Enabling customers to secure their corporate assets while easily moving to the cloud has always been at the forefront of Preempt’s mission. While Preempt shines in preventing network threats with our unique detection capabilities, such as our ability to decrypt NTLM relay attacks in real-time, our goal has always been to bring these advanced threat detection and prevention capabilities to the cloud.
Achieving the same visibility and control both on-premises and in the cloud is difficult. Okta offers context-aware visibility and strong enforcement capabilities for cloud applications, but cannot offer the same feature set at the network level. Preempt helps bridge that gap by leveraging Okta’s multi-factor authentication and single sign-on capabilities for all network resources – whether a domain-joined workstation or a legacy application – in order to secure access based on context and risk, and in turn prevent threats in real-time. Preempt has integrated with Okta to help customers optimize their security investments so that they can get unified visibility and adaptive enforcement both on-premises and in the cloud.
Preempt for Okta Use Cases
Customers who have deployed Preempt for Okta can expect these exciting capabilities:
1. Enforcing Context-Aware Multi-Factor Authentication
Trigger MFA adaptively based on changing risk or threat context. Implementing adaptive MFA is critical for protecting against credential compromise, as user credentials are still the #1 target for attackers seeking access to sensitive systems and applications. Preempt automatically detects risky behavior such as unknown endpoints accessing critical servers or threats like the presence of a stealthy administrator in a network. Once potentially malicious activity is detected, Preempt then triggers an Okta MFA challenge based on risk or policy. See how below:
2. Applying Single Sign-On Policies Based on Risk
Leverage Preempt’s threat detection capabilities to update and fine-tune your Okta SSO policies for users and groups. Uniquely with the Preempt Platform, you can prevent threats such as lateral movement and unauthorized access. Preempt leverages proprietary pattern recognition and analytics to detect the misuse of hacking tools (eg. Mimikatz, Bloodhound, etc) in order to help organizations stop attacks such as Kerberoasting, Pass the-Hash, and Golden Ticket. When risky behavior is spotted, you can create risky user groups to set and enforce appropriate policies that help respond to incidents and thereby get a faster resolution. Watch below:
3. Extending Secure Access to All Network Assets
Preempt can enable multi-factor authentication in front of virtually any network asset including proprietary and custom systems, servers, devices, and applications that Okta does not support. Essentially any network-level authentication or authorization to the domain controllers (i.e. through a Powershell tool) can be protected with strong authentication through Preempt without the need for an invasive agent. For example, Okta customers who deployed Preempt can enforce secure local login to sensitive domain-joined workstations by requiring an out-of-band push notification before they are allowed access. By using Preempt, organizations can easily add adaptive authentication based on risk scoring or policy – to their workstations, systems, and applications – without requiring any changes or customization to the applications themselves. Take a look:
4. Enabling Unified Visibility Across the Environment
Get full visibility of user behavior, risks, and threats both on-premises and in the cloud. Preempt breaks downs silos by allowing you to get a complete understanding of your risky accounts in one central location so that you can take actionable steps to preempt threats. With a single easy-to-use management console, Preempt provides a continuous health and risk assessment – revealing password problems, privileged access abuse, stealthy admins, Active Directory (AD) configuration issues, and more – so that you can gain more control over all accounts and use that visibility to provide threat intelligence and risk insight. See how it easy it is to get visibility:
Protecting All User Access In Hybrid-Cloud Environments
Preempt allows customers to leverage unique threat detection capabilities that extend to all of their cloud applications protected by Okta. Uniquely, we also extend Okta policies more granularly throughout the network, such as enabling secure access to on-premises applications like Microsoft Remote Desktop (RDP) without the need for an endpoint agent. Integrating Okta with Preempt allows customers to get maximum value out of their security investments with unified visibility and adaptive enforcement both on-premises and in the cloud to prevent threats. Okta helps extend Preempt’s proprietary threat detection capabilities to the cloud, and Preempt extends Okta’s authentication and SSO capabilities to protect access to sensitive systems and applications on the network. Together, these two modern and complementary solutions ensure that customers who have a changing hybrid-cloud environment can securely conduct business, while reducing the attack surface exposed to any bad actor attempting to compromise credentials and take over critical assets.
*** This is a Security Bloggers Network syndicated blog from Preempt Blog authored by Monnia Deng. Read the original post at: https://blog.preempt.com/optimize-your-okta-deployment-with-preempt