Curated by THEOUTPOST
On Thu, 17 Oct, 1:00 PM UTC
2 Sources
[1]
Okta is Reducing the Risk of Unmanaged Identities, Social Engineering, and MFA Overload for Enterprise Employees By Investing.com
LAS VEGAS--(BUSINESS WIRE)--Okta today announced new Workforce Identity Cloud capabilities to address top security challenges such as unmanaged SaaS service accounts, governance risks, and identity verification. As part of a unified approach, these innovations help protect business before, during and after authentication, providing greater control, visibility, and streamlined user experience. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20241016429068/en/ Why it Matters: Identity acts as the first line of defense for critical apps and the connective tissue between security signals, no matter the speed at which an organization moves or the complexity of their technology stack, said Arnab Bose, Chief Product Officer, Workforce Identity Cloud at Okta. By continuously investing in the Okta Workforce Identity Cloud, we're able to build a more reliable, scalable, and trusted platform that is empowering our customers to adopt a more unified approach to security. Better Manage Identities Before the Point of Log In To effectively safeguard against identity-based attacks, it's become essential for organizations to stay proactive by discovering identity posture risks, remediating them, and implementing the principle of least privilege based on their needs. What's New " Secure SaaS Service Accounts Secure SaaS Service Accounts within Okta Privileged Access is a set of upcoming capabilities to protect non-federated SaaS accounts with vaulting, credential rotation, step-up MFA before secret reveal, and audit trail. With shared accounts easily falling out of the boundaries of traditional identity controls like federation and MFA, this feature provides organizations with centralized control to reduce risk and eliminate standing access. What's New " Governance Analyzer with Okta AI Governance Analyzer, an upcoming feature of Okta Identity Governance, will empower managers and approvers by providing the insights they need, such as usage data and previous governance decisions, to make informed authorization decisions quickly and confidently. By utilizing real-time risk assessments and actionable recommendations, it can surface relevant information directly within Okta Identity Governance, enabling decision makers to make critical access decisions seamlessly within their existing workflows. As usage grows, Governance Analyzer will continue to learn and adapt, improving its ability to provide actionable insights and lower risk across the organization. Protect Against Social Engineering Attacks with Stronger User Verification Security incidents that involve employee onboarding and account/device recovery are typically a result of bad actors exploiting weak identity verification processes"like temporary passwords or help desk admins who can be socially engineered"that allow them to impersonate legitimate users. As increasing threats pose new security challenges, stronger user verification is needed. What's New " Out-of-the-box Integrations for Identity Verification in Early Access Out-of-the-box Integrations for Identity Verification adds another layer for validating an employee or partner is who they say they are by leveraging third-party providers, including Persona, and coming soon Incode, Onfido, Clear, and others, without custom configuration. By enforcing identity verification at any stage of the employee lifecycle, organizations can more effectively mitigate the risk of social engineering and deepfake attacks. The solution leverages multiple techniques, such as verification with government ID databases and liveness checks to verify the identity of the individual with confidence. Strengthen Security While Streamlining Sign-On Experiences Organizations want their employees to have a simple yet secure experience when working on corporate devices. This means reducing the number of authentication prompts to minimize friction while maintaining the highest security standards. What's New and Expected in Q1 2025 " Extended Device Single Sign-On Extended Device Single Sign-On, part of Okta Device Access, will deliver a more secure and seamless SSO experience by initiating a hardware-protected session at device login. This cryptographically binds the user's identity to their device, significantly reducing the risk of user context-based exploits and phishing attacks. With fewer authentication prompts, users can securely access downstream apps and get to work faster, without compromising on security standards. Disclaimer: Any products, features, functionalities, certifications, authorizations, or attestations referenced in this material that are not currently generally available or have not yet been obtained or are not currently maintained may not be delivered or obtained on time or at all. Product roadmaps do not represent a commitment, obligation or promise to deliver any product, feature, functionality, certification or attestation and you should not rely on them to make your purchase decisions. About Okta Okta is The World's Identity Companyâ„¢. We secure Identity, so everyone is free to safely use any technology. Our customer and workforce solutions empower businesses and developers to use the power of Identity to drive security, efficiencies, and success " all while protecting their users, employees, and partners. Learn why the world's leading brands trust Okta for authentication, authorization, and more at okta.com.
