No matter the size of your organization, employees are managing an ever-increasing volume of accounts across numerous cloud and on-premises applications, systems, and tools. Security teams – challenged by the difficulty of monitoring and responding to this volume of accounts – are increasingly relying on Identity Access Management (IAM) solutions. IAM promises a single sign-on experience that as one vendor puts it, “can connect anyone that touches your organization to any technology they want to use.”
But IAM should accomplish much more for your organization than simple Single Sign On (SSO) and consistent/integrated identity. It should integrate with and enhance your security operations, ideally in a dynamic nature that enables you to monitor, respond, and adapt to security risk factors, even without human intervention. IAM’s ability to deliver on this need depends on your security environment and posture, including your use of a SIEM. Likewise, your SIEM can greatly benefit from high quality event data from IAM so it can provide a comprehensive and up-to-date view of your overall risk posture.
If you are thinking this sounds great in principle but wonder how it works at the technical level, I understand. That’s why we are going to take an actual real-world example of a SIEM, in this case LogRhythm, and an IAM, Okta, and demonstrate how their integration matures an organization’s security posture.
We’ll dive into how Security Analysts can make more informed decisions and perform better investigations when they have the full picture of IAM events spanning on-prem and cloud-based activity and how organizations can respond rapidly to security alarms with automatic protective measures.
Greg Foss will join us from LogRhythm as our guest speaker. He is a recognized security expert who created LogRhythm Invoke-Okta, a bidirectional integration framework that provides for easy interaction and automation with Okta and the LogRhythm SIEM.
We will show you how to:
- visualize and analyze data from Okta in your SIEM
- identify accounts that have compromised credentials by monitoring for successful authentications paired with failed multifactor logins
- utilize the Okta API to automate security tasks
- build upon identity monitoring to work towards a “Zero Trust” architecture
Don’t use LogRhythm or Okta? That’s okay if you don’t, because this session is focused around what’s possible when you integrate your SIEM or security analytics platform with IAM, irrespective of which products you use.
Please join us for this real training for free event.