Last updated: Aug 23, 2019

Integration detail

Securonix

Overview

Okta and Securonix work together to combat enterprise security threats in real time. Okta provides rich contextual data including user location, time, device, and number of authentication attempts. Securonix monitors the data for threats like suspicious login locations, signs of brute force attacks or credential sharing, and account compromise, and uses advanced security analytics and machine learning to develop risk scores of user behavior. When an elevated risk score indicates an addressable threat, Securonix can trigger a remediation workflow through Okta that provides policy-based containment actions like suspending the user account, killing the session, or requiring step-up multi-factor authentication (MFA).

The Challenge

  • Cyber attacks, usually involving compromised user credentials, are increasing in frequency and sophistication
  • Manually monitoring and analyzing security data to protect apps and data from breaches is challenging in a complex IT environment
  • Companies need enterprise tools capable of closely monitoring user activity, quickly identifying suspicious behavior, and immediately responding to threats before they spread

The Solution

Gain deep, contextual insights into all user activity across your network

Quickly identify suspicious users and compromised accounts with alerts from integrated advanced analytics

Automate policy-based actions to contain and remediate suspicious or unauthorized activity as soon as it arises

Okta Securonix Diagram
Federated Single Sign-On

Add identity context to security logs to enrich your data

As users log in with Okta’s enterprise single sign-on (SSO), Okta captures identity context information, including user location, time, device, and number of authentication attempts. Through an API integration, Securonix develops risk scores of user behavior and enacts remediation against suspicious accounts.

Fingerprint

Reliably identify suspicious user account behavior in real time

Securonix monitors these authentication trails and other security logs across your environment, watching for general anomalies and specific threats like suspicious login locations, signs of brute force attacks or password spray attacks, credential sharing, and account compromise.

Lock

Instantly decide which anomalies are actionable

By applying advanced security analytics and machine learning, Securonix determines which of these events require action, and helps security operations teams visualize authentication patterns, understand suspicious activity, and shift risk scores based on additional threat intelligence.

Mobile Device Alert

Automate remediation for a faster security response

When a suitably elevated risk score indicates an addressable threat, Securonix can trigger a remediation workflow through Okta that can be wholly or partially automated. Okta then provides immediate, policy-based containment actions like suspending the user account, moving the user into a new group, killing the session or requiring step-up multi-factor authentication (MFA).

Documentation

Here is a section all about documentation, integration, and implementation.

  • Datasheet:

    Instantly Detect and Respond Against Credential-Based Attacks

    Read it

  • Configuration Guide:

    Okta + Securonix

    Read it
Okta Verified
Okta Verified
The integration was either created by Okta or by Okta community users and then tested and verified by Okta.

Want to build your own integration and publish it to the Okta Integration Network catalog? Learn how