David Bradbury

Okta’s Secure by Design Pledge - One Year On

A one-year progress update on Okta's commitment to the CISA Secure by Design Pledge.
Ryan Mombourquette

Leveraging Okta System Logs for Proactive Threat Detection

Introducing the Okta Security Detection Catalog, a repository of detection queries designed to help Okta customers.
Tushar Badlani and Matthew Hansen

Enhancing Customer Trust Through a Comprehensive Audit Program

This is the third iteration in our blog series. This blog article explores how the Okta Security Customer Audit further enhances the Customer Trust function, driving even greater transparency and confidence in our security practices to meet our customers' regulatory and compliance requirements.
Rob Gil and Naveed Mirza and Brandon Iske

Okta's new Security Technical Implementation Guide (STIG)

Okta recently announced our partnership with DISA, which has resulted in the release of the Okta Identity as a Service (IDaaS) Security Technical Implementation Guide (STIG) an an effort to secure baselines for the industry.
Aimi Mcilwraith

A Guide to DORA Compliance with Okta

This blog article provides a brief overview of the DORA regulation, outlines how Okta can support compliance adherence, and introduces our new Factsheet, a helpful resource for satisfying DORA's regulated requirements.
Okta Threat Intelligence

How AI services power the DPRK’s IT contracting scams

Nobody does GenAI quite like a fake IT worker.
Zach Newton

Detect and Prevent Cross Device Authentication

Trusted App Filters accounts for Identity-based attacks arising from compromised hardware. This blog article provides insights and resources on preventing and detecting Cross Device Authentication (CDA) authentication attacks.
Carmen Girardin

How Responsible Disclosures are Shaping a Safer Cyberspace

What was once considered a controversial topic has gained widespread appeal as a crucial practice in the ongoing fight against threat actors and vulnerability exploitation. Ethical hackers and security researchers are revolutionizing today’s vulnerability management programs and reducing online risks by participating in Bug Bounty programs and disclosing vulnerabilities responsibly.
Carmen Girardin and Caroline von Konigsmark

Cybersecurity’s Next Gen

Cyber safety begins with healthy cybersecurity habits. Early adoption of good habits can protect our youth from online threats like cyberbullying, exposure to inappropriate content, and identity theft. This blog article introduces Okta's Cyber Kidz program, which was launched earlier this year in Sydney, Australia. Okta’s commitment to security from the ground up is demonstrated by empowering the next generation with essential cybersecurity skills.
Okta

Next.js CVE-2025-29927

On March 21, 2025, Vercel disclosed a critical security vulnerability (CVE-2025-29927) which makes it possible to bypass authorization checks within a Next.js application if the authorization check occurs in middleware. Note: The Okta service is not affected by this vulnerability.
Page 1 of 13