sb-eu logo
Story image

Proofpoint integrates people-centric protection with Okta’s Identity Cloud

09 Sep 2019

Cybersecurity and compliance company Proofpoint has today announced an expansion to its technology partnership with identity and access management services provider Okta to bolster how organisations protect their most at-risk users from sophisticated cyberattacks.

Through this streamlined integration, joint customers can leverage Proofpoint’s people-centric Targeted Attack Protection attack index, which scores threats based on their criticality, to identify their very attacked people (VAPs) and apply stronger access controls to better protect those users with the Okta Identity Cloud.

“Our Okta partnership delivers exceptional value for our customers and channel partners—and today we are expanding on our commitment to helping organisations automatically dial-up protection for their users that receive the most critical and targeted phishing, malware, and impostor attacks,” says Proofpoint Cybersecurity Strategy executive vice president Ryan Kalember.

“Adversaries continue to attack specific people within organisations, including many that aren’t traditionally considered likely victims.

“Our people-centric intelligence provides essential insight into who an organisations’ VAPs are and how they are being attacked.

While we have several adaptive controls built into our solutions, our partnership with Okta extends these capabilities to include identity and access management and provide additional account protection in seamless, cloud-to-cloud integration.”

Joint Proofpoint and Okta customers can now integrate Proofpoint Targeted Attacked Protection (TAP) user risk insight with the Okta Identity Cloud.

Users that are identified as VAPs by Proofpoint will automatically be placed into a high-risk user group in Okta, allowing administrators to apply adaptive policy controls and higher assurance factors before granting access to resources.

Okta Integration Network vice president Chuck Fontana says, “At Okta, our mission is to enable any organisation to securely use any technology – making sure the right users have access to the right resources, at the right time, and preventing access to unauthorised users or requiring stronger assurance in high-risk scenarios,” says.

“By partnering with Proofpoint, we can provide our joint customers with the ability to automatically detect high-risk users and apply stronger authentication controls and policies to those users.

“This makes it easier and more efficient for administrators to identify and take action on today’s biggest security threat, people - and their identities - to improve the security posture of their organisation.”

With this integration, joint customers can apply adaptive controls such as;

  • Assign application access or restrict access to sensitive applications
  • Apply dynamic access policies aligned to user risk, including limiting session length and requiring higher assurance factors for MFA
  • Adjust a user’s role and entitlement for authorisation in downstream applications
  • Adapt password policies for complexity, history, expiration, and reuse

This latest Okta integration also builds on the existing Proofpoint Threat Response Auto-Pull (TRAP) integration, which enables security teams to orchestrate response actions to protect users who have clicked on phishing links.

Story image
Ripple20 threat could affect 35% of all IT environments – ExtraHop
The vulnerabilities have the potential to ‘ripple’ through complex software supply chains, enabling attackers to steal data or execute code.More
Story image
Strong cybersecurity posture crucial for company success - Fortinet
"They should also conduct due diligence to ensure partners aren’t inadvertently creating vulnerabilities with insufficient cybersecurity measures."More
Story image
California's CCPA now enforced worldwide
“The expansive reach of the CCPA and scope of data it covers can make compliance feel daunting to many,” comments ISACA Privacy Group member David Bowden.More
Story image
Misinformation on the rise, organisations consider how best to respond
The increase in misinformation and fake domains have left organisations perceiving the threat level to be ‘very significant’, with a third planning greater emphasis on their ability to respond in coming months.More
Story image
Radware issues security alert, warning of global rise of DDoS-for-hire
Efforts from corporations, law enforcement and independent researchers around the world have attempted in the last two years to curb this growth – but the industry keeps growing says Radware information security researcher Daniel Smith.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More