Skip to main content

Experience the Best of Oktane in Just 60 Minutes!

Experience the Best of Oktane in Just 60 Minutes!

Register now

Register now

Experience the Best of Oktane in Just 60 Minutes!

Free trial
Contact us
Questions? Contact us: 1 (800) 425-1267

We’re committed to taking action

Learn about the definitive steps we’re taking to fight against Identity-based attacks and empower our customers and the industry to identify and mitigate emerging threats.

Investing in market-leading products and services

We invest in keeping our products hardened and secure while delivering new solutions that protect our customers. We also consistently invest in services, including 24/7 global support and 99.99% operational uptime.

Hardening our corporate infrastructure

The cyber-threat profile we use for our customer-facing environment is the same for our internal technologies, people, and processes. We’re accelerating our investment to further harden our corporate infrastructure to stay ahead of threats.

Championing customer best practices

Misconfigured Identity is another entry point for a bad actor or negligent insider. With 15 years experience and 19,450+ customers, we have the expertise to help ensure our customers have the right Identity configuration. We’re committed to deploying our products with Okta’s security best practices, and our training and certification programs are ways we help customers meet these standards.

Raising the bar for our industry

Okta has a responsibility to lead the industry in the fight against Identity-based attacks. We’re accelerating our capabilities and embracing new technology, such as AI. Additionally, with Okta for Good, we help fund the digital transformation of nonprofits and advance inclusive pathways into tech.

We're already helping secure more than 19,450 customers

And we're continually evolving in the fight against Identity-based attacks.

3 billion

attacks (credential stuffing, malicious bots) denied over a 30-day period*

90%

reduction in credential stuffing attempts over a 90-day period†

>800M

unique monthly users protected by Okta**

Investing in market-leading products and services

What we recently delivered


Secure Identity Assessment

Work directly with Okta experts to control your Identity debt and close security gaps like admin sprawl, misconfigured permissions, or shadow IT before they become a security threat.

Secure Identity integrations

Enhance security and reduce development time with 125+ new SaaS application integrations that bring advanced security to some of the biggest SaaS applications.

Customise sessions with extensibility

Define custom behaviours based on risk signals to revoke suspicious sessions and set policies to detect and respond to hacking. You can do this by leveraging the Session Management API with our Actions Extensibility platform.

Out-of-the-box integrations for Identity verification

Use out-of-the-box integrations with third-party Identity verification providers to enable seamless Identity verification throughout the employee lifecycle. Our integration for Persona is available in Early Access now.

What's next?


Secure partner access

Securely manage Identity and access to shared applications for business partners without requiring significant development, customisation, and management tasks from IT.

Yubico FIDO pre-reg

Protect your organisation from modern Identity attacks by implementing advanced phishing resistance across the organisation with pre-enrolled FIDO2 Yubikeys.

Combat call center, in-person fraud with CIBA

Client-Initiated Backchannel Authentication (CIBA) offers a streamlined, more secure way to verify customers over the phone, in-person, and through IoT devices. Instead of relying on traditional security questions, CIBA allows backchannel apps to trigger push authentication requests directly to the user’s device.

Championing customer best practices

What we recently delivered


Secure Sign-In Trends Report 2024

Okta’s latest Secure Sign-In Trends report dives into how organisations across industries are embracing modern, phishing-resistant methods like Multi-Factor Authentication (MFA) and passwordless sign-ins.

5 tips to enhance security without sacrificing productivity or user experiences

Security can be seen as the enemy of productivity and user experience. This article will share insights and tips to help organisations deepen their security posture without compromising other business priorities.

Five reasons to upgrade your org to the Okta Identity Engine

Explore why thousands of organisations are upgrading from Okta Classic to the modern Okta Identity Engine. This guide highlights key benefits like enhanced authentication, passwordless sign-ins, device assurance, and improved admin experiences to help secure your Identity posture and streamline user access.

