vendors, leveraging identity to automate incident remediation workflows throughout an organisation.

With millions of log entries in an organisation’s SIEM solutions, it’s impossible for security teams to monitor and respond to every potential issue, but now users can share the responsibility.

UserInsight’s suspicious activity reporting alerts end-users to anomalous activity within their account, including logins from new devices and the enrolment or resetting of multi-factor authentication factors.

After being notified, end-users have the ability to report unrecognised activity to their organisation’s administrator, kicking off automated incident response workflows.

Leveraging integrations with SOAR platforms and other security tools, Okta can automatically quarantine a user, preventing access to apps with sensitive data until identity verification can be confirmed through biometrics and Okta Verify Push, Okta’s mobile authenticator application.

Using Okta Hooks, an Okta administrator can also automatically notify SecOps teams of potential account compromise, through integrations with digital operations platforms like PagerDuty.

“With UserInsight, CISOs can harness their user base to report suspicious activity without impacting productivity, turning security targets into first responders. Collectively, SecurityInsights leverage the end user, administrator, and network effects across Okta’s customer base to help keep enterprises secure,” says Jolly.

Okta SecurityInsights features are available starting today for Okta customers.

Story image
New wormable Android malware discovered through auto-replies in WhatsApp
Check Point Research has discovered new malware on Google’s Play Store that could spread through WhatsApp messages. More
Story image
Kroll completes Redscan acquisition, expands cyber risk portfolio
With the addition of Redscan and its extended detection and response (XDR) enabled security operations centre (SOC) platform, Kroll expands its Kroll Responder capabilities to support a wider array of cloud and on-premise telemetry sources.More
Story image
Video: 10 Minute IT Jams - Radware VP on the challenges of cloud security
In this interview, Techday speaks to Radware vice president of technologies Yaniv Hoffman, who discusses the primary challenges facing IT organisations in terms of their cloud security apparatus.More
Link image
Virtual demo: Diagnose network cabling problems with the LinkIQ Cable+Network Tester
If you’re finding it difficult to install access points and cabling, or if you can’t pinpoint an issue with a video camera or end user, the LinkIQ Cable+Network Tester could be exactly what you need. Try a free, fully interactive demo now.More
Story image
Tesserent to acquire Secure Logic's managed security services business
Secure Logic delivered an audited turnover of $9 million in FY 2020 and a $4.2 million EBITDA, with reportedly ‘strong’ earnings going into FY 2021.More
Story image
AvePoint brings Salesforce Cloud Backup to channel partners
The product adds to the AvePoint suite of trusted Cloud Backup for Microsoft 365 and Dynamics 365 to provide managed service providers with backup and restore capabilities across multiple, popular SaaS providers.More