[2]
Okta expands Workforce Identity Cloud with new security enhancements and AI governance tools - SiliconANGLE
Okta expands Workforce Identity Cloud with new security enhancements and AI governance tools Identity access management company Okta Inc. today made a number of announcements aimed at enhancing security and developer capabilities across its platform, a new partnership with the OpenID Foundation to bolster identity security across software-as-a-service applications, and a new suite of tools for securing artificial intelligence integration. Starting with new enhancements to Workforce Identity Cloud, Okta's first announcements aim to address key security challenges enterprises face today. Okta has announced the introduction of Secure SaaS Service Accounts, which provide centralized control over shared accounts to reduce the risks associated with unmanaged SaaS applications. Through the provision of vaulting, credential rotation and step-up multifactor authentication, organizations can better protect sensitive service accounts from unauthorized access. Also new today is a new "Governance Analyzer" powered by Okta AI, which seeks to reduce governance risks across the enterprise. The tool provides real-time risk assessments and actionable insights that allow managers to make faster, more informed authorization decisions. Governance Analyzer surfaces critical usage data and previous governance decisions to ensure that access control is continuously optimized. Okta has also introduced stronger user verification features to combat social engineering and deep fake attacks. The new verification features include out-of-the-box integrations for identity verification that allow organizations to integrate third-party providers for secure employee and partner authentication. The new verification features also offer support for providers such as Persona Inc. and upcoming integrations with Incode Technologies Inc. and Onfido Ltd. to help reduce the risks of onboarding and recovery exploits. The company is also improving the user experience with the rollout of Extended Device Single Sign-On, expected to be in general availability by early 2025. The feature simplifies access by binding a users' identity to their devices, minimizing the need for repeated authentication prompts while maintaining robust security. Okta today announced the launch of the Interoperability Profile for Secure Identity in the Enterprise, a new open standard developed in collaboration with the OpenID Foundation. The standard launches with support from industry leaders, including Microsoft Corp. and Ping Identity Corp. It's aimed at enhancing identity security across SaaS applications by integrating technologies such as single sign-on, risk signal sharing and session termination into a unified framework. The IPSIE standard has been designed to address the growing challenges of managing identity security in the cloud. The standard introduces standardized practices for governance, entitlement management and continuous authentication that allow organizations to gain better control over identity risks. Okta has partnered with more than 50 leading enterprise SaaS applications, including Google LLC, Microsoft Office 365 and Slack, to support the adoption of IPSIE. The applications will integrate features aligned with the new standard to make it easier for companies to build secure-by-default SaaS products. With the final announcement, Okta introduced Auth for GenAI, a product designed to help developers securely integrate generative AI into their applications. The new toolset addresses AI-specific risks such as hallucinations and excessive agency by providing secure user authentication and application programming interface management that allows developers to implement AI-powered features with confidence while knowing that sensitive data is protected. Auth for GenAI includes key features, including Async Authentication and Fine Grained Authorization, that enhance security and the user experience. Async Authentication allows users to approve or reject AI-driven actions remotely and fine-grained authorization ensures that AI agents access only the data each user is authorized to see. These features help prevent sensitive information from being disclosed inappropriately. Additionally, Okta unveiled a new developer portal to support companies in building AI-ready applications. The portal has been designed to make it easy for developers to securely expose APIs to AI agents to ensure the integrations are protected from potential security threats.
Share
Share
Copy Link
Okta introduces new features to its Workforce Identity Cloud, including AI-powered governance tools, enhanced security measures, and improved user verification to address emerging cybersecurity challenges in enterprise environments.
Okta, a leading identity and access management company, has announced significant enhancements to its Workforce Identity Cloud platform. These new features aim to address critical security challenges faced by enterprises in today's rapidly evolving digital landscape 12.
One of the key innovations is the introduction of the Governance Analyzer, powered by Okta AI. This tool is designed to mitigate governance risks across organizations by providing real-time risk assessments and actionable insights. The Governance Analyzer enables managers to make faster, more informed authorization decisions by surfacing critical usage data and previous governance decisions, ensuring that access control is continuously optimized 12.
To combat the risks associated with unmanaged SaaS applications, Okta has introduced Secure SaaS Service Accounts. This feature provides centralized control over shared accounts, offering vaulting, credential rotation, and step-up multifactor authentication. By implementing these measures, organizations can better protect sensitive service accounts from unauthorized access 12.
In response to the growing threat of social engineering and deepfake attacks, Okta has rolled out stronger user verification features. These include out-of-the-box integrations for identity verification, allowing organizations to integrate third-party providers for secure employee and partner authentication. Support for providers such as Persona, with upcoming integrations for Incode and Onfido, aims to reduce the risks associated with onboarding and recovery exploits 12.
Expected to be generally available by early 2025, the Extended Device Single Sign-On feature simplifies access by binding a user's identity to their device. This innovation minimizes the need for repeated authentication prompts while maintaining robust security, significantly improving the user experience 12.
In collaboration with the OpenID Foundation, Okta has launched the Interoperability Profile for Secure Identity in the Enterprise (IPSIE). This open standard, supported by industry leaders like Microsoft and Ping Identity, aims to enhance identity security across SaaS applications by integrating technologies such as single sign-on, risk signal sharing, and session termination into a unified framework 2.
Recognizing the growing importance of AI in enterprise applications, Okta has introduced Auth for GenAI. This new product is designed to help developers securely integrate generative AI into their applications. It addresses AI-specific risks such as hallucinations and excessive agency by providing secure user authentication and API management 2.
These innovations represent a significant step forward in enterprise security, particularly in the realm of identity and access management. By addressing challenges such as unmanaged identities, social engineering, and the complexities of AI integration, Okta is positioning itself at the forefront of the evolving cybersecurity landscape 12.
As organizations continue to grapple with the security implications of remote work, cloud adoption, and AI integration, solutions like those offered by Okta will play a crucial role in maintaining robust security postures while enabling seamless user experiences.
Auth0, an Okta company, has significantly upgraded its free developer tier, offering more users, enhanced security features, and advanced authentication methods at no cost.
2 Sources
2 Sources
As AI-driven cyber threats evolve, organizations are turning to advanced technologies and zero-trust frameworks to protect identities and secure endpoints. This shift marks a new era in cybersecurity, where AI is both a threat and a critical defense mechanism.
2 Sources
2 Sources
CrowdStrike announces new Falcon Cloud Security features, including AI-powered security posture management and unified protection across cloud infrastructure. The company also partners with Dazz and launches a financial services subsidiary.
5 Sources
5 Sources
Entrust has integrated AI-driven biometrics into its identity-as-a-service platform to combat sophisticated fraud, offering enhanced security and user experience.
2 Sources
2 Sources
Accenture introduces new cybersecurity services leveraging generative AI, deepfake protection, and quantum-safe solutions to help clients become cyber-resilient organizations in the face of increasing AI-driven threats.
4 Sources
4 Sources
The Outpost is a comprehensive collection of curated artificial intelligence software tools that cater to the needs of small business owners, bloggers, artists, musicians, entrepreneurs, marketers, writers, and researchers.
© 2025 TheOutpost.AI All rights reserved