Okta teams up with ServiceNow to bring identity layer to breach containment

Okta and fellow cloud company ServiceNow got together to build an app that helps ServiceNow customers using their security operations tools find security issues related to identity and take action immediately.

The company launched the Okta Identity Cloud for Security Operations app today. It’s available in the ServiceNow app store and has been designed for customers who are using both toolsets. When a customer downloads and installs the app, it adds a layer of identity information inside the ServiceNow security operations interface, giving the operations team access to information about who specifically is involved with a security problem without having to exit their tool to find the information.

Okta is a cloud identity management company, while ServiceNow is a cloud service management company. ServiceNow approached Okta about this integration because research has shown that the vast majority of breaches are related to compromised user credentials. The sooner the security operations team can track down the source of those credentials, the sooner they can begin resolving situation.

The way it works is a company detects a breach through the ServiceNow security tool. Instead of searching logs and taking days or weeks to find the source of the breach, security operations can see the problem user directly in the ServiceNow interface.

With that information, they can decide immediately how to mitigate the issue. That could involve forcing the person to log out of all their applications and logging back in with new credentials and two-factor identification, suspending the user for 24 hours or a number of other actions at the discretion of the security personnel.

Okta identity tools in the ServiceNow interface. Screenshot: ServiceNow

The combination of the two products results in a better solution for customers who are using both tools anyway, says Okta COO and co-founder Frederic Kerrest. “It reduces incident triage, improves risk scoring and accelerates containment,” he explained.

The integration takes advantage of the Okta Advanced Integration Network and involves a set of APIs for inserting Okta functionality inside of other applications. Among the other companies Okta is working with on this kind of integration is Palo Alto Networks.

This is not the first time the two companies have worked together, says Kerrest. There have been a couple of other cases where ServiceNow has used Okta as the default identity management solution in their products.