Proofpoint integrates people-centric protection with Okta’s Identity Cloud
Cybersecurity and compliance company Proofpoint has this week announced an expansion to its technology partnership with identity and access management services provider Okta to bolster how organisations protect their most at-risk users from sophisticated cyberattacks.
Through this streamlined integration, joint customers can leverage Proofpoint’s people-centric Targeted Attack Protection attack index, which scores threats based on their criticality, to identify their very attacked people (VAPs) and apply stronger access controls to better protect those users with the Okta Identity Cloud.
“Our Okta partnership delivers exceptional value for our customers and channel partners—and today we are expanding on our commitment to helping organisations automatically dial-up protection for their users that receive the most critical and targeted phishing, malware, and impostor attacks,” says Proofpoint Cybersecurity Strategy executive vice president Ryan Kalember.
“Adversaries continue to attack specific people within organisations, including many that aren’t traditionally considered likely victims.
“Our people-centric intelligence provides essential insight into who an organisations’ VAPs are and how they are being attacked.
While we have several adaptive controls built into our solutions, our partnership with Okta extends these capabilities to include identity and access management and provide additional account protection in seamless, cloud-to-cloud integration.”
Joint Proofpoint and Okta customers can now integrate Proofpoint Targeted Attacked Protection (TAP) user risk insight with the Okta Identity Cloud.
Users that are identified as VAPs by Proofpoint will automatically be placed into a high-risk user group in Okta, allowing administrators to apply adaptive policy controls and higher assurance factors before granting access to resources.
Okta Integration Network vice president Chuck Fontana says, “At Okta, our mission is to enable any organisation to securely use any technology – making sure the right users have access to the right resources, at the right time, and preventing access to unauthorised users or requiring stronger assurance in high-risk scenarios,” says.
“By partnering with Proofpoint, we can provide our joint customers with the ability to automatically detect high-risk users and apply stronger authentication controls and policies to those users.
“This makes it easier and more efficient for administrators to identify and take action on today’s biggest security threat, people - and their identities - to improve the security posture of their organisation.”
With this integration, joint customers can apply adaptive controls such as;
- Assign application access or restrict access to sensitive applications
- Apply dynamic access policies aligned to user risk, including limiting session length and requiring higher assurance factors for MFA
- Adjust a user’s role and entitlement for authorisation in downstream applications
- Adapt password policies for complexity, history, expiration, and reuse
This latest Okta integration also builds on the existing Proofpoint Threat Response Auto-Pull (TRAP) integration, which enables security teams to orchestrate response actions to protect users who have clicked on phishing links.
- SPLUNK SOC Analyst level 3, London.
SPLUNK SOC Analyst level 3, Must be able to commute to the City of London. Onsite role. Security clearance needed. The SPLUNK SOC Analyst level 3 must have current experience working within a SOC environment with specific experience using a range of tools and techniques to investigate security incidents. Current experience with Splunk is essential. any additional experience Individuals with Elastic Security SIEM are highly desirable. Any of the following certifications are desirable Splunk Phantom certified admin, Splunk Core Certified Power User / Advanced, Splunk Certified Enterprise Security Admin, etc The role will include, but not be limited to working with sophisticated information security tools, investigating security incidents, incident management, technical escalation, process improvement, research into the latest threats, reporting etc The individual MUST currently be living in the UK and be able to achieve UK security clearance. (SC) This is a permanent role To arrange a call with Chris Holt https://calendly.com/chris-holt/arranged-call-with-chris-holt-elastic-siem-engineer-soc Chris.Holt@dclsearch.com
- ISO 27001 & Business Continuity Security Specialist, End User
- United Kingdom
CH7828 ISO 27001 & Business Continuity Security Specialist, End User, £70,000 United Kingdom ISO 27001 & Business Continuity Security Specialist needed to join a Cyber team within an end user. The ISO 27001 & Business Continuity Security Specialist will have end to end responsibility for the information security and Business Continuity management system. ISMS/BCMS. Both from an information security and technical security perspective working alongside the CISO. Experience must include, but not be limited to; a mix of Information Security standards, frameworks, audit principles, controls / policies and the management and use of the technical tooling to achieve compliance. ISO 22301, ISO 27001, NIST Cybersecurity Framework etc An ideal candidate will be working within an end user environment with a cyber consultancy background. Experience taking a company through accreditation is highly desirable Experience managing internal stakeholders, technical teams and external third parties essential Flexible working, very occasional travel to London office This is an exclusive role to DCL Search & Selection. Looking to interview immediately. https://calendly.com/chris-holt/iso-27001-business-continuity-security-specialis
- PCI- DSS Security Consultant, End User
PCI- DSS Security Consultant needed to join a Cyber team within an end user. The PCI- DSS Security Consultant will have end to end responsibility for PCI - DSS and its continuing certification. Both from an information security and technical security perspective working alongside the CISO. Experience must include, but not be limited to; a mix of Information Security standards, frameworks, audit principles, controls / policies and the management and use of the technical tooling to achieve compliance. PCI objectives / 12 key requirements, OWASP top 10, ISO 27001, NIST Cybersecurity Framework etc An ideal candidate will be working within an end user environment with a cyber consultancy background. PCI Cloud compliance, specifically someone with experience taking PCI-DSS from on premise into the cloud is HIGHLY desired. However, someone with Solid PCI experience with a strong technical background which include Cyber / Secure by design etc would be considered. Experience managing internal stakeholders and external third parties essential. Flexible working, but with the ability to get into London. This is an exclusive role to DCL Search & Selection. 1st stage interviews to happen the week of the 14th September Arrange a call with Chris on https://calendly.com/chris-holt/arrange-a-call-chris-dcl-pci-compliance
- IAM Contractor CyberArk
Identity & Access Management Architect Contractor Flexible • Extensive PAM / IAM experience required, • MUST have CyberArk and or Beyondtrust. Privileged access management • Technical review, recommendation, design and hands on technical delivery. • 6 month contract Arrange a call with Chris Holt https://calendly.com/chris-holt/arranged-call-with-chris-holt?month=2020-09