KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Generative AI not only represents opportunities to transform Security for your organisation, but it creates new risks both in the hands of attackers and when deploying AI models within your technology stack. Wondering how you can responsibly use the benefits of AI in Identity and Access Management? Join our Senior Solution Engineer Arkadiusz Krowczynski to learn how you can apply AI capabilities to increase security, improve user experience and maximise operational efficiency.
Generative AI not only represents opportunities to transform Security for your organisation, but it creates new risks both in the hands of attackers and when deploying AI models within your technology stack. Wondering how you can responsibly use the benefits of AI in Identity and Access Management? Join our Senior Solution Engineer Arkadiusz Krowczynski to learn how you can apply AI capabilities to increase security, improve user experience and maximise operational efficiency.
Yeah, good afternoon everybody, and welcome to my session. The topic for today is Jen and I and identity and security. We call it the potential and the risk, and I will try, try it or I will cover it. I would say more from the Okta side of the house, so to be on a safe side of the house. So be sure our safe harbor slide that I will briefly touch, I would say forward looking statements and try to explain, I would say upcoming products. I'm definitely safe and we can kick things off. So a few words about myself.
So this is my vision and this is, I would say, or these are the things I really like to do. I'm AIS Kozinski. I'm working as a core senior solution engineer doctor and covering the central Eastern Europe area. And in addition to this, I'm part of several subject matter expert programs all around the globe. And one of these SME programs is the topic around gene ai, and that's why I decided to take this track.
Okay, let's get started. So I think, and I assume everybody knows them and everybody uses them in their daily work. So our lovely AI tools like T Microsoft Copilot and maybe also Gini Pro from Google. So why we are using them, because it's so easy. Yeah. So open up the, the app or open up the browser, navigate into chat PT and asking a question, Hey, can you tell me what the company Okta is doing?
Yeah, you're immediately getting in an answer. So just joking. So AI tools really gives us the flexibility, I would say, to save time to get the information very fast and yeah, to speed up the skillset. And I would say to finish our tasks day by day faster. When it comes to Microsoft Co-pilot for all the Microsoft friends that are in the, in the, in the ecosystems, we spoke with a lot of customers and colleagues, really amazing tool how this is interacting with the Office 365 suite. So creating PowerPoint presentation, creating meeting notes, drafts, et cetera. So really impressive.
And maybe also Gemini Pro to all the, to all the Google workspace or to all the, the Google friends that are, that are working with it. I know, and I'm, I, or I know in general there are more AI tools out there that I would definitely not elaborate in detail here, but what we hear or what are sometimes hear from customers and also from people that yeah, it causes maybe some, some fear or some, some kind of respect when we are talking about gen AI or general topic ai as always in life with new topics, oh, they are good news and they are bad news.
So gene AI has some potential but also some risk when it comes to identity and security. So just briefly zooming, zooming in, when we're talking about the potential of gene AI topics like enhanced identify, I enhance identity verification. So for example, using biometrics notification to really triggering or disallowing the false positive in the and and enter negatives and also to save access to, to, to our data.
Then we have the topics like advanced threat detection, so the gen AI can really learn behaviors and patterns and when some exchange this can be flagged or executed and as a potential risk. And the outcome, for example, about advanced threat detection can be automated response systems. So the gen AI can really auto automatically create tasks to, I would say killer session, execute, execute, I would say workflows, et cetera based, based on the definitions that we give, the risks that they are associated with Gen ai.
I would say when you browse in, in the world economic identity re report are topics like generation of deep fakes. So we are talking about identity fraud and misinformation, so spreading misinformation and also trying to maybe manipulate people to, I would say, to talk about other decision or I would say making other decision, especially this year when we are talking about election. This topic I would say is an important and can be a dangerous one. Then the data, then the topic data security, especially in Europe or in Germany as the AI topic really needs a massive amount of data.
There can be concerns around data security and privacy. And last but not least, nowadays, the economic barrier. So implementing such solutions can really be very, very costly. So cost a lot of money, and we are, and if we're talking about, I would say well-funded organizations that don't have the financial aspects, they cannot use this modern AI tools. So in the next minutes, I would like to elaborate how we at OK are powering the AI era. So I will definitely cover already existing AI features.
We'll talk briefly about our latest AI product that we released some weeks ago, and we'll also give a sneak peek of potential new products that we will be releasing in the future. So the first one that talk about is Okta Threat Insights. Okta Threat Insights is really the first barrier. So it's a machine learning AI driven software that really checks if someone is accessing the, the Okta endpoints. If this access is is based on credential based attacks.
So with the machine learning mechanism, we are tracking the Okta tenants, I would say, or our, our infrastructure and flagging this ips if someone really tried to access our infrastructure. Yeah, so this, this feature or this functionality really kicks, really kicks in before the identification policy are getting evaluated or, and even before the risk level starts. So it's really everything before we are logging in into, into, into our environment.
Our second AI driven feature is our adaptive adaptive multifactor identification, I would say based on, based on security and phishing resistant notification. So we allow dynamically adapt security when it comes to behavior detection. We can adjust policy and based on this AI driven multifactor and risk-based identification, we can really give our customers and our users, our partners have very nice and strong user experience because nowadays we all should know that I would say using a password and the basic MFA is not good enough anymore.
Then I would like to briefly talk about our latest big AI announcements that went live in in early access state in the beginning of April after several teams really worked hard for more about two years. so-called identities threat protection with Okta, with Okta ai, with ITP.
