Okta & Palo Alto Networks expand AI security integrations
The collaboration focuses on improving the interoperability of both companies' AI-driven security solutions, making it possible for organisations to integrate identity into their core security infrastructure. This aims to create a real-time, unified defence system that addresses operational challenges, while also delivering efficiencies in both cost and complexity.
New integrations
A key feature of the expanded partnership is a new native integration between Okta Workforce Identity and the Palo Alto Networks Prisma Access Browser. This enables enterprises to enforce conditional access controls by restricting access to single sign-on (SSO) applications solely through the secure browser option.
Another central component is an integration between Identity Threat Protection with Okta AI and Palo Alto Networks' Cortex SecOps platform. This provides organisations with a consolidated view of identity-related risks spanning their digital footprint. The integration extends to both Cortex XSIAM and Cortex XDR, providing a mechanism for thorough response to sophisticated attacks. AI is supercharging attacks on user credentials, requiring a 'fight AI with AI' approach that brings identity directly into an organisation's security infrastructure for a real-time and unified response. With Palo Alto Networks, Okta is proud to enhance the interoperability of our AI-powered platforms to prevent risks of siloed tools, providing nearly 2000 joint customers with a comprehensive view of their security posture, context-aware access controls, and secure authentication to stay ahead of today's threats.
This was stated by Stephen Lee, Vice President of Technology Partnerships at Okta. Identity plays a critical role in cybersecurity. Our deep integrations with Okta ensure that our solutions are engineered to work together, making it easier for our customers to achieve higher levels of security and user experience. These new integrations, from securing application access with Prisma Access Browser to providing unified protection against identity threats through our Cortex platform, empower organisations with comprehensive, AI-driven defence.
This comment was provided by Pam Cyr, Vice President of Technical Partnerships at Palo Alto Networks.
Operational benefits
The companies report that the two new integrations offer a route for joint customers to secure their operations while reducing both operational costs and technological complexity. The integration of Okta Workforce Identity and Prisma Access Browser, for example, enables employees to securely access corporate web applications and data from both managed and unmanaged devices. This occurs without compromising enterprise security and is intended to provide a consistent, secure, and efficient experience for users while giving security teams improved oversight and control of web application usage.
Further, the integration of Okta's Identity Threat Protection solution with Cortex XSIAM and Cortex XDR platforms enables dynamic enforcement of extra authentication steps in response to risky access and user activity. The system can trigger automated responses to security incidents, such as revoking user access, ending active sessions, or quarantining affected endpoints.
Industry context
The partnership's developments are in response to an evolving threat landscape, where attacks are increasingly sophisticated and require rapid, coordinated responses across security and identity systems.
"CISOs are clear: to move at pace with the threat landscape, security teams need integrated platforms, not just more solutions. With the rapid adoption of cloud services, SaaS applications, remote work, and now the advent of AI, organisations are being challenged by added complexity and gaps in security tools. By unifying their offerings, Okta and Palo Alto Networks are helping customers streamline operations, reduce complexity, and improve coverage of the attack surface," Maxine Holt, Vice President, Enterprise & Channel Research at Omdia, stated.
