Okta, Inc. - Experts & Thought Leaders

Identity-based cyber attacks continue to prevail and impact organisations. Stealing credentials was the top initial action in breaches, according to Verizon. Plus, 84% of identity stakeholders surveyed said identity-related incidents directly impacted their business, resulting in reputational damages, distraction from core business, and increased recovery costs. Key components of integration It is more important than ever to safeguard sensitive data from identity-based attacks. For this, defenders need threat context from their security tools combined with data context – information on what is being targeted. To help with this challenge, Rubrik has partnered with Okta.  Rubrik Security Cloud will provide Okta Identity Threat Protection with critical user context to accelerate threat detection and response. In this blog, they will learn about the key components of this integration from Rubrik and Okta and why organisations can benefit from it. Changes in sensitive data access Rubrik can detect changes in access to sensitive data, helping accurate and timely risk-level assessments When it comes to safeguarding data from identity-based attacks, knowing which users have access to sensitive data and how user access changes over time are important. Rubrik Security Cloud provides organisations with unparalleled visibility into user access to sensitive data. It identifies and analyses user access factors and changes to these factors, individually and in combination. Depending on the level of sensitivity of data a user can access, the user will be assigned a certain risk score (high/medium/low/none).  Access to sensitive data Rubrik can detect changes in access to sensitive data, enabling accurate and timely risk-level assessments.  This functionality is crucial for organisations to maintain control over their data, enforce least privileged access, and ensure that only authorised users have access to sensitive information. Empowering Okta with critical user risk context  Rubrik shares with Okta important user context such as email and the types of sensitive files they have accessed. By combining Rubrik's user access risk signals with threat context from other security products used by an organisation (e.g., Endpoint Detection and Response or EDR), Okta can determine overall risk levels more effectively and automate threat response actions to mitigate identity-based threats. Shown in the diagram is a high-level overview of how the integration works: Rubrik knows the user’s identity based on information from Microsoft Active Directory Rubrik Security Cloud assigns the user a risk level based on the sensitivity of the data they can access. When Rubrik detects a change in a user’s risk level, it shares this with Okta Identity Threat Protection, which can then take a response action. Okta automated threat response Okta can accurately determine overall risk levels and automate threat response accordingly When Okta Identity Threat Protection combines Rubrik's user risk signals with other security signals, Okta can accurately determine overall risk levels and automate threat response accordingly. For example, it can take actions on a high-risk user such as logging them out of a certain device or requiring re-authentication. These remediation steps help mitigate potential threats by revoking access or prompting additional verification when suspicious activity is detected. Upon learning about user risk changes, Okta can take an action on potential threats, reducing the operational burden on security teams. Benefits of the Rubrik and Okta integration The integration of Rubrik Security Cloud with Okta Identity Threat Protection offers several significant benefits for organisations seeking to enhance their data protection and streamline threat response processes.  Firstly, it provides continuous visibility into user access to sensitive data, enabling organisations to monitor changes in access permissions and accurately assess risk levels in a timely manner. This helps them maintain control over sensitive data. Okta’s automated remediation actions Additionally, the integration alleviates the operational burden on security teams Secondly, the integration facilitates faster threat response and remediation. By seamlessly sharing user risk level changes to Okta Identity Threat Protection, the integration enables Okta’s automated remediation actions, such as logging out users or requiring re-authentication. This proactive approach significantly accelerates threat response, thereby enhancing the overall security posture of the organisation. Additionally, the integration alleviates the operational burden on security teams. By Okta helping automate response actions, security professionals can focus their efforts on more strategic tasks, rather than being overwhelmed by manual processes. This increased efficiency translates into improved productivity and a more effective allocation of resources. Rubrik's user access risk signals Finally, the Rubrik-Okta integration fosters enhanced visibility across the security ecosystem. By combining Rubrik's user access risk signals with threat intelligence from other security products, Okta can determine overall risk levels more effectively. This comprehensive risk assessment enables organisations to gain a holistic view of their threat landscape, allowing for more informed decision-making and proactive threat mitigation strategies. Pioneering Integration and Innovation Rubrik is the first and only data security platform vendor to integrate with Okta Identity Threat Protection. The integration leverages OpenID Foundation Shared Signals Framework. By utilising this framework for receiving user risk signals from Rubrik, Okta can then automate response and remediation, thereby providing a proactive stance against potential security threats. By leveraging Rubrik's data security capabilities and Okta's identity protection solutions, the integration aims to set a new standard in identity threat response.

