Software Security
Okta | October 09, 2023
Okta, Inc. announces Identity Threat Protection with Okta AI, a new product for Okta Workforce Identity Cloud.
It enables security teams and admins to constantly evaluate user risk during active sessions and respond automatically to Identity threats across the entire ecosystem.
Identity Threat Protection enables organizations to mitigate risk with enhanced threat detection and response capabilities.
Okta, Inc., the leading independent Identity partner, has introduced Identity Threat Protection with Okta AI, a revolutionary product within the Okta Workforce Identity Cloud. This innovative solution provides identity-based threat detection and mitigation in real-time. Identity Threat Protection goes beyond initial authentication by employing Okta AI and security infrastructure insights. It assures continuous user risk assessment during active sessions and enables automatic responses to Identity threats across the entire ecosystem.
Organizations are increasingly adopting diverse cybersecurity tools to counter evolving threats. However, this leads to a flood of detailed security data, making it daunting for administrators to set up efficient policies and identify crucial threats. This fragmentation makes it challenging to track the risk of any specific user session over time and requires navigating various consoles.
Okta stands out with its unified Identity deployment, offering a unique ability to evaluate risks across security domains and active user sessions. This innovative strategy solves a crucial business challenge as, according to Gartner, "By 2025, organizations that adopt a continuous adaptive trust strategy will reduce [account takeover] along with other identity risks by 30%..."
President and CDO of Workforce Identity Cloud at Okta, Sagnik Nandy, said,
Organizations need the ability to not only bring together risk insights at the point of login, but also to re-evaluate at any point in a user’s session. Identity Threat Protection extends Okta’s adaptive risk analysis and delivers automatic remediation and response, assisting businesses stop potential threats in real-time.
[Source – Business Wire]
Multi-factor authentication (MFA) is a vital tool in combating identity-based attacks. However, its effectiveness typically extends only to the login stage. Using shared signals throughout a user's active session, Identity Threat Protection equips organizations with enhanced threat detection and response capabilities, thereby mitigating risk. Initial launch capabilities include:
Continuous Risk Evaluation
Shared Signals Pipeline
Adaptive Actions
CIO at Palo Alto Networks, Meerah Rajavel, said,
Our world-class threat intelligence innovations assist secure enterprises against evolving attack methods. Partnering with Okta’s Identity Threat Protection is a great opportunity to further empower enterprises with security signal sharing, assisting them to better detect changes in user risk across their tech stack.
[Source – Business Wire]
Read More
Network Threat Detection
iTWire | October 30, 2023
Fortinet, the global cybersecurity leader driving the convergence of networking and security, has announced the expansion of its Universal SASE offering to empower today’s hybrid workforce with FortiOS everywhere.
Ken Xie, founder, chairman of the board, and chief executive officer, said, The Fortinet operating system, FortiOS, is the industry’s only enterprise-grade converged operating system able to support all secure access service edge (SASE) functions, including firewall, software-defined wide area network (SD-WAN), secure web gateway, encryption/decryption, cloud access security broker (CASB), data loss prevention (DLP), and zero trust network access (ZTNA), whether deployed in an appliance or cloud-delivered from Fortinet.
“This approach enables over 30 converged networking and security functions to be managed through a single console. Fourteen of these functions are accelerated when deployed on our new FortiASIC Security Processor 5-based FortiGate 120G SASE appliance.”
Expanding Fortinet Universal SASE
Single-vendor SASE provides flexible access to critical resources and applications for users and devices. However, most enterprises rely on different vendors for each SASE function, which introduces significant challenges of controlling different operating system functionality and management consoles. Fortinet Universal SASE takes traditional single-vendor SASE one step further, providing consistent policies and controls on-prem and in the cloud while delivering seamless integration across all functions and deployments to better support today’s hybrid workforce while reducing information technology (IT) overhead.
FortiOS runs the full SASE stack, including a bi-directional firewall, SD-WAN, secure web gateway, encryption/decryption, CASB, DLP, and ZTNA. It also has the flexibility to run on an appliance in accelerated mode as well as in the FortiSASE cloud, providing consistent networking, security, and policy management for every edge. This is further enhanced by FortiGuard artificial intelligence (AI)-powered security services, such as intrusion prevention system (IPS), domain name system (DNS) filtering, URL filtering, anti-malware, sandboxing, and more.
