Security

Grace Wardhana, Okta
Tomer Mayara, Okta
Thanh-Ha Nguyen, Okta
Thomas Duesing, Okta

Security is crucial for every organization. Security serves as the foundation of trust across the enterprise, customers, and beyond. Join this session to walk away with a rich toolset of security capability built on the Okta platform. From adopting a modern zero trust architecture to securing end users - see how Okta's security roadmap helps you achieve your security outcomes. In this session, we plan to cover:

1. Okta's bold roadmap for infrastructure access, including domain-joined user support, policy-based RBAC, and much more.
2. Exciting new product enhancements for risk analysis and ThreatInsight. Understand Okta's approach to leveraging external risk signals into the risk platform. Explore improvements to ThreatInsight algorithms.
3. Finally, we will look at Okta's approach to authenticators, assurance, and more. Learn how authenticators, assurance policies, and smart policy evaluation can ensure the right access.  See how Okta is providing increased user and admin visibility.

Join us not just to hear but also see exciting new demos by the product team.

Tanvir Ahmed, Okta
Aakash Mehta, Okta

As the world increases towards a mobile-centric digital landscape, providing differentiated security and user experience across mobile and digital channels is pivotal. In this session, we will explore End to End Device use-cases using Okta devices SDK, API, Device Grant Flow story touching upon how Okta enables you to securely authenticate/transact on various devices. We plan to also touch upon some of the upcoming work for the SDK, Transactional MFA etc. We hope customers get a good understanding of how to leverage Okta in their overall CIAM unmanaged device strategy. This session will likely include a MVP demo using the devices SDK.

Sean Frazier, Okta
Joyce Edson, City of LA
Pedro Agosto, Washington D.C. Dept. of Consumer & Regulatory Affairs
John Kindervag

Raise your hand if your job as a Security & Operations leader was hard before 2020. Okay, now raise your hand if your job got a LOT harder in 2020. You can put your hands down everybody, we feel you. Join our panel discussion at Oktane where some of your peers let it out, sharing some of the newer challenges that have emerged in recent times with advice on how best to cope. After all, who couldn't use a little therapy session every now and then?

Jason Georgi, Global Field CTO for Prisma Access, Palo Alto Networks

Remote working is here to stay, even if how it looks will change over time. It's time to get serious about treating remote access as a primary means of accessing company resources, making security and end user experience compromises unrealistic. Future-proofing your mobile worker strategy is critical - with true Zero Trust Network Access (ZTNA) and digital experience management (DEM), Palo Alto Networks is redefining cloud-delivered security for the next generation of mobile work.

Ryan Kalember, EVP of Cybersecurity Strategy, Proofpoint

While the steady drumbeat of bad news made cybersecurity often feel hopeless this past year, the outlines of a better future clearly emerged. The threat landscape still targets people and their digital identities, relies heavily on social engineering, and preys on the connections we make in the cloud. The path forward flows through the same channels: putting people and digital identity at the center of our security strategies.

Join Ryan Kalember, Proofpoint’s EVP of cybersecurity strategy, as he delves into:

• How attacks on people have evolved, and where they’re likely to go next
• How organizations are winning the battle against cybercrime with people-centric controls
• What a more secure future looks like

Sponsored by Proofpoint

Carlos Marin, Chrome Product Manager, Google
Marcus Koehler, PM Chrome OS Enterprise, Google

With the dramatic increase in distributed workforces and the growing adoption of cloud applications, companies face unprecedented levels of IP, data, and identity sprawl beyond the enterprise firewall. Every endpoint is an entry into your business, cybercriminals have more ways to break in than ever before, and human error on the inside is a constant risk. Historically, endpoint security has been a zero-sum game—with the odds inevitably stacked against IT. But rather than protect devices, what if you could just control the security of them?

In this session, see how Chrome OS and Chrome Browser provide proactive protection for users, devices, applications, and data, wherever work happens. Learn how zero trust security models combine identity and Chrome to help put IT ahead of the game.

Lakshmi Hanspal, Global CISO, Box
Tiffany Benton, Bain Capital

Cloud security and privacy is growing increasingly complex. Adopting cloud technologies, and creating a secure, frictionless, collaborative environment helps people achieve more by doing less. In this session, learn how Box is powering collaboration for customers and employees with a zero-trust model, even when they do come back to the office.

Steven D’Sa, VMware
Greg Armanini, VMware
Rusty Burchfield, DoorDash

VMware Workspace ONE®, in partnership with Okta, delivers the best-in-class capabilities required for today’s anywhere workforce. In this session, you will learn how to deliver an experience hub with simplified remote employee onboarding, self-service and employee workflows. Using Factor-Based Device Trust you can secure it on any device OS and enrollment type for a zero-trust world. In addition to hearing about how other organizations take advantage of workspaces, you will get deployment tips from VMware experts.

Jeannie Warner. Director of Product Marketing, CrowdStrike

Zero Trust is a security framework requiring all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data. 

The basic principles of Zero Trust per NIST 800-207:  

1. Continuous verification of all entities trying to access a resource via dynamic policy
2. Use of behavioral analysis, static hygiene information, and attack patterns combined with policies
3. Analysis of information from the IT “stack” including user, workload, endpoint to create risk scores and threat graph
4. Enforce segmentation and least privilege principles

Most organizations who have not started on Zero Trust blame the complexity, as they’re often managing over 130+ security tools. Adding more just makes the employees miserable.

But is there a simpler way?

Jeannie Warner, CISSP will share how CrowdStrike’s Zero Trust approach for endpoint, workload, and identity, along with the technical partnership with Okta, make Zero Trust simpler and more cost efficient to manage – fast.