Okta & Palo Alto Networks unite for AI-powered identity security
The cooperation introduces new integrations designed to help organisations automate threat response, secure access to applications from any device, and minimise the risks that come with using isolated security tools.
Integration details
The partnership brings together Okta Workforce Identity with Palo Alto Networks' Prisma Access Browser. This connection establishes a conditional access method that restricts access to single sign-on (SSO) applications by requiring the use of a secure browser. A separate integration connects Okta's Identity Threat Protection with Okta AI directly to the Palo Alto Networks Cortex SecOps platform. This allows organisations to get a unified view of identity-related threats across all assets and surfaces, extending coverage to the CortexSIAM and Cortex XDR platforms for a more complete response to advanced attacks.
With this, enterprises can enforce stricter controls over application access, monitor risk signals in real time, and trigger automated responses, such as revoking user access or quarantining endpoints, when suspicious activity is detected.
Industry perspectives "AI is supercharging attacks on user credentials, requiring a 'fight AI with AI' approach that brings identity directly into an organisation's security infrastructure for a real-time and unified response," said Stephen Lee, Vice President of Technology Partnerships at Okta. "With Palo Alto Networks, Okta is proud to enhance the interoperability of our AI-powered platforms to prevent risks of siloed tools, providing nearly 2000 joint customers with a comprehensive view of their security posture, context-aware access controls, and secure authentication to stay ahead of today's threats."
Pam Cyr, Vice President of Technical Partnerships at Palo Alto Networks, commented: "Identity plays a critical role in cybersecurity. Our deep integrations with Okta ensure that our solutions are engineered to work together, making it easier for our customers to achieve higher levels of security and user experience. These new integrations, from securing application access with Prisma Access Browser to providing unified protection against identity threats through our Cortex platform, empower organisations with comprehensive, AI-driven defence."
Steph Barnett, Vice President, Presales at Okta APJ, said: "Across Asia Pacific, organisations are under pressure from faster, more targeted cyberattacks, yet too many still rely on siloed tools that can't keep pace. A more integrated, identity-centric approach is essential. That's why this expanded partnership between Okta and Palo Alto Networks matters. We are bringing identity into the centre of threat detection and response, improving visibility across the attack surface, and reducing complexity through intelligent automation. This announcement is a clear example of Okta's partner-first strategy in action, working with industry leaders to deliver powerful, scalable security solutions."
Orcun Tezel, Vice President, Technical Solutions, Asia Pacific and Japan at Palo Alto Networks, added: "Today's dynamic, complex threat landscape requires organisations to strengthen identity protection while simplifying security operations. Our expanded partnership with Okta helps organisations fend off sophisticated identity-based attacks and build a strong Zero Trust framework, enabling seamless, secure access anywhere, on any device. This collaboration reflects our commitment to deliver unified, automated security outcomes that reduce complexity for customers across the region."
Customer impact
The two primary integrations delivered by the partnership are aimed at helping joint customers enhance their defences while reducing cost and operational complexity:
Firstly, the integration between Okta Workforce Identity and Prisma Access Browser adds a protection layer for web-based activities, allowing employees to securely access business applications and data even from unmanaged devices. This ensures a consistent browsing experience while security teams maintain control and oversight of software-as-a-service (SaaS) and web app usage.
Secondly, unifying Okta's Identity Threat Protection with Palo Alto's Cortex XSIAM and Cortex XDR enables the dynamic application of additional authentication steps for risky activities. This integration automates threat responses, such as immediate revocation of access or isolation of compromised sessions.
Industry analysts believe that this type of cooperation addresses a core need for enterprises seeking to manage diverse threats with fewer resources. Maxine Holt, Vice President, Enterprise & Channel Research at Omdia, said: "CISOs are clear: to move at pace with the threat landscape, security teams need integrated platforms, not just more solutions. With the rapid adoption of cloud services, SaaS applications, remote work, and now the advent of AI, organisations are being challenged by added complexity and gaps in security tools. By unifying their offerings, Okta and Palo Alto Networks are helping customers streamline operations, reduce complexity, and improve coverage of the attack surface."
