Unifying efforts, amplifying security: Shared Signals interoperability

The cybersecurity landscape is constantly evolving, demanding flexible and collaborative solutions. That's why Okta is proud to be at the forefront of the Shared Signals Framework (SSF), an emerging standard enabling seamless security data exchange between different vendors. Okta will successfully showcase its SSF and Continuous Access Evaluation Profile (CAEP) interoperability with industry leaders like Apple, SailPoint, and Cisco, and leading startups like SGNL, VeriClouds, and Helisoft, at the “CAEP interop demo” at the Gartner Identity and Access Management (IAM) summit in London. 

What is the Shared Signals Framework?

SSF is a game-changer in the security space. It defines a standardized format for sharing threat and risk intelligence between products and services. This allows organizations to leverage insights from various sources, creating a more comprehensive and unified security posture. Embracing such frameworks is pivotal for integrating disparate systems, which is crucial for enhancing rapid responses to security threats, enabling interoperability among security products and services, and fortifying cybersecurity defenses. 

Why is Okta leading the way in SSF and CAEP interoperability?

Okta believes in a collaborative approach to security. By actively participating in SSF standardization and demonstrating interoperability with key partners, we aim to:

• Boost security effectiveness: Sharing enriched threat data across different solutions empowers organizations to detect and respond to threats faster and more effectively.
• Simplify security operations: Eliminating vendor lock-in and streamlining data exchange reduces complexity and operational overhead for security teams.
• Accelerate innovation: Fostering an open ecosystem encourages innovation and the development of more advanced security solutions.

Okta is taking a step further and marrying the benefits of Okta AI with the shared signals framework, aiming to deliver the Early Access release of Identity Threat Protection with Okta AI (ITP) in the first half of 2024.  

Leveraging neutrality and broad integration, ITP acts as the unifying layer that cohesively integrates the diverse components of your tech stack. In doing so, it offers a new kind of security paradigm, enabling near-frictionless integrations and real-time, post-authentication risk assessments. 

Our interoperability journey with the OpenID Foundation

Okta actively participated in the OpenID Foundation's Shared Signal Working Group and is deeply involved in the "SSF and CAEP interoperability" event, successfully demonstrating interoperability with various partners using the CAEP within the SSF framework.

This collaboration underscores our commitment to:

• Utilize Open Standards: We are committed to using Open Standards as evidenced by our participation in standards bodies like OpenID and the integrations, solutions, features, and functionality we currently offer or are working on that use Open Standards.   
• Industry Collaboration: Working with leading vendors to contribute to the adoption and success of the SSF.
• Innovation: We are actively involved in shaping the future of security through participation in standard-setting bodies.

Looking ahead: A future of collaborative security

Our successful SSF interoperability demonstrations will mark a significant step towards a more collaborative and secure future. Okta remains committed to driving the adoption of the SSF and fostering a vibrant ecosystem of interoperable security solutions. Working together, we can create a more secure digital world for everyone.

Join us on this journey!

Learn more about Okta's commitment to SSF and how you can benefit from interoperable security solutions. The OpenID Foundation is hosting CAEP interoperability sessions at the Gartner IAM Summit in London. We are thrilled to provide demonstrations of Okta’s industry-leading CAEP integrations with Apple Business Manager and Apple School Manager and discuss integrations with other partners like SailPoint, Cisco, SGNL, VeriClouds, and Helisoft. Sign up to reserve your spots to see the first-ever public CAEP interoperability demonstration of how to share security signals between trusted parties.

Any products, features or functionality referenced in this blog that are not currently generally available may not be delivered on time or at all. Product roadmaps do not represent a commitment, obligation or promise to deliver any product, feature or functionality, and you should not rely on them to make your purchase decisions.

These materials and any recommendations within are not legal, privacy, security, compliance, or business advice. These materials are intended for general informational purposes only and may not reflect the most current security, privacy, and legal developments nor all relevant issues. You are responsible for obtaining legal, security, privacy, compliance, or business advice from your own lawyer or other professional advisor and should not rely on the recommendations herein. Okta is not liable to you for any loss or damages that may result from your implementation of any recommendations in these materials. Okta makes no representations, warranties, or other assurances regarding the content of these materials.  Information regarding Okta's contractual assurances to its customers can be found at okta.com/agreements.