Security news aggregator

Latest coverage for Okta

Okta is an identity and access management platform whose authentication services affect account security, access control, and breach response.

22 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Okta is a cloud identity and access management platform used to authenticate people, issue access to applications, and administer workforce or customer identities. Its capabilities commonly include single sign-on, multifactor authentication, directory and lifecycle management, and policy-based authorization across SaaS, on-premises, and custom applications.

Because Okta can control access to many systems, its administrator accounts, identity APIs, integrations, and authentication sessions are high-value security surfaces. Organizations should apply least privilege, phishing-resistant MFA where feasible, careful separation of administrative roles, and prompt removal of departing users; misconfigured federation or provisioning can otherwise grant excessive or persistent access. Logs covering administrator activity, authentication events, token use, and changes to applications or policies support detection and incident response. Security advisories and vulnerability assessments should include Okta agents, connectors, browser components, and downstream integrations, while investigations should consider revoking sessions and rotating affected credentials.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 22 Filtered view
Bank Info Security 1 month, 3 weeks ago

Why AI Agents Are Creating a New Security Blind Spot

Okta's Charlotte Wylie on Identity, Governance and Rogue AI AccessAI agents are becoming a new identity type inside enterprises, creating visibility gaps and security risks most organizations aren't prepared to manage. Okta's Charlotte Wylie explains why shadow agents, overprovisioned access and AI-driven attacks demand a new governance model.

Bank Info Security 3 months, 1 week ago

AI Is Accelerating Cyberattacks Faster Than Defenses

Okta's Brett Winterford on Identity Threats and Agentic AI RisksAI is accelerating cyberattacks, collapsing timelines and exposing new identity risks. Okta's Brett Winterford explains how attackers are using AI to scale phishing, exploit credentials and infiltrate enterprises - and what CIOs must do to defend against this rapidly evolving threat landscape.

Bank Info Security 4 months ago

How to Govern AI Agents Before They Go Rogue

Okta's Arkadiusz Krowczynski on Why Governing AI Agents Starts With IdentityAI agents are being deployed faster than enterprises can secure them, creating blind spots across access, ownership and governance. Half of companies lack any governance or a shutdown mechanism when agents go rogue, says Arkadiusz Krowczynski, principal product acceleration specialist at Okta.

Bank Info Security 5 months, 1 week ago

Semperis Buys MightyID to Expand Identity Security

Acquisition Adds Okta and Ping Coverage to Semperis' Identity Security PlatformSemperis has acquired MightyID to extend its identity-first security and cyber resilience strategy beyond Active Directory and Entra ID into Okta and Ping. CEO Mickey Bresman says the deal addresses customer demand for multi-identity provider protection backup recovery and migration.

Bank Info Security 5 months, 1 week ago

Semperis Buys MightyID to Expand Identity Security

Acquisition Adds Okta and Ping Coverage to Semperis' Identity Security PlatformSemperis has acquired MightyID to extend its identity-first security and cyber resilience strategy beyond Active Directory and Entra ID into Okta and Ping. CEO Mickey Bresman says the deal addresses customer demand for multi-identity provider protection backup recovery and migration.

Bank Info Security 5 months, 2 weeks ago

Social Engineering Hackers Target Okta Single Sign On

ShinyHunters Campaign Uses Voice Phishing to Bypass MFA and Steal Corporate DataSecurity experts warn that "an active and ongoing campaign" being waged by ShinyHunters extortionists has at least 150 organizations in its sights across a range of sectors, with attackers using live voice phishing to bypass multifactor authentication, steal cloud data and hold it to ransom.

Bank Info Security 5 months, 3 weeks ago

Voice Phishing Okta Customers: ShinyHunters Claims Credit

Okta Alerts Customers' CISOs to Malicious Campaigns Seeking Single Sign-On AccessA surge in attacks that bypass some types of multifactor authentication has been tied to a new generation of voice-phishing toolkits that give attackers the ability to orchestrate what a target sees in their browser, warns a new report from Okta, which is among the services being targeted.

Bank Info Security 10 months, 3 weeks ago

Okta to Purchase Axiom Security to Bolster Privileged Access

Just-in-Time, Database, Kubernetes Access Fuel Privileged Access Startup M&ABy acquiring startup Axiom Security, Okta aims to enhance privileged access by offering broader coverage of sensitive assets like Kubernetes containers and databases. The company says the move accelerates value delivery and complements Okta's existing privileged access capabilities.

3rd Round of Layoffs in 3 Years Comes as Rival CyberArk Surpasses Okta's ValuationOkta will execute its third round of layoffs in three years, cutting 180 employees to reallocate resources toward priorities to drive growth. The San Francisco-based identity security giant on Tuesday shared plans to reduce its staff by 3% in what has become somewhat of an annual tradition for Okta.

Bank Info Security 5 Feb 2025, 8:00 a.m. Okta

Access Management Leaders Remain Unchanged as Customer Identity Cases ProliferateAdvances in customer identity around better user experience, strong authentication, and centralized identity processes have driven rapid growth in the access management market. The space by grew 17.6% to $5.85 billion in 2023 as organizations increasing look to replace homegrown CIAM solutions.

Also: Ransomware Hackers Demand BaguettesThis week, Chinese spying, Italian hacking scandal, an FBI warning and Okta fixed a bug. Google mandated MFA, zero days in PTZOptics and a Mexican airport didn't pay ransom. Cybercriminals demanded baguettes, breach lettersin Ohio and Germany will shield white hats. The Italian DPA rebuked a bank.

Bank Info Security 2 years, 1 month ago

Breach Roundup: Google AI Blunders Go Viral

Also: Okta Alert on Credential Stuffing; Data Breaches in SpainThis week, Google AI search provided wrong answers, Internet Archive suffered DDos attack, Okta warned of credential stuffing, Canada shut down two tech firms, attackers delivered malware with Stack Overflow, Telefónica is probing breach, Iberdrola was breached and RansomHub said it hit Christie's.

Bank Info Security 2 years, 2 months ago

Breach Roundup: REvil Hacker Gets Nearly 14-Year Sentence

Also: Another Ivanti Zero-Day? And FBI Calls for Strengthening DMARC PoliciesThis week, REvil hacker sentenced; ZDI saw possible Ivanti-zero-day; FBI said to strengthen DMARC policies; Okta saw surge in credential stuffing attacks; French hospital refused to pay ransom; JPMorgan, debt collection agency and healthcare company were breached; and ex-NSA employee was sentenced.

Bank Info Security 2 years, 3 months ago

Microsoft, Okta, CyberArk Lead Workforce Identity Rankings

OneLogin Departs Forrester's Leaderboard as User Experience Takes Center StageMicrosoft, Okta and CyberArk remained atop Forrester's workforce identity rankings, while OneLogin tumbled from the leaders' spot. The shift toward digital platforms and growing adoption of cloud services have been pivotal in driving the evolution of workforce identity platforms.

Bank Info Security 2 years, 4 months ago

Okta Security Push Pays Dividends Following String of Issues

Credential Stuffing Plummets, More Malicious Requests Detected Amid Huge InvestmentOkta's 90-day push to improve its security architecture and operations following a crippling October 2023 data breach delivered quick results, CEO Todd McKinnon said. Okta over the past quarter reduced credential stuffing attempts and malicious bot traffic for its largest customers by more than 90%.

Loading more headlines...