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
3 days ago
- Techday NZ
Palo Alto Networks unveils Cortex Cloud ASPM to block app risks
Palo Alto Networks has introduced Cortex Cloud Application Security Posture Management (ASPM), a product designed to prevent security risks from impacting applications before they are deployed. The new Cortex Cloud ASPM module is positioned as a prevention-first solution, blocking vulnerabilities from reaching production environments. According to Palo Alto Networks, the product is intended to give security professionals and developers the ability to identify and address security risks in cloud and AI applications prior to deployment, streamlining the remediation process and reducing associated costs. Prevention-focused approach Cortex Cloud ASPM incorporates an open AppSec partner ecosystem, allowing organisations to aggregate data from various third-party code scanners within a central platform. This integration aims to improve security teams' visibility and enable them to work with their preferred development tools without disruption. Supported partner vendors include Black Duck, Checkmarx, GitLab, HashiCorp, Semgrep, Snyk, and Veracode. This release builds upon the existing Cortex Cloud platform, which previously combined cloud native application protection platform (CNAPP) capabilities with cloud detection and response (CDR) for real-time threat management. Cortex Cloud as a whole is designed to provide protection across the entire application lifecycle, using data that spans code, cloud infrastructure, and security operations centres (SOC). Detailing the organisation's vision, Sarit Tager, Vice President of Product Management at Palo Alto Networks, said: "As AI-generated code compresses application development from months to hours, security must evolve to protect the speed of innovation. Equipped with an industry-leading CNAPP, best-in-class CDR and now prevention-first ASPM, Cortex Cloud delivers the most comprehensive approach to cloud security and automatically stops risks before they reach production with end-to-end visibility across the entire application lifecycle." The integration of ASPM into Cortex Cloud is intended to enhance existing security offerings, enabling organisations to implement preventive controls across development and production environments. Key product features Cortex Cloud ASPM offers several core benefits. The platform is designed to proactively stop risks from progressing into live production environments by enforcing targeted guardrails based on application and business context. A key feature is the correlation of findings from both native security controls and third-party scanning solutions, providing prioritisation of critical and exploitable risks without mandating changes to existing development tools. Automation is another focus area for the product. The platform aims to minimise the need for manual remediation by automating security fixes, allowing both security and development teams to address vulnerabilities efficiently throughout the application lifecycle. Industry perspective Commenting on the challenges in application security, Katie Norton, Research Manager, DevSecOps and Software Supply Chain Security at IDC, said: "Application risks reaching production remain a persistent challenge for security teams and continue to leave organisations exposed. As development speed accelerates, the challenge is not just identifying vulnerabilities but focusing on those that pose real risk. By connecting application security with the live threat landscape, Palo Alto Networks' Cortex Cloud ASPM can help organisations to stop threats faster and operate more efficiently." Palo Alto Networks expects that the solution will allow organisations to streamline their approach to application security posture management, while accommodating the increasing pace of development associated with cloud and AI-driven applications. Availability Cortex Cloud ASPM is currently in early access, with general availability anticipated in the second half of 2025.
Techday NZ
3 days ago
- Techday NZ
Palo Alto upgrades Cortex Cloud to tackle AI-driven code risks
Palo Alto Networks has launched a new capability aimed at securing applications developed with AI-generated code. The latest addition, part of the Cortex Cloud platform, addresses the growing issue of quality and security lapses introduced by AI in software development. As organisations increasingly adopt AI-driven tools to speed up production, concerns are rising over poorly structured, insecure, or redundant code, sometimes described as "AI slop." These problems can result in application failures, unpredictable outages, and security vulnerabilities that are challenging to detect and resolve, particularly in cloud-native environments. ASPM focus The new module, Cortex Cloud Application Security Posture Management (ASPM), is described as a prevention-first solution, focusing on blocking security risks before deployment rather than remediating problems retrospectively. According to Palo Alto Networks, it automates the identification of potential risks and business impacts without disrupting development workflows, while prioritising serious security concerns over less significant issues. The company also introduced an open AppSec partner ecosystem within Cortex Cloud ASPM, enabling organisations to unify data from prominent third-party application security scanners. Partners include Black Duck, Checkmarx, GitLab, HashiCorp, Semgrep, Snyk and Veracode. This consolidation aims to give security teams a clearer, more comprehensive overview of their code security postures by aggregating both native and third-party insights in a single platform. The integration is designed to avoid the need for developers to switch between tools during their work. The new ASPM expansion builds on the February introduction of Cortex Cloud, a platform that merged Palo Alto Networks' cloud native application protection platform (CNAPP) and cloud detection and response (CDR) features. Customers using Cortex Cloud have access to AI-ready data spanning code repositories, cloud resources, and security operations centres, with the goal of unifying and streamlining security management. Industry perspectives "As AI-generated code compresses application development from months to hours, security must evolve to protect the speed of innovation. Equipped with an industry-leading CNAPP, best-in-class CDR, and now prevention-first ASPM, Cortex Cloud delivers the most comprehensive approach to cloud security and automatically stops risks before they reach production with end-to-end visibility across the entire application lifecycle," said Sarit Tager, Vice President of Product Management at Palo Alto Networks. According to the company, key benefits of Cortex Cloud ASPM include proactive prevention of issues from reaching production, prioritisation of genuine risks by correlating findings across a range of scanners and platforms, and extensive automation to reduce manual intervention by security and development teams. Application and software supply chain security is also a concern for industry analysts. Katie Norton, Research Manager for DevSecOps and Software Supply Chain Security at IDC, commented on the need for focused, efficient security amidst rapid development cycles. She stated, "Application risks reaching production remain a persistent challenge for security teams and continue to leave organizations exposed. As development speed accelerates, the challenge is not just identifying vulnerabilities but focusing on those that pose real risk. By connecting application security with the live threat landscape, Palo Alto Networks' Cortex Cloud ASPM can help organizations to stop threats faster and operate more efficiently." Availability Cortex Cloud ASPM is now in early access and is expected to become generally available in the second half of 2025. The company highlights the role of automated and context-aware security solutions as the pace of development increases and as AI continues to change software production practices within organisations.
