Vendor Introduction: oort.io – Security Boulevard

Source: Crunchbase

Announced Date Transaction Name Number of Investors Money accumulated Leading Investors
September 28, 2020 Seed Circle – Oort 4 $ 3.1M
Apr 7, 2020 Non Equity Assistance – Oort 2 Dreamit Ventures
May 15, 2019 Non Equity Assistance – Oort 1

Source: Crunchbase

Cybersecurity Live - Boston

Oort.io is sitting on the emerging Identity intimidation Discovery at Response arena – where many organizations find it difficult to gain visibility into the range of distributed identities and entitlements scattered across hybrid cloud and SaaS resources. Lack of visibility and lack of awareness of vulnerability leads to the proliferation of threat exploitation based on how those identities are handled (or not).

Oort.io seems to have helped by quickly launching a cloud service that integrates with a range of identity management data sources – for audit at activity data as well as provider identification information. Then they applied a set of out of the box “checks”Based on their understanding of the emerging identity weaknesses. These “checks” seek to find potential misconfiguration and mismanagement of the identity infrastructure including accounts that are not MFA enabled, accounts that are not in use, accounts that are not yet logged in. or perhaps have specific characteristics missing.

In identifying specific vulnerabilities, the oort.io platform runs on a range of notification options such as email or Slack to bring a human element into the digital identity threat landscape.

The dashboard and reporting will provide a central pane of the threat identification landscape mirror before allowing integration based on ticketing for appropriate remediation.

Because many organizations are now faced with a complex landscape of on-premise, multi-cloud infrastructure as well as a host of SaaS based applications, identity management in the traditional sense is often unable to provide the level of management and governance. for life cycle management and access. control. Because such vulnerabilities are pervasive. Oort not only provides a level of visibility but also ways to incorporate human response but also audited remediation.

Go to Market Message “Get a map for identity gaps.”
Solutions Disconnected Identity Identification / Over Privileged Identities / Stale Policy Analysis / Identity Silo Inconsistencies / Identity Threat Investigation
Products / Platforms Centralized Identity Threat Cloud
Useful Links Blog
30 Day Free Trial

Overview

Oort.io provides a cloud platform that can help both security operation centers and identity and access management administrators with a centralized view of identity threats and how to respond.

Data Integrations

Out of the box integrations exist for a range of identity data sources including identity providers such as Azure AD at Okta.

HR data can be imported from the likes of Working day, SAP at Oracle HCM. Outgoing notifications come from such standard emails, as well Slack at Service now

Checks

Once the data is onboard, the analysis will come in the form of “Reviews.” Oort.io provides a range of reviews based on best practices on identity vulnerability. These tests are run against data sources to look for specific vulnerabilities.

They list the top 5 identity threats as follows:

  • Login Failures After 30+ Days of Inactivity
  • Successful Logins from Known Dangerous IPs
  • Logins from Unauthorized Email Providers
  • No Multi-Factor Authentication (MFA) Configured
  • Inactive Visitors Users

While some of these are obvious (without MFA) others are more subtle and likely to be overlooked by existing identity management and workflow processes.

Clearly once vulnerabilities have been identified, a threat investigation is needed to map out the required risk level and associated risk reduction measures.

Because identity is now at the heart of many security architectures and zero trust initiatives, the ability investigate every identity and every level of identity violation is interesting.

This will require clear dashboarding and heat maps, to prepare the necessary teams with the right information about their risk identification infrastructure,

Response

Identifying vulnerabilities and risks is only part of the lifecycle of security management. An interesting angle oort to promote, is the ability and the need for tao based interaction when it comes to identity threats response and remediation.

They promote the goal of designated remediation-either individual account owners or line managers with a deep understanding of the business-related account identity and consent landscape. This delegation approach is interesting-because it not only places accountability on individuals, but can also begin to see organizations move away from the “check box” mentality often associated with more traditional access review processes.

Apparently the sweet spot for ITDR is probably organizations with a quite mature set of identity management resources, That seems obvious, but clearly platforms like oort need data and that data needs to be available from a variety of sources – whether it’s identity providers, HR or other system application activity.

As a cloud delivered platform, oort can certainly be targeted at organizations without a large group of identity specialists and access management personnel, allowing small at medium size of business you have improved visibility and control over what becomes a complex identity infrastructure.

Oort.io is a new startup entering the emerging Identity Threat Detection and Response sector. While organizations of all sizes embrace identity security first and the use of IAM as a business enabler, the need to have enhanced vulnerability management and visibility is critical. Data and permissions are disconnected from centralized business processes in SaaS applications, hybrid cloud infrastructure and rapid application consumption that could potentially increase the threat vector of an poorly managed identity and access management infrastructure.

Strengths

  • Cloud first allows small and medium-sized organizations to onboard and analyze identity data quickly
  • A set of out of the box integrations provide a code -free way of retrieving data on the platform
  • Oort provides a set of “reviews” that provide an immediate way to start finding vulnerabilities across the identity landscape
  • A way of providing first-person remediation to violations can help eliminate the “check box” mentality approach.

The Vendor Introduction post: oort.io first appeared on The Cyber ​​Hut.

*** This is a Security Bloggers Network syndicated blog from The Cyber ​​Hut written by Simon M. Read the original post at: https://www.thecyberhut.com/vendor-introduction-oort-io/? utm_source = rss & utm_medium = rss & utm_campaign = vendor-introduction-oort-io

#Vendor #Introduction #oortio #Security #Boulevard #Source Link #Vendor Introduction: oort.io – Security Boulevard

Leave a Comment