There are all kinds of online threats out there and the modes of attack shift and change constantly. Protecting your websites, apps, and APIs from such threats requires multiple layers of security. Shape Security and Okta provide distinct sets of security solutions but are tightly integrated across platforms to support fast and highly secure access for the end user. This alliance currently delivers four critical capabilities:
Okta, one of the world’s premier providers of identity solutions, is well known and highly trusted for offering powerful and easy-to-implement Identity-as-a-Service (IDaaS) solutions, including critical single sign-on (SSO) capabilities and other functionality that contributes to a comprehensive identity and access management (IAM) solution for both customer and workforce identity. This solution provides users with a single, centralized point to log in and access all of the applications to which they are authorized access, and they empower organizations to manage and secure all those user credentials.
F5 and Okta have a longstanding partnership, reflected in the fact that as the Okta platform grows, so does its ability to integrate with F5’s own growing portfolio. Accordingly, the Okta platform has developed features and capabilities that enable solutions from Shape Security to be more efficient and more powerful than ever.
Shape Security is a leader in fraud and abuse prevention, providing protection from automated attacks, botnets, and targeted fraud across the full range of an organization’s digital experiences. The company’s flagship solution, Shape Enterprise Defense, distinguishes real users from malicious bots and automation before login, removing malicious traffic before it even has the opportunity to hammer your login and identity system. This is an important, resource-saving step that becomes more and more necessary every day. Shape’s experience shows that it’s not unusual for 70-90 percent of an organization’s web site’s daily log-in attempts to be from non-human visitors. These may be cheap, rudimentary bots that do nothing but cycle through the millions and millions of stolen and leaked credentials that are already in the wild, one after another, over and over, throwing username and password combinations at your site and hoping for even a tiny fraction to make it through, or they can be motivated attackers that use sophisticated security tools to circumvent mitigations and emulate human behavior to evade detection. With Shape Enterprise Defense, there is now a powerful tool to stop attackers from targeting and retooling to bypass your defenses.
Shape Anti-Fraud Engine (SAFE) monitors for anomalous activity across the entire customer journey, identifying malicious intent to prevent fraudulent transactions. Knowing that motivated attacks may use human click farms or manually interact with an application to bypass anti-automation defenses, SAFE provides an extra blanket of protection from fraud.
Another of the company’s solutions, Shape Recognize, leverages the intelligence that is gained while protecting users at login and uses that information to make repeat visits—by legitimate users—smoother than ever before. Technology like this is already an important part of many leading ecommerce sites, but in most cases, users never even notice it. And that’s very much by design—helping users remain secure without constantly hassling them to identify themselves, enter passwords, or “prove you are not a robot” upon every repeat visit.
For its part, Okta has developed the Okta Risk Ecosystem API to work directly with Shape Security solutions to increase security while providing users a smooth, frictionless experience. For example, when Shape Recognize identifies a returning user that has previously, legitimately logged-in, that information is shared with the Okta CIAM system which in turn enables the user to extend their session without friction.
No matter the extent of your online presence—websites, mobile apps, APIs—your customer identity access management (CIAM) system needs to be able to examine incoming traffic, know where (and who) it is coming from, and apply the appropriate protections. To get the most out of these core capabilities, you also need to be able to share this critical information among the other security components within your ecosystem. By partnering together and sharing their vast stores of threat-based knowledge, F5 and Okta provide a highly granular level of protection to the full suite of security tools you already use.
“Delivering a seamless yet secure experience continues to be the top priority for our customers,” said Maureen Little, VP Technology Partnerships, Okta. “To outsmart the bad actors, a new model for continuous and scaled authentication is required where identity and risk solutions cooperate closely. We couldn’t be more pleased with our partnership with F5 and the capabilities we jointly provide to ensure that our customers are secure.”