Sixty-six percent of employees report they can still access corporate data on cloud services after leaving the corporation.1 If that is a problem, what about stealthy attacks using compromised credentials? With the security perimeter now at the individual user and extending far beyond the corporate network, Okta’s Identity Management and Rapid7’s InsightIDR combine to provide coverage for your entire network ecosystem, from the endpoint to the cloud.
This integration allows security analysts to provision simple, secure access to cloud applications and monitor user activity for low-noise, high-value alerts on stealthy intruder attacks. This includes the top two attack vectors behind breaches: stolen credentials and malware.
Okta’s Identity Management is a class leading SaaS solution which helps enterprises enable their workforce to adopt the cloud. It integrates with the hundreds of cloud applications you use today, saving time and adding security for both IT and your end-users. This is done through easy account provisioning through Active Directory (AD), a seamless Single Sign On (SSO) experience, and secure Two Factor Authentication (2FA).
Rapid7 InsightIDR is an intruder analytics solution that gives you the confidence to detect and investigate security incidents faster. Only InsightIDR gives you quality alerts without the noise, enables your entire team to investigate an incident, and adds user context to your monitoring solutions. Unlike other solutions, InsightIDR monitors activity not just on your network, but across endpoints, mobile devices, and the cloud. InsightIDR gives you instant visibility into user activity across your infrastructure and monitoring solutions. Rapid7’s unique understanding of attacker methodologies is the key for producing these highly accurate analytics.
Figure 1: Visualize your organization’s cloud authentications
Rapid7 InsightIDR uses Okta’s direct API to ingest the authentication data for users across the organization. These logs are analyzed and combined with network, endpoint, mobile, and attacker methodology to detect intruders and risky internal behavior. Incident alerts are automatically generated in InsightIDR.
1http://mobileenterprise.edgl.com/news/Employees-Go-Rogue-with-Data97211
Download this Integration Overview
Download NowTake this integration for a spin and experience the SIEM you've always wanted
Explore InsightIDRPlease contact Rapid7 for support or assistance at +1.866.380.8113, or view all of our support options.
Get Support