Okta at RSA Conference 2024

We are excited to have a presence at RSA Conference 2024! On Tuesday, May 7th, we will speak on Identity: Your key to stop breaches. Consider why you don’t want to miss this session:

Attackers are not breaking in – they are logging in. Exploiting weak passwords, phishing credentials, and navigating privileged access is a hacker’s easiest way to infiltrate your organization. How can you fight back? Done right, identity is your first line of defense and the backbone of your security strategy. Join this session to learn how to leverage Okta to stop Identity breaches.

So, if you are attending RSA, we hope you join us for this important session. Also, please stop by our booth and say hello!

We will feature two topics that may be of keen interest to you: Shared Signal Framework (SSF) and Universal Logout. We would like to provide you with a brief understanding of each and resources for further exploration.

Shared Signal Framework (SSF)

Does your current security solution wait until it sees suspicious activity in a critical application before logging an attacker out or prompting a legitimate user to re-authenticate? Chances are, accessing an essential application wasn’t the first step an attacker took after compromising a user’s account. In a genuinely zero-trust infrastructure, applications share information about user behavior that paints a holistic picture of whether an account’s activity looks suspicious. Then each service responds appropriately for its threat model.

The Shared Signals Framework (SSF) is a huge step in enabling formerly siloed applications to see the whole picture of whether a user’s behavior looks normal or suspicious. SSF is developed by the OpenID Foundation, which is also the home of standards like OIDC, FAPI, and MODRNA.

Although any software can send and receive these signals, Okta is uniquely positioned to work with our integrators to make SSF easy for identity administrators to use.

To learn more about the Shared Signals Framework, check out the OpenID foundation’s SSF Working Group or the explainer site sharedsignals.guide. Learn about one of our SSF integrations in this episode of our podcast!

Universal Logout

What should happen next when suspicious activity is detected on a user’s account? Identity providers can easily prevent a user from starting new sessions, but in the past, there hasn’t been a good way to end all of a user’s existing sessions. Nobody wants to re-authenticate for every task they perform, but in the past, these productivity and convenience features have given attackers an avenue to impersonate legitimate users by stealing session information. However, it’s harder for an attacker to create a session than to continue a stolen session.

Universal Logout addresses this problem by offering administrators and their automation a way to log users out of all their existing sessions with an identity provider. UL pairs with SSF and other intrusion detection tooling to get the best of both worlds: Users can keep the productivity benefits of long sessions and only do extra re-authentication when threats are detected, yet intruders experience the challenges of session termination immediately when they try to misuse stolen access.

While the Universal Logout feature provided by Okta has not yet been released, you can build the endpoint that IdPs such as Okta or threat detection tools can call to end a user session ASAP by following the instructions on this blog: How to Instantly Sign a User Out across All Your Apps.

If you want to join a pilot program of integrators working with SSF and UL, contact us at wic-dev-advocacy at okta dot com.

If you are attending RSA, please stop by our booth and say hello! Whether you attend or not, the resources above are available for all to explore today!