Trusted App Filters accounts for Identity-based attacks arising from compromised hardware. This blog article provides insights and resources on preventing and detecting Cross Device Authentication (CDA) authentication attacks.
What was once considered a controversial topic has gained widespread appeal as a crucial practice in the ongoing fight against threat actors and vulnerability exploitation. Ethical hackers and security researchers are revolutionizing today’s vulnerability management programs and reducing online risks by participating in Bug Bounty programs and disclosing vulnerabilities responsibly.
Cyber safety begins with healthy cybersecurity habits. Early adoption of good habits can protect our youth from online threats like cyberbullying, exposure to inappropriate content, and identity theft. This blog article introduces Okta's Cyber Kidz program, which was launched earlier this year in Sydney, Australia. Okta’s commitment to security from the ground up is demonstrated by empowering the next generation with essential cybersecurity skills.
On March 21, 2025, Vercel disclosed a critical security vulnerability (CVE-2025-29927) which makes it possible to bypass authorization checks within a Next.js application if the authorization check occurs in middleware. Note: The Okta service is not affected by this vulnerability.
CSO Conversations is a blog series interviewing Okta’s Regional CSOs supporting David Bradbury, Okta’s Chief Security Officer in providing the best service for our customers. Okta’s Regional CSOs are integral to Okta’s Security Trust and Culture team, building and strengthening trusted advisor relationships with global security thought leadership.
This is the second blog publication in our series on Security Customer Trust. In our first blog, we explored how Okta’s Security Customer Trust team proactively maintains transparency and introduced our mission: to bolster security outcomes for Okta and the communities we serve. In this blog, we’ll touch on how we’ve introduced efficiencies in supporting these challenges through enablement, automation and self-service accesses.
At Okta, prioritizing security at the earliest stages of technology development and throughout the Software Development Lifecycle (SDLC) is of utmost importance. This blog article introduces our new Secure Development Lifecycle (SDL) whitepaper and highlights the importance of secure development practices throughout the technology lifecycle.
CSO Conversations is a blog series interviewing Okta’s Regional CSOs supporting David Bradbury, Okta’s Chief Security Officer in providing the best service for our customers. Okta’s Regional CSOs are integral to Okta’s Security Trust and Culture team, building and strengthening trusted advisor relationships with global security thought leadership.
Content-Security-Policy (CSP) is essentially allow-list policy that dictates what a web page can load. CSP is complex to implement and rollout - even a minor mistake could mean that important parts of the page will not load, which in Okta’s case could mean trouble authenticating. This blog article aims to provide a glimpse into our secure implementation journey and guidance for the industry based on lessons learned.