The partnership between Okta and Palo Alto Networks is focused on helping organisations meet current security challenges by consolidating identity-driven defences and reducing technology silos in enterprise security environments.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
5 days ago
- Techday NZ
Palo Alto Networks unveils Cortex Cloud ASPM to block app risks
Palo Alto Networks has introduced Cortex Cloud Application Security Posture Management (ASPM), a product designed to prevent security risks from impacting applications before they are deployed. The new Cortex Cloud ASPM module is positioned as a prevention-first solution, blocking vulnerabilities from reaching production environments. According to Palo Alto Networks, the product is intended to give security professionals and developers the ability to identify and address security risks in cloud and AI applications prior to deployment, streamlining the remediation process and reducing associated costs. Prevention-focused approach Cortex Cloud ASPM incorporates an open AppSec partner ecosystem, allowing organisations to aggregate data from various third-party code scanners within a central platform. This integration aims to improve security teams' visibility and enable them to work with their preferred development tools without disruption. Supported partner vendors include Black Duck, Checkmarx, GitLab, HashiCorp, Semgrep, Snyk, and Veracode. This release builds upon the existing Cortex Cloud platform, which previously combined cloud native application protection platform (CNAPP) capabilities with cloud detection and response (CDR) for real-time threat management. Cortex Cloud as a whole is designed to provide protection across the entire application lifecycle, using data that spans code, cloud infrastructure, and security operations centres (SOC). Detailing the organisation's vision, Sarit Tager, Vice President of Product Management at Palo Alto Networks, said: "As AI-generated code compresses application development from months to hours, security must evolve to protect the speed of innovation. Equipped with an industry-leading CNAPP, best-in-class CDR and now prevention-first ASPM, Cortex Cloud delivers the most comprehensive approach to cloud security and automatically stops risks before they reach production with end-to-end visibility across the entire application lifecycle." The integration of ASPM into Cortex Cloud is intended to enhance existing security offerings, enabling organisations to implement preventive controls across development and production environments. Key product features Cortex Cloud ASPM offers several core benefits. The platform is designed to proactively stop risks from progressing into live production environments by enforcing targeted guardrails based on application and business context. A key feature is the correlation of findings from both native security controls and third-party scanning solutions, providing prioritisation of critical and exploitable risks without mandating changes to existing development tools. Automation is another focus area for the product. The platform aims to minimise the need for manual remediation by automating security fixes, allowing both security and development teams to address vulnerabilities efficiently throughout the application lifecycle. Industry perspective Commenting on the challenges in application security, Katie Norton, Research Manager, DevSecOps and Software Supply Chain Security at IDC, said: "Application risks reaching production remain a persistent challenge for security teams and continue to leave organisations exposed. As development speed accelerates, the challenge is not just identifying vulnerabilities but focusing on those that pose real risk. By connecting application security with the live threat landscape, Palo Alto Networks' Cortex Cloud ASPM can help organisations to stop threats faster and operate more efficiently." Palo Alto Networks expects that the solution will allow organisations to streamline their approach to application security posture management, while accommodating the increasing pace of development associated with cloud and AI-driven applications. Availability Cortex Cloud ASPM is currently in early access, with general availability anticipated in the second half of 2025.
Techday NZ
6 days ago
- Techday NZ
Palo Alto upgrades Cortex Cloud to tackle AI-driven code risks
Palo Alto Networks has launched a new capability aimed at securing applications developed with AI-generated code. The latest addition, part of the Cortex Cloud platform, addresses the growing issue of quality and security lapses introduced by AI in software development. As organisations increasingly adopt AI-driven tools to speed up production, concerns are rising over poorly structured, insecure, or redundant code, sometimes described as "AI slop." These problems can result in application failures, unpredictable outages, and security vulnerabilities that are challenging to detect and resolve, particularly in cloud-native environments. ASPM focus The new module, Cortex Cloud Application Security Posture Management (ASPM), is described as a prevention-first solution, focusing on blocking security risks before deployment rather than remediating problems retrospectively. According to Palo Alto Networks, it automates the identification of potential risks and business impacts without disrupting development workflows, while prioritising serious security concerns over less significant issues. The company also introduced an open AppSec partner ecosystem within Cortex Cloud ASPM, enabling organisations to unify data from prominent third-party application security scanners. Partners include Black Duck, Checkmarx, GitLab, HashiCorp, Semgrep, Snyk and Veracode. This consolidation aims to give security teams a clearer, more comprehensive overview of their code security postures by aggregating both native and third-party insights in a single platform. The integration is designed to avoid the need for developers to switch between tools during their work. The new ASPM expansion builds on the February introduction of Cortex Cloud, a platform that merged Palo Alto Networks' cloud native application protection platform (CNAPP) and cloud detection and response (CDR) features. Customers using Cortex Cloud have access to AI-ready data spanning code repositories, cloud resources, and security operations centres, with the goal of unifying and streamlining security management. Industry perspectives "As AI-generated code compresses application development from months to hours, security must evolve to protect the speed of innovation. Equipped with an industry-leading CNAPP, best-in-class CDR, and now prevention-first ASPM, Cortex Cloud delivers the most comprehensive approach to cloud security and automatically stops risks before they reach production with end-to-end visibility across the entire application lifecycle," said Sarit Tager, Vice President of Product Management at Palo Alto Networks. According to the company, key benefits of Cortex Cloud ASPM include proactive prevention of issues from reaching production, prioritisation of genuine risks by correlating findings across a range of scanners and platforms, and extensive automation to reduce manual intervention by security and development teams. Application and software supply chain security is also a concern for industry analysts. Katie Norton, Research Manager for DevSecOps and Software Supply Chain Security at IDC, commented on the need for focused, efficient security amidst rapid development cycles. She stated, "Application risks reaching production remain a persistent challenge for security teams and continue to leave organizations exposed. As development speed accelerates, the challenge is not just identifying vulnerabilities but focusing on those that pose real risk. By connecting application security with the live threat landscape, Palo Alto Networks' Cortex Cloud ASPM can help organizations to stop threats faster and operate more efficiently." Availability Cortex Cloud ASPM is now in early access and is expected to become generally available in the second half of 2025. The company highlights the role of automated and context-aware security solutions as the pace of development increases and as AI continues to change software production practices within organisations.
