Okta + Proofpoint

Unite identity and email security to protect against credential theft and phishing

The Challenge

  • Phishing and stolen credentials are the two leading threat vectors in successful breaches1
  • These attacks are constantly evolving and often target the weakest point in an organisation's attack surface–the end user
  • Safeguarding access without negatively impacting the user experience calls for adaptive security controls
  • Organisations need a comprehensive strategy to prevent and remediate successful credential phishing attacks to protect users, emails, and data

The Solution

Okta and Proofpoint combine leading identity and email security solutions to safeguard Office 365, G Suite, and the broader IT environment.

Protect your users from the top attack vector, credential phishing, to achieve people-centric security.

Apply adaptive security policies to all your users, including enforcing stronger authentication requirements for your most targeted people.

Orchestrate remediation against credential-phishing attacks, like automatically enforcing step-up authentication on potentially compromised users.

Strengthen enterprise defense with a shift to strong identity management

Attackers are evolving their techniques to target people rather than infrastructure, and enterprises need to shift from traditional perimeter defense to identity-driven security. The Okta Identity Cloud and Proofpoint’s Targeted Attack Protection (TAP) make this possible, working together to combine best-of-breed identity management with world-class email security to help secure Office 365, G Suite, and your entire IT environment. The joint solution provides a powerful defense against phishing and credential-based attacks, giving enterprise teams unprecedented visibility across today’s threat landscape, granular adaptive controls for proactive security, and powerful tools to automate threat remediation.

Protect all users, even those most targeted, with adaptive security policies

Enterprises need to protect all users, but not all users are considered equal by attackers. Some people within your organization are more likely than others to be targets of attack, such as executives, admins, and developers, because they have access to sensitive information and/or high levels of access. And sometimes your most attacked people are not who you expect. It’s important to understand who are your most at-risk users, or Very Attacked Persons (VAPs), and be able to proactively protect them. Proofpoint provides visibility into attacks, including attack types and targets, and identifies your organization’s VAPs, which is a dynamic list based on how attacks and targets evolve over time. Through an API integration, Proofpoint sends VAP information to Okta, enabling organizations to apply adaptive controls across users, devices, and applications. The Okta Identity Cloud can enforce stronger security policies, like restricting application access or applying stricter password requirements, against your most at-risk users. This enables you to provide proactive, granular protection when and where it’s needed most.

Quickly remediate attacks with automated security responses

Hackers are increasingly targeting employees to gain access to enterprise assets, and security teams are scrambling to manage disparate tools to sift through a never-ending stream of security alerts. Strong email security and identity-centric remediation tools can help enterprises confidently automate incident response to reduce response time and help turn the tide against credential phishing attacks. When a user clicks on a malicious link in an email, Okta and Proofpoint work together to enable decisive automated actions that contain the threat and limit the damage. The integration automates remediation actions, like quarantining malicious emails through Proofpoint’s Threat Response Auto-Pull (TRAP) and enforcing step-up authentication on potentially compromised users through the Okta Identity Cloud.

Strengthen enterprise security with unprecedented threat visibility and remediation tools

  • Protect the enterprise with comprehensive email and identity security for people-centric security
  • Take an adaptive, risk-based approach to mitigate credential-phishing threats
  • Enable identity-driven, automated remediation actions against attacks as they happen

Verizon 2019 Data Breach Investigations Report