Zimperium, the global pioneer in mobile security, is proud to announce that it’s collaborating with Okta, the independent identity provider to deliver a significant advancement in identity threat protection for mobile devices. By integrating Zimperium Mobile Threat Defence (MTD) with Okta Identity Threat Protection with Okta AI, the companies are setting a new standard in continuous risk monitoring and enabling automated threat response, providing organisations with unparalleled mobile security and on-device operational efficiency. Zero-trust framework The sophistication and rapid evolution of modern mobile threats highlight the need for constant scrutiny and attention within a zero-trust framework. Corporate devices and the environments in which they operate are constantly changing and require an active, run-time threat protection solution to always know the exact risk posture of the device.  Mobile Threat Defence (MTD) product This integration helps detect threats by continuously assessing and sharing mobile devices’ threat and risk posture Zimperium’s industry-pioneering Mobile Threat Defence (MTD) product, designed to assess the full breadth of the mobile attack surface, including device, network, application, and Web threats, integrates real-time threat intelligence and rich threat context into the Okta Identity Threat Protection platform. This integration helps detect threats by continuously assessing and sharing mobile devices’ threat and risk posture to enable shared customers to take action in real time when a threat is detected automatically.  Real-time mobile threat detection Zimperium is one of the initial integration security event providers for Okta Identity Threat Protection with Okta AI. The integration provides real-time mobile threat and risk intelligence for managed and unmanaged devices, a core component of a zero-trust architecture.  By sharing continuous risk posture data with Okta, organisations have the necessary insights required to enforce strong identity and access controls and to configure the service to automatically respond to threats. This represents a modern and necessary requirement for a strong zero-trust architecture.  Identity threat protection  Through this powerful integration, Zimperium’s industry-pioneering MTD solution integrates seamlessly with Okta’s Identity Threat Protection platform to empower organisations with: Real-Time Threat Intelligence: Zimperium delivers rich threat context and real-time threat intelligence to Okta customers, facilitating faster and more informed risk assessments. Comprehensive Mobile Threat Protection: Zimperium’s On-Device Dynamic Detection Engine is a comprehensive, multi-layered detection engine that utilises machine and deep learning, behavioral analysis, and deterministic techniques to provide a holistic and dynamic threat defence system for mobile devices. Zimperium’s MTD solution covers the entire mobile attack surface, including devices, networks, applications, and web traffic. This holistic approach allows organisations to identify and mitigate a wide range of mobile threats. Automated Countermeasures: By sharing threat signals with Okta, Zimperium enables organisations to enable automated responses to identity-based threats. This can include actions like multi-factor authentication prompts or session termination, significantly reducing the window of vulnerability. Stronger Zero-Trust Security: Zimperium provides real-time intelligence for both managed and unmanaged devices, making it a perfect fit for zero-trust architectures. Continuous risk posture data from Zimperium empowers Okta to enforce strong identity and access controls, further strengthening zero-trust security. Automatic remediation and response “Organisations need the ability to bring together risk insights at the point of login and re-evaluate at any point in a user’s session,” said Stephen Lee, Vice President, Technical Strategy and Partnerships. “Identity Threat Protection extends Okta’s adaptive risk analysis and enables automatic remediation and response, helping businesses stop potential threats in real-time. By integrating with Zimperium, we can extend our risk ingestion on an attack surface that Okta does not fully cover.” Robust security postures “As organisations adopt new technologies, effective on-device security is more crucial than ever,” said Shridhar Mittal, CEO of Zimperium. “Our work with Okta enhances our ability to provide real-time protection against identity threats." "Together, we empower enterprises to stay ahead of evolving threats and maintain robust security postures. We encourage current Okta customers to explore these new security enhancements and strengthen their mobile security strategies.” Security signal sharing Okta Identity Threat Protection is built with Okta AI and powered by insights pulled from an organisation’s security stack. In real-time, it detects and responds to identity threats, depending on a customer’s service configuration, during and after authentication, amplifies security signal sharing across the ecosystem, and orchestrates remedying actions. The solution is generally available for Workforce Identity Cloud customers worldwide. 