Techday NZ
5 days ago
- Techday NZ
BeyondTrust launches Phantom Labs to boost identity security research
BeyondTrust has established a dedicated cybersecurity research team, called Phantom Labs, as part of its focus on identity security and threat intelligence. Phantom Labs will draw upon years of security research and will aim to identify new threats related to identity exploitation, particularly in increasingly complex hybrid and cloud computing environments. The newly formed research team is tasked with investigating the techniques used by threat actors to escalate privileges and maintain unauthorised access, a process described by BeyondTrust as "thinking like an attacker". The intention is to help security professionals gain a deeper understanding of potential vulnerabilities so they can proactively address risks and prevent attacks that target identity systems. Research focus The expanded research function is intended to deliver several benefits to the global cybersecurity community. These include carrying out original threat research and vulnerability discovery, producing guidance for defenders in the form of mitigation playbooks and hardening recommendations, and collaborating with BeyondTrust's product teams to support the development of new security features. BeyondTrust stated that Phantom Labs formalises the work previously undertaken by its security researchers, who have already contributed intelligence and support to high-profile security incidents. Such investigations have included the discovery of critical vulnerabilities and the provision of threat intelligence that aided the response to major security breaches, including one suffered by Okta. Recent contributions The company highlighted recent contributions from its research team, which include identifying privilege escalation risks in Microsoft Entra guest accounts, developing detection models for session hijacking using data science, and releasing the Paths to Privilege research framework. The framework is now part of the BeyondTrust platform. Additionally, the team continues to work with initiatives such as the Adventures of Alice & Bob podcast to improve understanding of cybersecurity challenges across the industry. New leadership roles Alongside the launch of Phantom Labs, BeyondTrust has announced a series of new appointments to strengthen its research and development efforts. Kinnaird McQuade has joined BeyondTrust as Chief Security Architect. McQuade is known for his contributions to cloud identity security, notably through the creation of Cloudsplaining, an open-source tool with more than 40 million downloads. This tool has been used widely by security professionals to identify and mitigate risks such as data exfiltration, lateral movement, and privilege escalation, especially in hybrid and cloud environments. Fletcher Davis, an offensive security researcher and red team specialist, has been appointed to lead Phantom Labs. Davis brings experience in simulating threat actor behaviour, exposing cross-domain identity risks, and revealing complex attack paths in enterprise settings. The research activities at Phantom Labs will operate under the direction of Marc Maiffret, Chief Technology Officer at BeyondTrust. Maiffret is recognised for decades of work in identifying major software vulnerabilities and co-founding one of the early vulnerability management platforms. 'Think like a hacker.' That mindset shaped my first security startup over 25 years ago, where we helped define Vulnerability Management and built one of the first commercial security research teams," says Marc Maiffret, CTO, BeyondTrust. "Great security products require more than customer insight. They need research teams anticipating threats before they emerge. Traditional PAM solutions lag behind in addressing complex, cross-domain attack paths. And Identity Security isn't a feature you bolt on. It demands a purpose-built platform, led by research. BeyondTrust delivers that with Pathfinder and Phantom Labs - a platform purpose built to secure identities and access, powered by a team uncovering tomorrow's threats today. BeyondTrust's statement emphasised that these recent investments and changes are intended to support its mission to empower defenders with actionable insights and to foster industry collaboration on identity security standards. The company's expansion of its research function and leadership reflects what it describes as a strategic milestone as organisations continue to grapple with the challenges posed by hybrid IT and cloud environments, where identity now plays a central role in overall cybersecurity.