So-called, we built a comprehensive solution that's really lays the focus on protection in post, in the post identification area. So we are now able to really secure the identities in real time. We within Okta, ITP and our AI are taking our, our own signals, but also third party signals as triggers and trying to constantly reevaluate access to sessions, but also identities.
Yeah, and this is, and this in real time and all within our AI risk driven infrastructure. What we are also having in our identities, threat protection capabilities is, is a kind of list view insights. So we are giving our customers that are, that are part of this powerful insight about the whole security infrastructure means I can tell, hey, tell me which users are at risk, which risk level are the users currently on ai? Please tell me why a certain user was, I would say put it to quarantine or, or I would say moved out from a certain application.
So this is happening all in our AI risk engine. Last but not least, we have the option to really execute automated threat remediation means that we can execute, for example, inline MFA to trigger a second notification factor.
We can, I would say cut access to application or nowadays we are also able, what we announced last week, last year, our obtain conference really kill all the sessions and this is so-called in the Okta context, the universal lockout. So we at Okta are not only speaking now at with single signon, but also now about universal lockout. So with identity fraud protection, we now have to option, I would say, to secure the complete lifetime of the Okta session from the, from the, from, from, from, from, from the beginning of the login to the logout.
And this is from our point of view, a really powerful solution when we now zoom in and take all examples. So it slides are looking different on my screen, like on your screen. So looking at the Octa AI risk system, we are giving our customers a kind of, I would say all inclusive holidays. So threat insights, the preor notification, we have the behaviors where our customers can really customize controls based on, based on anomaly detection networks, et cetera.
Then as mentioned, we have the risk based identification with our phishing resistant MFA at last but not least, our latest and powerful innovation called identity threat protection. Now, let's take a step back and, and zoom in. I would say how, how AI and how I would say our Okta AI is working. First of all, as always, we need a massive amount of data. Then we need, I would say models to pro to process this data. And last but not least, we need to able to take actions.
Yeah, different actions, log in, log out, send out, send out notification, prompt form of prompt form for, for an MFA, et cetera. Yeah. And we all know that AI is only as good as the data that it's feed by and the action that you can take. Yeah. And we in Okta have the big benefit that we, we have the data and we have the actions. So we can take the threats, the usage, the access policies, the risk signals.
Now from identity threat protections, we can take the, I would say information from different integration and we can check the users, the customers and the partners because we are covering, I would say several use cases and use this data to really perform real time actions. So for our developers security actions, but also policy and notifications actions. And the good news is that as always, we are not stopping and we are working, I would say, on new product releases and I would say further AI improvements.
So topics like a kind of AI policy recommendation where I will be hopefully able to ask my AI in the future, Hey, I want to secure and specific application ai, please, can you tell me what is the best way to do it with which notification factors should I use here? AI lock in investigation. So we will turn questions into insights.
So I, or we want to ask our AI engine, Hey, please tell me why my colleague Ian was kicked out of the Salesforce application last Thursday. Yeah. And last but not least, maybe for the workforce entity cloud, our AI governance analyzer. So we really try to unlock and get the best quality of data when it comes to, to IGA topics, to, to perform roles and create users. But for sure, we are also working on topics for our developers, topics like AI for action, so giving us the options to create an automated task or onboarding applications and flows easier.
And also a kind of AI identity flow optimizer. So these are definitely top topics that we are working on and we are really looking forward. Conclusion. So to sum this up, also in boost the words of our CIO, Todd, Todd McKinnon that you mentioned last year, due to the internet and cloud area, every company became a technology company, right? But the new reality is that every company is or will become an AI company. Yeah. So with this information and with the opportunity, we need to decide do we stay, do we want to go fast or we want to stay behind?
And we should ask the questions like what we need to do, what is our AI strategy? Can, can we, I would say, reach more customers with a more AI effective user experience? Yeah. Which competitive advantage AI will give us, and how can AI make my teams working more efficient? And maybe it may be faster. So I know that not everybody's able to answer the questions now, but these are definitely the questions that we will need to answer in the future. But what we are from Okta know for sure that this new world of AI really needs identity more than ever. Yeah.
And the last topic or the last message from our side, from my side that don't worry, AI will not take over the role. Yeah, the control role.
So we, the people are still in charge. And from my point of view, it's a kind of skill shift and it's really a big opportunity, I would say, to work with new, with this new models, to work with this new solutions to really not fall behind and stay on top. Thank you. Does anybody have any questions? Any questions in the room? I have one question again from the online audience, I have to confess, it's a little bit difficult to read, but basically can you elaborate a little bit more how this lockout feature works and does it, what kind of sessions does it apply to?
Yeah, so in the, in the initial early access release, we are supporting a wide range of SaaS application that are part of the universal lockout. So within our Okta integration network, we have nearly 8,000 integration. And as a starting point, we have, I would say around 15 application that you really can, can configure for universal lockout.
And when this universal lockout is configured, you can, you can deep dive into a kind of continuous access elevation policies and create, I would say, automated task that if a certain risk level I would say will occur, someone is clicking on a, on a malicious link, you can create an action and say, if this, if this entity risk policy say that the risk is high, please lock me out of my Salesforce, of my Google, or maybe also of my Microsoft tenants. So this is all within the application in our Okta integration network, plus the entity risk policy that can be configured in our AI engine. Okay.
Great. Thanks a lot. Thanks again.
