Okta Compromise in Focus: How to Safeguard SaaS Identities with SSPM

Presented by

Harold Byun, CPO, AppOmni & James McLean, Group Product Manager, AppOmni & Sean Heide, Research Technical Director, CSA

About this talk

Well-orchestrated spear phishing campaigns targeted at SaaS super admins are swiftly becoming a leading cyber threat. Threat actors are finding new ways to steal credentials from highly privileged accounts to “live off the land.” Threat actors exploited a novel attack method in the recent Okta HAR compromise, where they targeted an identity provider (IdP) with the intent to exploit its customer organizations. In addition to Okta being compromised, this compromise successfully targeted several Okta customer organizations. Learn step-by-step how this identity-centric breach occurred, the common attacker tactics, techniques, as well as procedures, and why managing your SaaS identity security without SaaS security posture management (SSPM) places organizations at risk for compromise and data loss. In this webinar, presented by AppOmni, we’ll discuss: • The common attacker tactics used in the Okta HAR breach • Why proactively securing and continuously monitoring the SaaS attack surface and ensuring appropriate security configurations of an Okta instance is essential • How SSPM conducts event monitoring to detect anomalous activity from a customer’s Okta instance, including being able to detect and alert on rogue IdP registrations
Related topics:

More from this channel

Upcoming talks (8)
On-demand talks (909)
Subscribers (67832)
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa