Operations

9/6/2018
01:37 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Proofpoint Partners with Okta, Boosts Automated Incident Response and Integrated Authentication to Enhance Credential Phishing Defense

Sunnyvale, Calif.—September 5, 2018 – Proofpoint, Inc., (NASDAQ: PFPT), a leading cybersecurity and compliance company, today announced a technology partnership with Okta, the leading independent provider of identity for the enterprise, to provide a better way for joint customers to combat email credential phishing attacks by automating incident response with best-of-breed, cloud-based solutions. By integrating Proofpoint’s Threat Response Auto-Pull (TRAP) and the Okta Identity Cloud, security teams can automatically layer additional authentication security to ensure users who clicked on a phishing URL do not have their accounts compromised.

Every day, security teams are faced with both high volume and highly-targeted credential phishing attacks and unfortunately disjointed security systems add complexity to the challenge. The Proofpoint-Okta partnership makes security orchestration easier and provides a superior user experience for incident responders, security analysts, and system administrators. It reduces the time necessary to clean up credential phishing attacks with an accurate, timely response.

“Credential phishing is an Achilles heel for many organizations because most phishing links are hosted on compromised, legitimate websites with good reputations. Clever attackers even wait until after an email has passed through the gateway and into a user’s inbox before changing the content of the site to a page designed to steal usernames and passwords,” said Ryan Kalember, senior vice president of Cybersecurity Strategy for Proofpoint. “We can detect these phishing sites when a user clicks on them, but containing the risk requires valuable time and security resources. Our Okta partnership helps organizations automatically ensure that users who clicked on these malicious links don’t have their accounts accessed by attackers.”

Once Proofpoint detects that a user has clicked on a malicious URL and has been permitted access to the phishing webpage, administrators can automatically deploy stepped-up authentication via Okta Multi-Factor Authentication (MFA). This additional security layer ensures the user is reauthenticated, using multiple factors, before accessing corporate systems, which will help confirm the user’s identity and prevent compromise.

Proofpoint’s Threat Response Auto-Pull (TRAP) enables messaging and security administrators to move malicious or unwanted messages to quarantine, after delivery. It also tracks forwarded mail and distribution lists and creates an auditable activity trail. Joint Proofpoint-Okta customers can now integrate Proofpoint TRAP with the Okta Identity Cloud, which implements numerous factors for authentication across knowledge, possession, biometric, and contextual elements, to strengthen security and verify user identities.

“Working together, Okta and Proofpoint can help security teams to get the greatest value from their existing technology investments, by assisting with credential phishing attack detection and rapid response,” said Chuck Fontana, vice president of Integrations and Strategic Partnerships, Okta. “Email continues to be the number one threat vector and credential phishing attacks are flooding organizations worldwide. We are committed to helping global teams manage and secure their extended enterprise, and combining Okta and Proofpoint’s best-in-class solutions provides an additional layer of security to detect and mitigate potential malicious activities.”

For more information on the Proofpoint-Okta partnership, please visit https://www.proofpoint.com/us/partners/technology-alliance-partners. For more information on Proofpoint’s Threat Response Auto-Pull solution, please visit https://www.proofpoint.com/us/products/threat-response-auto-pull.

 

About Proofpoint, Inc.

Proofpoint Inc. (NASDAQ: PFPT) is a leading next-generation security and compliance company that provides cloud-based solutions to protect the way people work today. Proofpoint solutions enable organizations to protect their users from advanced attacks delivered via email, social media, mobile, and cloud applications, protect the information their users create from advanced attacks and compliance risks, and respond quickly when incidents occur. More information is available at www.proofpoint.com

Connect with Proofpoint: Twitter | LinkedIn | Facebook | YouTube | Google+

###

Proofpoint is a registered trademark or tradename of Proofpoint, Inc. in the U.S. and/or other countries. All other trademarks contained herein are the property of their respective owners.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20782
PUBLISHED: 2019-02-17
The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages.
CVE-2019-8407
PUBLISHED: 2019-02-17
HongCMS 3.0.0 allows arbitrary file read and write operations via a ../ in the filename parameter to the admin/index.php/language/edit URI.
CVE-2019-8408
PUBLISHED: 2019-02-17
OneFileCMS 3.6.13 allows remote attackers to modify onefilecms.php by clicking the Copy button twice.
CVE-2016-10742
PUBLISHED: 2019-02-17
Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter.
CVE-2019-8393
PUBLISHED: 2019-02-17
Hotels_Server through 2018-11-05 has SQL Injection via the API because the controller/api/login.php telephone parameter is mishandled.