Organizations can now continuously assess user risk and automatically respond to Identity threats across their technology ecosystem
OKTANE 2023 — Okta, Inc. (NASDAQ: OKTA), the leading independent Identity partner, announced Identity Threat Protection with Okta AI (Identity Threat Protection), a new product for Okta Workforce Identity Cloud that delivers real-time detection and response for Identity-based threats. Built with Okta AI and powered by insights pulled from an organization’s security stack, Identity Threat Protection extends security beyond initial authentication to any time a user is logged in. This allows admins and security teams to continuously assess user risk throughout active sessions, and automatically respond to Identity threats across their entire ecosystem.
Organizations are adopting an increasing number of cybersecurity tools to keep pace with evolving threats, forcing admins and security teams to sift through an overwhelming amount of granular security data to establish effective policies and detect and respond to critical threats. This fragmentation leads to navigating multiple consoles, and makes it difficult to track the risk of any given user session over time. Because Identity is uniformly deployed across an organization’s tech stack, Okta is uniquely positioned to assess risk across security domains and throughout active user sessions. This dynamic approach addresses a significant concern for businesses as, according to Gartner, “organizations that embrace a continuous adaptive trust approach by 2025 will reduce [account takeover] and other identity risks by 30%...”1
“You can’t defend what you can’t see, and Identity is a powerful tool to connect everything,” said Sagnik Nandy, President and Chief Development Officer of Workforce Identity Cloud at Okta. “Organizations need the ability to not only bring together risk insights at the point of login, but also to re-evaluate at any point in a user’s session. Identity Threat Protection extends Okta’s adaptive risk analysis and delivers automatic remediation and response, helping businesses stop potential threats in real-time.”
While multi-factor authentication (MFA) is a mainstay for combating Identity-based attacks, its effectiveness is often limited to the point of login. The growing risk of post-authentication threats, such as session hijacking, Adversary-in-the-Middle (AiTM), and MFA bypass attacks via phishing, is pushing organizations to extend their Identity-powered security capabilities beyond the point of authentication.
Extending Identity to Security Response Operations
Identity Threat Protection includes integrations built in collaboration with a robust ecosystem of partners including CrowdStrike, Jamf, Material Security, Netskope, Palo Alto Networks, SGNL, Trellix, Zimperium, and Zscaler. The product leverages a standards-based event pipeline to extract insights from various security technologies. When Identity Threat Protection detects an unusual event — whether it be a change in IP address or device context — admin-configured policies and features can initiate certain actions, such as immediately ending the active user session across supported applications where the organization has the feature enabled. This rapid, coordinated response capability not only allows organizations to neutralize Identity threats more effectively, but it also positions Identity Threat Protection as the connective tissue across the tech stack.
“Before companies can embrace new technologies with confidence, they need to ensure their security strategies are designed to outpace threats,” said Meerah Rajavel, CIO at Palo Alto Networks. “Our world-class threat intelligence innovations help secure enterprises against evolving attack methods. Collaborating with Okta’s Identity Threat Protection is a great opportunity to further empower enterprises with security signal sharing, helping them to better detect changes in user risk across their tech stack.”
By leveraging shared signals throughout a user’s active session, Identity Threat Protection empowers organizations to mitigate risk with richer threat detection and response capabilities. Initial capabilities at launch include:
- Continuous Risk Evaluation enforces security policies both at login and during an active user session, reducing the potential for unauthorized access or session hijacking.
- Shared Signals Pipeline amplifies threat visibility across an organization’s tech ecosystem, enabling security teams to detect and respond to emerging threats between various security technologies, including Mobile Device Management (MDM), Cloud Access Security Broker (CASB), and Endpoint Detection & Response (EDR) solutions.
- Adaptive Actions responds to real-time threats with targeted actions such as Universal Logout from supported applications with the feature enabled, prompting users for on-demand multi-factor authentication, and executing automated workflows to address emerging risks.
“Jamf manages and secures more than 30 million Apple devices for the world’s leading companies,” said Linh Lam, CIO at Jamf. “In today’s risk environment, it’s critical for any changes in management status and device user risk to be sent in real-time for remediation. Our market-leading Apple device management solution and endpoint security capabilities, backed by Apple-focused threat intelligence, makes Jamf a perfect partner for Okta admins using Identity Threat Protection.”
Learn more about Identity Threat Protection on our blog.
Identity Threat Protection will be available in Limited Early Access in Q1 of 2024.
Any products, features, or functionality referenced in this announcement that are not currently generally available, may not be delivered on time or at all. Product announcements do not represent a commitment, obligation, or promise to deliver any product, feature, or functionality, and customers should not rely on them to make purchase decisions.
Check out all of Okta’s announcements at Oktane 2023.
Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.
1 Gartner®, “Shift Focus From MFA to Continuous Adaptive Trust” Ant Allan, Dec 1 2021
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.