Cohesity, a pioneer in AI-powered data security and management announced it is expanding its Data Security Alliance ecosystem with six pioneering Data Security Posture Management (DSPM) vendors, including long-standing partner BigID, as well as Cyera, Dig Security, Normalyze, Sentra, and Securiti. Challenges with cloud Cloud adoption continues to increase, but copies of data are often shared between clouds without oversight by IT or security, resulting in the growth of shadow data. Because of this, data security, cyber recovery, and compliance are at risk, as evidenced by 82% of breaches involving data stored in the cloud.  Need for DSPM capabilities DSPM gives customers a deep understanding of where their sensitive data is, who has access to it The need for DSPM capabilities, coupled with modern data security and management services, has never been greater. DSPM gives customers a deep understanding of where their sensitive data is, who has access to it, how it is being used, and where it is stored. When combined with Cohesity’s modern data security and management technology, customers are building a strong cyber resilience posture.  Flexibility  With these partnerships, Cohesity expects to integrate with the broadest and most comprehensive selection of DSPM solutions in the industry. Collectively, this newly formed group represents the majority of the DSPM market, providing Cohesity customers with the flexibility to choose the solution that best fits their needs.  Data visibility challenge Organisations face a significant challenge when it comes to the visibility of critical data across a growing multitude of repositories. Accelerating cloud adoption, compounded by an explosion of microservices, and a high rate of change (driven by modern DevOps practices) put customers at risk of significant data sprawl. Addressing visibility gaps Joint customers maintain visibility and help assure all their stakeholders that their sensitive data is protected Due to these visibility gaps, critical and sensitive data becomes hidden from IT teams and oftentimes goes unprotected. Cohesity is working to solve this issue by partnering with the pioneering DSPM vendors and members of the Cohesity Data Security Alliance. With this unique collaboration, joint customers maintain visibility and help assure all their stakeholders, including employees, customers, and shareholders that their sensitive data is protected. Sensitive data assessment Cohesity’s pioneering data security and management technology, coupled with the benefits of DSPM, will deliver instant discovery of all data workloads, both sanctioned and unsanctioned, while also providing assessments of which data workloads have sensitive data that are often targeted by bad actors. These capabilities enable enterprises to be even more proactive in the fight against cyberattacks and provide the following cyber resilience benefits: Backup admins can easily see which objects have sensitive data. IT and security can instantly identify protection gaps for critical workloads. Actionable Cyber Recovery risk reports go directly to compliance teams. Identify and protect data As organisations rapidly expand their hybrid cloud footprint, their data risk and exposure increase in lockstep" “As organisations rapidly expand their hybrid cloud footprint, their data risk and exposure increase in lockstep,” said Elad Horn, group vice president, of Product, Cohesity. “We look forward to continuing our partnership with pioneering DSPM vendors to help our joint customers rapidly identify and protect their most sensitive and business-critical data across both public cloud and private cloud environments.”  Cyber attack and ransomware protection “Cohesity is helping some of the largest enterprises in the world protect their data against ransomware and cyber threats in hybrid cloud environments,“ said Amer Deeba, CEO and Co-founder of Normalyze. “Now with the integration with Normalyze DSPM platform, customers get full visibility into their data across all clouds, SaaS, and on-prem." "The joint solution gives security teams unprecedented visibility into their sensitive data locations and types; identifies and prioritises risks based on the highest monetary impact to the organisation in case of a data breach, and proactively protects the data from ransomware and cyber attacks.”  DSPM solutions “Cohesity’s Data Security Alliance ecosystem offers customers the opportunity to implement security on their terms, making it easy to integrate with vendors in adjacent technology spaces,” said Jennifer Glenn, research director for the IDC Security and Trust Group. “The expansion of the program to include DSPM solutions such as BigID and Normalyze, as well as other pending integrations, gives customers more insight and visibility into their data and more confidence that it will be protected appropriately.”  Data Security Alliance Cohesity’s Data Security Alliance offers a unique and comprehensive approach to security The Cohesity Data Security Alliance was founded in November 2022 and contains 15 members including BigID, Cisco, CyberArk, Mandiant, Netskope, Okta, Palo Alto Networks, PwC UK, Qualys, Securonix, ServiceNow, Splunk, TCS, Zscaler. The addition of the six DSPM security vendors brings the total membership to 21. Cohesity’s Data Security Alliance offers a unique and comprehensive approach to security.  Security and data management Through this one-of-a-kind alliance, pioneering cyber security, data security and management, and services vendors partner to seamlessly bridge enterprise IT and security by sharing context and enabling new workflows. This collaboration can help customers detect threats and respond to attacks faster, improve remediation, and advance cyber resilience, all while utilising their existing security and data management investments. Remediate data risks “It’s more important than ever for organisations of all sizes to proactively identify and remediate risk across their entire data landscape – including dark data, shadow data, and critical data,” said Tyler Young, CISO at BigID. BigID’s market-pioneering DSPM capabilities enable companies to accelerate their security strategies" “BigID’s market-leading DSPM capabilities enable companies to accelerate their security strategies and improve their security posture with differentiated actionability, risk remediation, and unmatched data discovery and classification built for the enterprise. Our partnership with Cohesity is a natural fit to extend DSPM capabilities to help customers better manage, reduce, and remediate risk.” Availability The integration with Normalyze, Cohesity’s initial design partner, is expected to be available within 30 days. The company’s partnership with BigID on enterprise-grade, AI-powered data classification grows through this new integration with SmallID (BigID’s DSPM product) and is expected to be available in 60 days. Additional DSPM partner integrations will be available in the coming months.