Unified identity: An ecosystem-driven approach to security and IT (HYB102)
Summary
Identity Under Attack
Identity is increasingly under attack, with bad actors targeting credentials and entitlements across employee, partner, customer, and machine identities.
Over 80% of breaches stem from identity-related attacks or the use of compromised credentials, and this trend is worsening.
The proliferation of SaaS and cloud adoption has led to a growing number of identities across application and infrastructure layers, making it challenging to gain visibility and secure them.
Octa's Workforce Identity Cloud
Octa's mission is to enable the safe use of any technology at work through a unified, identity-secured solution.
This involves three key areas:
Discovering and determining identity-related risks and applying secure-by-default policies.
Enforcing strong, phishing-resistant authentication across critical applications and resources.
Detecting and responding to changes in authenticated sessions to prevent account takeovers.
Identity Governance and Privileged Access
Octa Identity Governance provides self-service access requests, cross-domain workflows, and life cycle management for internal and external users.
Octa Privileged Access follows best practices for managing privileged accounts, vaulting secure assignments, rotating secrets, and facilitating access requests to critical systems.
Enforcement and Authentication
Octa Fastpass enables authentication through managed or unmanaged devices, with FIPS-compliant access and the ability to configure policies for the right assurance level.
Device assurance provides advanced remediation controls and grace periods, allowing users to self-manage device care.
The Octa AWS CLI integration uses a device authorization OAuth flow to provide seamless access to APIs through a trusted, managed device.
Detecting and Responding
Octa's Identity Threat Protection (ITP) continuously assesses user activity, adapting authentication requirements based on risk factors and forcibly logging out users if necessary.
Identity Threat Analytics provides full visibility into these identity-related events and anomalies.
Integrations and Ecosystem
Octa has invested heavily in expanding the breadth and depth of its integration network, supporting over 7,500 integrations across various identity capabilities.
Octa is working with the OpenID Foundation to develop a new standard for B2B SaaS, called the Interoperability Profile for Secure Identity in the Enterprise (IPSE), to enable better interoperability and security across the identity ecosystem.
Slack's Journey with Identity Security
Slack initially struggled with just-in-time provisioning and learned the importance of SCIM-based integration to bring in rich user profile information and enable role-based access.
Slack expanded its support for multiple identity providers to accommodate different user types, such as contractors and partners.
Slack leverages Octa's shared signals framework to send behavioral information about user activity, which customers can use to trigger automated responses like session termination.
Slack's focus on open standards and shared responsibility with identity providers has been beneficial for customers, improving the login experience, reducing risk, and streamlining onboarding and offboarding.
These cookies are used to collect information about how you interact with this website and allow us to remember you. We use this information to improve and customize your browsing experience, as well as for analytics.
If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference.