We are delighted to announce that the Oort platform has emerged from beta and is now generally available! Our team has been hard at work listening to and working with our beta customers and design partners to deliver an identity analytics and automation platform that’s easy to use and adds value from day one. Here’s a quick rundown of what’s inside, but first…
Why Oort? Why now?
With over 60% of breaches involving the abuse of valid identity credentials, identity is the new perimeter, and it’s more essential than ever to keep it secure. In fact, research shows that the majority of organizations over 500 people have more than 25 sources of identity. It’s hard enough seeing across and securing just a few identity sources, but when this level of identity blindness and sprawl converge, serious identity vulnerabilities accumulate quickly and silently. This is a huge problem. Oort enables organizations to see across all their sources of identity to quickly detect and remediate identity vulnerabilities at scale. Put simply, defeating identity vulnerabilities is why we exist. Read on for how we do it.
Let’s take a closer look at some of the features of Oort, our powerful enterprise identity security and compliance platform that’s evolving rapidly to meet the needs of organizations worldwide. But, before we dive into the latest and greatest, if you’d like to get priority access to our feature releases and roadmap going forward, sign up for our monthly newsletter:
Key Features of the Oort Platform
Identity Vulnerability Checks
Oort uses machine learning to create and check baseline behaviors of individual identities across IdP, HRIS, and directory services. We call these Identity Vulnerability Checks and they are the cornerstone of the Oort platform for enterprise identity security. We’re currently at 15 Identity Vulnerability Checks (and growing), so let’s dive into a few below and then you can download our “Top 5” to take with you at the end of this section.
No Multi-Factor Authentication (MFA)
This Identity Vulnerability Check may sound obvious, but it can be surprisingly challenging to surface a list of users who are not enrolled in MFA or who have weak MFA in place (that’s actually a separate check you can see for yourself in a 30-day free trial of Oort). Multi-factor authentication is widely known to provide some of the strongest security in preventing successful phishing attacks that can result in account takeovers and further harm. Oort makes it easy to see these identity vulnerabilities and to remediate them at scale.
IP Threat Detected
This check looks at login events and enriches the event IP address against a dynamic data set of known risky IP addresses. These include addresses of known spammers, botnets, malware hosts, and more. Logins from these IP addresses could be an indicator of compromise, where an attacker has access to a machine unbeknownst to the organization or its authorized user. Oort automatically tags these login events with the type of threat associated with the host, providing instant visibility into the behavior of that identity.
Logins from Disallowed Browsers
Not all browsers are sanctioned by organizations due to their security risks or flaws. Moreover, certain browsers and user agents are known to be associated with certain types of threats and threat actors, so they should be called out when observed. This Identity Vulnerability Check enables security and IAM teams to create blacklists of browsers and to receive alerts when they are observed logging in. By white- or blacklisting certain browsers and checking for their use, Oort enables security practitioners to quickly see when login activity is happening in violation of any policies (such as company-approved browsers) and to take action to further investigate those users for security threats.
How are you securing your organization from identity vulnerabilities?
Download the data sheet to learn about the “Top 5 Identity Vulnerability Checks” that Oort uses to quickly secure your IAM program, and see just how easy it is to get started right away.
Identity 360
With identity now at the center of your IAM program, total visibility of every user in your enterprise is essential to maintaining strong security posture and regulatory compliance. With Identity 360, security and IT team members get a full view of the demographic attributes, activities, and risks posed by every identity in your organization. Identity 360 capabilities include:
See the current demographic information of every user, including any discrepancies between your identity provider (IdP) and human resources information system (HRIS)
Investigate activity logs including successful logins, failures, challenges, and application access
Get an enriched view of event activity including operating system and browser used, physical location, IP address, and more
Naturally, any Identity Vulnerability Checks that might be impacting a user are also attached to the identity record so that they can be fully investigated and remediated.
Automated Remediation
We know that security and IT professionals are overwhelmed with alerts, investigations, and resolution of issues that can span multiple owners, teams, and technologies. That’s why we’ve built automated remediation into the platform, so that no matter where your IAM team sits in the organization, they can operate more efficiently at scale.
Oort integrates with ubiquitous communications tools including Slack and Microsoft Teams to notify users and their managers of Identity Vulnerability Checks that are impacting them or their team. This enables investigations and remediations to kick off right from the platforms where your users already are. Save the countless hours wasted communicating via email by connecting Slack or Teams to Oort.
What’s next?
We’re already heads down on our next batch of Identity Vulnerability Checks, integrations, and machine learning models, so now is a great time to start a free 30-day trial of Oort. You’ll immediately see value in Oort’s reporting on the overall hygiene and security of your identity and access management program. Right away, you’ll be able to start investigating and remediating your identity vulnerabilities, and after 30 days, you’ll be blown away by how much you’ve cleaned up your IAM program.