Zero Trust and the Identity imperative: Building resilience against emerging threats

Explore how organisations can benefit from industry guidelines and best practices, like those outlined by NIST, to strengthen their Zero Trust approaches. Learn about threats and trends companies face, including phishing, shadow IT, misconfigured Identity, and more.

Verifying identity of your remote workforce

With deepfakes on the rise, remote identity verification is becoming increasingly important and difficult. How do you verify that employees are who they say they are when you can’t physically see them? This article outlines best practices for identity verification during the hiring process and beyond.

The weakest link: Securing your extended workforce

Organisations lean on third-parties to expand their business capabilities, from call centres to vendors and acquired companies. But these third parties rarely have the same security standards and protocols, making them a target since attackers know they’re the weakest links into the core organisation. Okta Deputy CSO Charlotte Wylie shares what it takes to secure your extended workforce.

What's next?


Guide to proving the ROI of cybersecurity

Data breaches were up 72% in 2023 alone, but security professionals are still struggling to get the buy-in and resources they need to move key initiatives forward. This guide includes advice from CISOs and security leaders for demonstrating ROI.

Threats I’m monitoring in 2025: from deepfakes to Scattered Spider

Cybercriminals are constantly evolving and refining their tactics. Find out what’s keeping CISOs up at night, from increasingly sophisticated ransomware to supply chain vulnerabilities and AI-based cyber attacks.

Raising the bar for our industry

Okta Security Icon.

Preparing for the New Identity Security Standard

The OpenID Foundation’s Interoperability Profiling for Secure Identity in the Enterprise (IPSIE) working group is in the process of creating an open industry standard. This standard will enhance the end-to-end security of enterprise SaaS products and provide a framework for SaaS builders to more easily meet evolving enterprise security needs.

Okta Admin icon.

Okta’s mission to standardise Identity security

As part of our mission to secure Identity, we’ve led the formation of a working group within the OpenID Foundation. This group is dedicated to creating the first unified Identity Security standard for enterprise apps, resources, and workloads: Interoperability Profile for Secure Identity in the Enterprise (IPSIE).

Okta’s ongoing commitment to Secure by Design

In May 2024, Okta was one of the first technology providers to sign the CISA Secure by Design pledge. The pledge commits enterprise software companies to make a “good faith” effort to meet seven high-level Secure by Design goals within the course of a year. Learn how Okta has progressed against this pledge.

Okta for Good has committed $11.7M

Okta for Good has committed $11.7M towards its $50M philanthropy commitment, including a $2.5 million commitment for NetHope - a catalyst for collective impact that advances humanitarian, conservation, and international development efforts worldwide to enhance cybersecurity resilience across the nonprofit sector.

Hardening our corporate infrastructure

What we recently delivered


Standardised and centralised reporting for vulnerability management, asset management, and CSPM

We have centralised vulnerability-related information across our production and corporate environments.

Improved logging ingestion and analysis tooling

We have improved our logging capabilities to enable more relevant alerts.

Enhanced scanning of open-source software (OSS)

We have made additional improvements to OSS component vulnerability scanning in order to detect operational risks and malware in third-party libraries. This tooling has been operationalised within Okta’s development and release workflows.

What's next?


Additional security controls established for third-party libraries

Mitigating the risks associated with external dependencies is a key component of a robust security program. Okta is taking steps to help reduce the risk of vulnerabilities via third-party libraries with additional security controls and monitoring.

We’re committed to sharing results

Check back for quarterly updates to learn what we’ve done and what’s next when it comes to Okta’s commitment.


Explore more resources

CHECKLIST

Identity security checklist

Protect your organisation by reviewing the most critical questions to become more resilient against Identity threats.

Get the checklist

*Based on internal reporting through October 2024

**Based on Okta internal reporting from February 2024

†Based on internal reporting of anonymised data from enterprise customers over the period of October 5, 2023 to January 4, 2024


To connect with a product expert today, use our chat box, or email us.
Contact us
Company

Copyright © 2024 Okta. All rights reserved.
  • Legal
  • Privacy Policy
  • Site Terms
  • Security
  • Sitemap