It’s 2023, the year of AI. That means all of the conferences have some or a lot of focus on it. It is no surprise that it is the main theme during Okta’s annual conference, Oktane. But what does Okta AI entail? We outline it below. Oh yeah, Okta also announced support for passkeys within the Customer Identity Cloud. We’ll go into a bit more detail on that as well.
Okta is not entering the AI market half-heartedly, that much is clear. It immediately comes out with a suite, which it calls Okta AI. This is part of the full portfolio, meaning both the Workforce Identity Cloud and the Customer Identity Cloud. Good to see that Okta has not tried to reinvent the wheel itself. It has entered into a strategic partnership with Google. More specifically, it is using Google Vertex AI to develop the various components of Okta AI. With Vertex AI, it is possible to build – among other things – ML models and AI applications. We recently reported that more than 100 LLM models are now also available in Vertex AI.
Okta has deployed Vertex AI to create specific AI applications. Below you can see a list of the specific capabilities, including expected delivery dates for customers:
- Identity Threat Protection with Okta AI will be in Limited Early Access in Q1, 2024;
- Log Investigator with Okta AI will be in Limited Early Access in Q3, 2024;
- Policy Recommender with Okta AI will be in Limited Early Access in Q1, 2024;
- Governance Analyzer with Okta AI is in Limited Early Access in Q2, 2024;
- Identity Flow Optimizer with Okta AI is in Limited Early Access in Q4, 2024;
- Actions Navigator with Okta AI is in Limited Early Access in Q2, 2024;
- Tenant Security Manager with Okta AI is coming in Limited Early Access in Q2, 2024;
- Brand Customizer with Okta AI is in Limited Early Access in Q4, 2024;
- Guide with Okta AI is coming in Limited Early Access in Q4, 2024,
Obviously, none of the new features are generally available yet, or even available for early access. Starting in the first quarter of 2024, this will happen in a steady wave. As such, it’s quite a complex addition to the portfolio for a party like Okta, especially if it all has to happen in real time. Identity is increasingly the linchpin around which cybersecurity revolves. Then, of course, the offering has to be right the first time.
Okta AI says it uses the latest AI models (from Vertex AI), but also deploys its own data. This involves crowdsourced threat intelligence data around identity. Furthermore, Okta promises that it has privacy and compliance built in and that it handles data ethically and according to privacy regulations.
Identity Threat Protection for Workforce Identity Cloud
During Oktane, Okta itself highlights a specific AI application. It is Identity Threat Protection for Workforce Identity Cloud with Okta AI. For now, Okta has chosen to explicitly put behind its new AI applications that it is with Okta AI. This makes for overly long names, but is transparent. However, we do assume (or at least hope) that this is temporary.
Either way, Identity Threat Protection for Workforce Identity Cloud with Okta AI does what the name suggests. It provides protection against threats that exploit or misuse identity as an entry point. Rather than protection at the time of initial authentication, this is real-time and continuous detection and response to these types of threats. It can do this by constantly analyzing signals during a user’s session in the Okta AI platform.
Identity Threat Protection for Workforce Identity Cloud with Okta AI is not a single feature, by the way. It offers several features under this name. Below you can see them. Since Okta itself talks about these being the “initial features,” we assume that the intention is to expand the features as it becomes useful and desirable.
- Continuous Risk Evaluation enforces security policies at login and during an active user session, reducing the likelihood of unauthorized access or session hijacking.
- Shared Signals Pipeline increases threat visibility within an organization’s technical ecosystem. This allows security teams to detect and then respond to emerging threats with various security technologies, including Mobile Device Management (MDM), Cloud Access Security Broker (CASB) and Endpoint Detection & Response (EDR) solutions.
- Adaptive Actions responds to real-time threats with targeted actions, such as Universal Logout on supported applications with the feature enabled, prompting users for on-demand multi-factor authentication, and executing automated workflows to address emerging risks.
Passkey Support for Customer Identity Cloud
Before AI took over more or less every discussion in the world of IT and security, the field of authentication and identity was all about passkeys. This made it possible to virtually cut out the human component within this domain. The implication is that this also immediately makes it a lot more secure. Phishing – still one of the main methods of attack – should thus become virtually impossible. In addition, passkeys make completely password-free authentication possible. Of course, this also immediately provides a major boost in the area of secure authentication, login and the like.
The news during Oktane from Okta in terms of passkeys is that it has added it to its Customer Identity Cloud. This new feature is also already available in early access. Adding it, according to Okta, is no more than a push of a button. It may just be that the addition of Passkey Support to the Customer Identity Cloud is more important than all the AI announcements that Okta did this week. After all, it is really taking a big step in better securing people’s identities with this. After all, digital identity and especially protecting it is only going to become more important.