This news expands Fortinet’s investment in Universal SASE by expanding the reach of its SASE stack in three key areas of the portfolio:
Worldwide coverage of FortiSASE cloud locations
FortiSASE, built on a global, scalable cloud network, delivers the same SASE stack as FortiGate appliances through its regional FortiSASE cloud locations. To deliver the best user experience and higher service availability, Fortinet now delivers over 100 FortiSASE cloud locations globally.
Bringing accelerated SASE to the campus and branch
To bring the full SASE stack to campus and branch locations, Fortinet is announcing the new FortiGate 120G SASE appliance. Because it is powered by Fortinet’s patented security processor 5 (SP5) custom application-specific integrated circuit (ASIC), it can accelerate many elements of the SASE stack, such as delivering three gigabits per second (Gbps) of secure sockets layer (SSL) inspection—an average of six times faster than the industry average—for visibility into encrypted traffic at scale. The following Secure Compute Rating table provides a comparison between equivalent solutions:
Flexible consumption extended to Universal SASE
FortiFlex, Fortinet’s flexible consumption program, has now been extended to Fortinet Universal SASE solutions. The entire SASE stack from Fortinet can be consumed as part of FortiFlex, whether customers want to use on-prem or FortiSASE cloud-based services. FortiFlex offers usage-based licensing across cloud, hybrid cloud, and on-premises deployments to give IT teams the flexibility to continually right-size their deployments, reduce excessive procurement cycles for new security solutions, simplify the deployment and provisioning of new services, and maximise budget and return on investment by enabling IT teams to scale down or pause services as needed.
Read More
Network Threat Detection
GlobeNewswire | October 18, 2023
Fortinet (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced the expansion of its SASE Points-of-Presence (POPs) to new locations through a partnership with Google Cloud. The partnership allows Fortinet to leverage Google Cloud’s global network edge locations closest to their regions of presence, which deliver dedicated interconnect and 99.99% service availability, to accelerate the expansion of Fortinet’s Universal SASE solution.
Single-vendor SASE is a critical architecture organizations adopt to connect their hybrid workforces securely. A robust network of SASE POPs that are scalable and globally available is crucial to delivering a superior user experience while enabling a strong security posture.
By leveraging Google Cloud, Fortinet Universal SASE is even better positioned to serve a more extensive global footprint, ensuring that customers can seamlessly connect and secure their hybrid workforces to critical applications, said Michael Xie, Founder, President, and Chief Technology Officer of Fortinet. This partnership will expand our global POP resources and accelerate customer adoption of Fortinet’s Universal SASE solution. And because our SD-WAN solution is natively integrated with our SASE offering, Fortinet’s global SD-WAN customers now have an even broader ability to easily adopt integrated cloud-delivered security to implement a comprehensive Universal SASE solution.
“Organizations worldwide rely on the Google Cloud for critical networking and access,” said Muninder Sambi, Vice President and GM of Networking at Google Cloud. “Our expanded partnership with Fortinet can enable high uptime for customers looking to support their hybrid workforces with Fortinet’s SASE solution, along with the advantages of using Google Cloud’s Cross-Cloud Network, which include lower costs and improved application experiences.”
Converging Networking and Security with Fortinet Universal SASE
Fortinet’s Universal SASE solution uniquely converges networking and security to support today’s hybrid workforce, expanding network edges and new microbranches to enable secure access to applications while providing high ROI through consolidation and improved digital user experience. Fortinet’s solution includes an extended portfolio of critical technologies and services that enable organizations to adopt a zero-trust security posture by effectively applying and monitoring context-based policies regardless of the resource a user is accessing. Fortinet Universal SASE offers a high-performance and scalable cloud network with best-in-class AI-powered security, unified management, and end-to-end digital experience monitoring to ensure secure access to web, corporate, and SaaS applications.
Fortinet is the pioneer and leader of secure SD-WAN, the foundation of its Universal SASE solution. Universal SASE uses the same FortiOS operating system and AI-powered security services as its secure SD-WAN and cloud-delivered security service edge (SSE) solutions. This unique integrated approach extends secure web gateway (SWG), zero-trust network access (ZTNA), cloud access security broker (CASB), and Firewall-as-a-Service (FWaaS) solutions to its Universal SASE solution, enabling seamless connectivity, consistent end-to-end threat protection, and optimal user experience.
Read More