Manage and Monitor User Identities
Integration Benefits
- Complete visibility into your users’ authentication activity, inside and outside the network perimeter
- Detect the attacks you’re missing across the entire network ecosystem, from the endpoint to the cloud
- Intelligent Single Sign On (SSO) and Two-Factor Authentication (2FA)
- Automatically detect compromised credentials, the number one attack vector
- Monitor Okta Administrator authentications and activity
Sixty-six percent of employees report they can still access corporate data on cloud services after leaving the corporation.1 If that is a problem, what about stealthy attacks using compromised credentials? With the security perimeter now at the individual user and extending far beyond the corporate network, Okta’s Identity Management and Rapid7’s InsightIDR combine to provide coverage for your entire network ecosystem, from the endpoint to the cloud.
This integration allows security analysts to provision simple, secure access to cloud applications and monitor user activity for low-noise, high-value alerts on stealthy intruder attacks. This includes the top two attack vectors behind breaches: stolen credentials and malware.
Okta Identity Management
Okta’s Identity Management is a class leading SaaS solution which helps enterprises enable their workforce to adopt the cloud. It integrates with the hundreds of cloud applications you use today, saving time and adding security for both IT and your end-users. This is done through easy account provisioning through Active Directory (AD), a seamless Single Sign On (SSO) experience, and secure Two Factor Authentication (2FA).
Rapid7 InsightIDR
Rapid7 InsightIDR is an intruder analytics solution that gives you the confidence to detect and investigate security incidents faster. Only InsightIDR gives you quality alerts without the noise, enables your entire team to investigate an incident, and adds user context to your monitoring solutions. Unlike other solutions, InsightIDR monitors activity not just on your network, but across endpoints, mobile devices, and the cloud. InsightIDR gives you instant visibility into user activity across your infrastructure and monitoring solutions. Rapid7’s unique understanding of attacker methodologies is the key for producing these highly accurate analytics.
Bring Confidence Into Your Cloud Architecture
Figure 1: Visualize your organization’s cloud authentications
How It Works
Rapid7 InsightIDR uses Okta’s direct API to ingest the authentication data for users across the organization. These logs are analyzed and combined with network, endpoint, mobile, and attacker methodology to detect intruders and risky internal behavior. Incident alerts are automatically generated in InsightIDR.
- Step 1: Set up Rapid7 InsightIDR
- Step 2: Forward Okta logs to InsightIDR’s collector
What You Need
- Rapid7 InsightIDR
- Okta Identity Management
1http://mobileenterprise.edgl.com/news/Employees-Go-Rogue-with-Data97211
Integration Overview
Download this Integration Overview
Download NowFree 30-Day Trial
Take this integration for a spin and experience the SIEM you've always wanted
Explore InsightIDRNeed help with an integration?
Please contact Rapid7 for support or assistance at +1.866.380.8113, or view all of our support options.
Get Support