We need to shift how we as security practitioners break the barriers for collective threat awareness across identity touchpoints within cybersecurity. It’s become imperative that we gain the ability to continuously assess user risk with automatic response actions—a shift towards a unified, contextually-driven identity defense.
When we think about current trends, whether that’s working from home, sprawling SaaS, or the growing use of BYOD, we are confronted by an associated increase in the complexity of the IT/security stack and its fragmentation between all the different solutions required to deliver a safe user experience. The capstone challenge is that these solutions must not just co-exist; they must work together, seamlessly and automatically, because individually they are blind to parts of the problem, but collectively they are powerful.
There are underlying challenges that no single vendor can solve to help address these obstacles for securely enabling the modern workforce. Regardless of its efficacy, no one tool can solve all of these problems, let alone see all of these problems, and as a result we need modern tools to be integrated.
Zero trust underlies everything we are doing internally at Netskope, for our customers, and with our partners; we call this idea the Power of Zero. We’re going for an extensible, open exchange ecosystem where having a ZERO (for zero trust) as the common denominator means everyone participating is infinitely more powerful, not just additively effective.
That’s why we are excited to be a strategic launch partner with Okta on the road to this collective threat awareness ecosystem, or as they’ve outlined, the Shared Signals Framework (SSF). You can check out more on SSF and their recent announcement for Identity Threat Protection with Okta AI where Netskope CISO, Lamont Orange, shares a bit on our technology alliance partnership.
With that in mind, let’s expand on what we mean by establishing a collective risk awareness ecosystem.
For Netskope and the other integration partners joining the launch of Identity Threat Protection with Okta AI (OITP), this is the culmination of a vision that we’ve been talking to Okta and our other partners about for years. We’ve also been acting on this vision in the Netskope Cloud Risk Exchange. Thanks to machine learning and AI, each industry leading platform is able to derive accurate, high-true-positive information about what constitutes risk out of millions of individual data points. When you combine each of our unique views across Identity, Endpoint, and SASE into the detailed kinds of activities they can engage in, and continuously correlate users and/or devices, we’re able to create a combination of factors that are truly actionable and that go beyond the limitations of what any one of us knows.
The reality is, without something like the SSF, or threat awareness exchange, we’re creating friction: people are trying to read millions of logs, many vendors are going to have different API (or no API) for sharing, normalization will be erratic or non-existent, and adoption will be lower and slower than possible. We’re slow while the cybercriminals are automating everything at speed.
The tools are right for the data
SSF, A.I., and all these other factors are finally coming together. We’re finally reaching a point where the tools are right for the data that we have right now in order to do something meaningful that protects our customers more than we have been. We’ve been working towards the Zero Trust Risk framework at Netskope for quite a few years, and this is the natural next step, and that’s why I am especially excited about our partnership with Okta.
What does resolving a fragmented risk framework and sharing risk signals mean?
I had the pleasure and honor of speaking on the partner panel discussion at the Oktane Partner Summit this past week in San Francisco. There, strategic partners such as Netskope and Jamf shed some light on how we’re integrated with the OITP solution and SSF. In the second half of our discussion, Okta moderator and Sr. Director of Product Management, Jamie Fitz-Gerald asked how easy it was to implement this integration and how we decide what risk scores mean across the Netskope platform and Okta’s platform—here’s a quick video that covers what I had to say.
Identity-centric security
By combining the shared threat signals and risk scores across EDR, CASB, and SASE solutions, we can effectively generate meaningful drivers for accelerated risk response. Okta enables this integration for sharing confidence scores by plugging into Netskope’s Cloud Exchange platform and its SSF/CAEP based connector hosted in the User Risk Exchange module. URE is a tool that can help you improve your security posture by automating user and device access control and security policies. This integration grants mutual customers a holistic view of each user’s risk, regardless of where they are accessing your resources from. You can dive deeper on this and review our deployment guide here around the Okta plugin for User Risk Exchange, here.
Through our integrations with Okta, customers and their end-users alike, can benefit from heightened security without compromising user experience.
Continuous adaptive zero trust
The bridge connecting our Netskope security tools and risk awar