Beyond Identity, the leading provider of passwordless, phishing-resistant MFA, today released the Okta Defense Kit, a duo of two preventative tools to help security and identity professionals identify and prevent security vulnerabilities, including those that contributed to recent breaches of the identity management service Okta.
Okta has been subject to numerous breaches over the last few years, resulting from threat actors using tactics that include compromising user credentials or third-party applications with access to Okta’s support or internal applications. These breaches underscore the need for proactive security measures, especially for organizations with limited IT and security resources. To help Okta customers detect, remediate, and diagnose vulnerabilities in their Okta environment, Beyond Identity built a new Okta Defense Kit that empowers IT, security, and identity professionals to protect against known malicious patterns. The kit includes two free tools, Okta Session Analyzer and HAR File Sanitizer.
Okta Session Analyzer
The Okta Session Analyzer assesses Okta event logs to detect and highlight indicators of compromise (IOC) that signal risky sessions, based on the specific tactics, techniques, and procedures (TTPs) hackers have been leveraging to carry out recent attacks. For example, the tool can detect indicators of push bombing attacks, fast travel, changes to delegated identity providers, and more. In less than thirty minutes, this tool makes it possible for companies to easily get the visibility they need to identify and defend against known attack patterns.
HAR File Sanitizer
Another source of risk can arise from HTTP archive (HAR) files. For this reason, Okta recommends that customers “sanitize” these files before uploading them to support centers for troubleshooting. With Beyond Identity’s open source HAR File Sanitizer, companies can effectively scrub sensitive information, like cookies and session tokens, from their HAR files to ensure they can be shared confidentially and without compromising user data.
“The best security is preventative security where organizations can detect and remediate vulnerabilities in their environment before bad actors are able to exploit them,” said Jasson Casey, CEO of Beyond Identity. “With our Okta Defense Kit, we are enabling organizations to proactively assess exposure to breaches and leverage known indicators and vectors of compromise to protect their enterprise environment against bad actors targeting Okta customers.”
Click here to start using the Okta Breach Defense Kit today.
About Beyond Identity
Beyond Identity is revolutionizing digital access for organizations looking to improve protection against cyberattacks and deliver the highest levels of security for their workforces, customers, and developers. The company’s ability to remove passwords, provide phishing-resistant multifactor authentication, and device trust improves security and user experience. The platform delivers continuous risk-based authentication incorporating signals from the zero trust ecosystem to ensure only valid users and secure devices gain or maintain access to critical resources. Organizations like Snowflake, Unqork, and Cornell University rely on Beyond Identity’s highly available cloud-native platform to thwart attacks and advance their zero trust strategies. To learn more about Beyond Identity’s FIDO2-certified multi-factor authentication (MFA) solutions, visit beyondidentity.com and stay connected with us on Twitter, LinkedIn, and YouTube.
View source version on businesswire.com: https://www.businesswire.com/news/home/20231106047203/en/