According to the 2018 Verizon Data Breach Investigations Report, stolen credentials continue to top the list of causes for data breaches. Many organisations still focus on securing their network perimeter instead of how they secure their extended enterprises. By adopting a Zero Trust security model, organisations can better position themselves to respond to credential-based attacks by shifting their focus from protecting legacy single, large perimeters to protecting every user and device within the organisation.
The joint Exabeam and Okta solution will help security teams to monitor and protect enterprises against credential-based threats. Exabeam Security Intelligence Platform (SIP) ingests user authentication events and rich identity context via API integration. Exabeam then analyzes that information and adds meaningful context to enable the detection of suspicious login activities. Security teams can then take immediate action via fully or partially automated playbooks that require suspicious users to verify their identity via step-up authentication, or that enforce containment actions, such as disabling the user’s account, reducing the user’s access or denying authentication attempts.
“Whether it’s a malicious or compromised insider, credential-based threats are tricky to identify,” said Ted Plumis, vice president of Worldwide Channels at Exabeam. “We are excited to partner with Okta to deliver a sophisticated, orchestrated security solution that will provide customers with visibility and additional context—empowering analysts to identify and remediate compromised user accounts in real time.”
“In today’s threat environment, security is at the forefront of every organisation’s mind, no matter what industry they are in, and the more intelligence that is available to them, the better decisions they can make to keep their users and data safe,” said Chuck Fontana, vice president of Integrations and Strategic Partnerships, Okta. “We’re excited to be working hand-in-hand with Exabeam to unite Okta's rich identity insights and user remediation with Exabeam's exceptional user and entity behaviour analytics capabilities to help close the security loop against sophisticated threats.”
The joint solution provides a complete view of security events across an organisation, contextualised with user identity information, in a unified security management system that detects suspicious from normal behaviour, surfaces real alerts instantly with clarifying contextual data, and initiates automated remediation measures where appropriate.