Wiz Defend is Here: Threat detection and response for cloud

    Overview

    Wiz support for Okta enable customers to secure their cloud identities managed by Okta by gaining deep visibility into Okta users and API tokens, their cloud permissions, misconfigurations and related risks, and real-time threats. With this launch, mutual customers can effectively protect their Okta identities and remove risk from their Okta and cloud environment. 

    Challenge

    Protecting identities in the cloud is paramount to ensuring the security and integrity of your data and resources. Misconfigured identities or identity-related risks can create an entry point into your cloud environment and even lead to lateral paths, and eventually your crown jewels. Such identity risks can put an environment at critical risk such as a breach or account takeover and according to Verizon, 77% of attacks involve compromised credentials. That is why it is crucial to implement robust identity protection measures in place. 

    To reduce the overhead of securely managing identities, many organizations leverage Okta for cloud federation and identity management. Okta helps organizations manage authentication into their cloud version control systems (such as GitHub), and other SaaS platforms and provides an easy and secure way for them to centrally manage identities and the applications they build. With Okta, users get an easy and secure login that removes passwords and leverages a user-friendly authentication flow.  

    Benefits

    • Full Visibility into Okta Identities 

    To effectively protect cloud entitlements, organizations need to successfully answer “Do I know what all my cloud identities and their permissions are?”. Therefore, the first step is to obtain a centralized view of all your identities, no matter where they are managed, along with their cloud permissions. Customers can now gain comprehensive visibility into Okta identities, which are also modeled on the Wiz Security Graph, so they can easily identify which users are in which groups, and what their effective permissions in the cloud are.  

    • Analyze effective permissions to identify high-privileges, admin, and excessive permissions 

    After answering “who can access what?”, organizations need to consider whether the given permissions follow the principle of least privilege and answer “are the effective permissions properly scoped?”. With this launch, Wiz automatically identifies Okta identities that have cloud high privileges or admin permissions so you can easily detect and scope down permissions. You can also detect Okta identities with excessive permissions in the cloud and get granular recommendations to adjust these permissions. This enables you to follow guided remediation steps to reduce access and revoke unused permissions effectively. 

    In addition, Wiz now extends our attack path analysis to Okta, correlating misconfigurations and other CIEM information to cloud risks such as sensitive data, vulnerabilities, and exposed secrets to detect attack paths that can result in a critical risk such as a breach or account takeover. This enables customers to understand and proactively remove Okta to cloud attack paths.

    • Enforce secure configuration in Okta

    “How do I establish security best practices to protect my Okta organization?” is the question organizations need to ask next. Misconfigured security settings can pose significant security risks. Wiz helps identify those misconfigured settings in Okta through built-in checks. For example, these checks assess to see if that there is an MFA policy for the user that requires hardware authenticator, as well as a check to evaluate that the password policies adhere to Okta’s recommendations. You can quickly identify deviations from security best practices and remediate to increase the security posture of your Okta environment.

    • Remove threats in Okta in near real-time 

    Not only are customers empowered to proactively remove identity risks in their environment, but they can now also detect threats in near real-time in Okta. We've introduced new built-in threat detection rules for Okta which enable customers to quickly identify and respond to potential threats, such as an Okta user that had MFA deactivated or MFA enumeration brute force. With the graph-based context, you can easily understand what is the blast radius of such a threat in the cloud and reduce its impact.

    Better Together

    Wiz's support for Okta empowers customers to protect their cloud identities and remove risk, from prevention to detection. Get started now with protecting your Okta identities, you can learn more in the Wiz docs (login needed). If you prefer a live demo, we would love to connect with you. 

    Get a personalized demo

    Ready to see Wiz in action?

    “Best User Experience I have ever seen, provides full visibility to cloud workloads.”
    David EstlickCISO
    “Wiz provides a single pane of glass to see what is going on in our cloud environments.”
    Adam FletcherChief Security Officer
    “We know that if Wiz identifies something as critical, it actually is.”
    Greg PoniatowskiHead of Threat and Vulnerability Management