Assessing Identity Breach Risks: Lessons for Secure IAM Practices

This presentation delves into the October 2023 Okta security breach, exploring its key impacts and significance. It provides background on identity security, emphasizing IAM vulnerabilities and vendor roles. The breach's method, stakeholder impact, and detection gaps are analyzed, followed by examples of recommended mitigations such as automated HAR file sanitization and phishing-resistant MFA. Concluding with lessons learned, it highlights the importance of Zero Trust principles, defense-in-...