Techday NZ
05-08-2025
- Techday NZ
BeyondTrust launches Phantom Labs to boost identity security research
BeyondTrust has established a dedicated cybersecurity research team, called Phantom Labs, as part of its focus on identity security and threat intelligence. Phantom Labs will draw upon years of security research and will aim to identify new threats related to identity exploitation, particularly in increasingly complex hybrid and cloud computing environments. The newly formed research team is tasked with investigating the techniques used by threat actors to escalate privileges and maintain unauthorised access, a process described by BeyondTrust as "thinking like an attacker". The intention is to help security professionals gain a deeper understanding of potential vulnerabilities so they can proactively address risks and prevent attacks that target identity systems. Research focus The expanded research function is intended to deliver several benefits to the global cybersecurity community. These include carrying out original threat research and vulnerability discovery, producing guidance for defenders in the form of mitigation playbooks and hardening recommendations, and collaborating with BeyondTrust's product teams to support the development of new security features. BeyondTrust stated that Phantom Labs formalises the work previously undertaken by its security researchers, who have already contributed intelligence and support to high-profile security incidents. Such investigations have included the discovery of critical vulnerabilities and the provision of threat intelligence that aided the response to major security breaches, including one suffered by Okta. Recent contributions The company highlighted recent contributions from its research team, which include identifying privilege escalation risks in Microsoft Entra guest accounts, developing detection models for session hijacking using data science, and releasing the Paths to Privilege research framework. The framework is now part of the BeyondTrust platform. Additionally, the team continues to work with initiatives such as the Adventures of Alice & Bob podcast to improve understanding of cybersecurity challenges across the industry. New leadership roles Alongside the launch of Phantom Labs, BeyondTrust has announced a series of new appointments to strengthen its research and development efforts. Kinnaird McQuade has joined BeyondTrust as Chief Security Architect. McQuade is known for his contributions to cloud identity security, notably through the creation of Cloudsplaining, an open-source tool with more than 40 million downloads. This tool has been used widely by security professionals to identify and mitigate risks such as data exfiltration, lateral movement, and privilege escalation, especially in hybrid and cloud environments. Fletcher Davis, an offensive security researcher and red team specialist, has been appointed to lead Phantom Labs. Davis brings experience in simulating threat actor behaviour, exposing cross-domain identity risks, and revealing complex attack paths in enterprise settings. The research activities at Phantom Labs will operate under the direction of Marc Maiffret, Chief Technology Officer at BeyondTrust. Maiffret is recognised for decades of work in identifying major software vulnerabilities and co-founding one of the early vulnerability management platforms. 'Think like a hacker.' That mindset shaped my first security startup over 25 years ago, where we helped define Vulnerability Management and built one of the first commercial security research teams," says Marc Maiffret, CTO, BeyondTrust. "Great security products require more than customer insight. They need research teams anticipating threats before they emerge. Traditional PAM solutions lag behind in addressing complex, cross-domain attack paths. And Identity Security isn't a feature you bolt on. It demands a purpose-built platform, led by research. BeyondTrust delivers that with Pathfinder and Phantom Labs - a platform purpose built to secure identities and access, powered by a team uncovering tomorrow's threats today. BeyondTrust's statement emphasised that these recent investments and changes are intended to support its mission to empower defenders with actionable insights and to foster industry collaboration on identity security standards. The company's expansion of its research function and leadership reflects what it describes as a strategic milestone as organisations continue to grapple with the challenges posed by hybrid IT and cloud environments, where identity now plays a central role in overall cybersecurity.
