Tushar Badlani

Unveiling the Essence of the Security Customer Trust Function

Trust plays a pivotal role in getting new prospects interested and retaining current customers. Earning and maintaining customer trust isn't just a goal; it's a commitment guiding every decision.
Ann Wallace

Security Education Through the Art of Storytelling

In today's digital world, cybersecurity isn't just a technical issue, it's a human one.
Kalpana Adlakha and Brett Winterford

Seven Ways to Reduce Super Admins in Okta

The first step in your journey to Zero Standing Privileges is to reduce the standing assignment of highly privileged roles.
David Bradbury

The Case for Zero Standing Privileges

Why privileged users need to embrace Just-In-Time role assignment.
Johannes Stockmann and Dan Post and Okta Product Security

FastPass: The battle-hardened authenticator

A short history of hardening Okta FastPass.
Okta

Detecting Cross-Origin Authentication Credential Stuffing Attacks

Summary Okta has determined that the cross-origin authentication feature in Customer Identity Cloud (CIC) is prone to being targeted by threat actors orchestrating credential-stuffing attacks. As part of our Okta Secure Identity Commitment and commitment to customer security, we routinely monitor and review potentially suspicious activity and proactively send notifications to customers. In this case, we have proactively notified the customers we identified that have this feature enabled, and...

Moussa Diallo and Brett Winterford

How to Block Anonymizing Services using Okta

Summary: Every customer using the Workforce Identity Cloud and Customer Identity Solution can now block access requests originating from anonymizing services prior to authentication. Over the last month, Okta has observed an increase in the frequency and scale of credential stuffing attacks targeting online services, facilitated by the broad availability of residential proxy services, lists of previously stolen credentials (“combo lists”), and scripting tools. From March 18, 2024 through to...

Stephen McDermid

Why Cyber-heroes need a Zero Trust CAEP!

In the modern digital landscape, where threats evolve and organizational perimeters extend into the cloud, maintaining a strong security posture requires more than static defense mechanisms. This is where the Continuous Access Evaluation Profile (CAEP) and the Shared Signals Framework (SSF) come into play. At the recent Gartner Identity & Access Management Summit in London , Apoorva Deshpande, Okta Engineering Lead, along with other OpenID Foundation SSF Working Group members, demonstrated...

Okta

Okta Verify Vulnerability Disclosure Report - Response and Remediation

Summary Okta has confirmed and remediated a reported Okta Verify vulnerability. No action is needed by customers, and outside of the original proof of concept Okta did not identify any evidence of attempts to exploit this vulnerability. As part of our recent Okta Secure Identity Commitment, we are communicating this remediation to customers in the spirit of transparency. Response On April 5th, Okta received a report from a researcher at Persistent Security of a potential vulnerability in...

John Murphy

Defensive Domain Registration is a Mug’s Game

Summary: The time and effort spent on defensive domain registration would be better invested in writing phishing-resistant authentication policies. Today I want to make the case that registering domains for the sole purpose of protecting against phishing is tackling the phishing problem from the wrong angle. It is, to use a very British idiom, a “mug’s game”: an effort that’s unlikely to yield much success. Most organizations register additional domains based on various permutations of their...

Page 1 of 11