CrowdStrike Falcon Identity Protection delivers identity threat detection and response (ITDR) capabilities, protecting organizations from identity-based attacks in real time. It unifies identity and endpoint protection. Falcon® Identity Protection ensures comprehensive visibility and protection across on-premises, cloud, and hybrid identity environments. By baselining normal user behavior, it detects and prevents malicious identity activity, stopping adversaries in their tracks. It also extends…
N/A
Okta
Score 8.9 out of 10
N/A
Okta is an enterprise grade identity management service, built in the cloud. IT can manage access across any application, person or device. Whether the people are employees, partners or customers or whether the applications are in the cloud, on premises or on a mobile device, Okta helps IT become more secure and maintain compliance. The Okta service provides directory services, single sign-on, authentication, provisioning, workflow, and built in reporting. ment systems.
Identity Protection is well suited for organizations that need to be monitor AD/Entra for suspicious activity. During a Penetration Test our MDR didn't alert on some odd protocol implementations, but ITDR did. It is also simple to setup for MFA on RDP as well. There are other solutions for it, but found I got more out of ITDR than I did from Duo. ITDR is less suited for smaller organizations since it has a 250-seat minimum. They should lower it to at least 100.
It has extensive compatibility and rich feature set of integrating with a wide array of core systems and SaaS platforms. Daily I utilize Okta's user-friendly central hub to simplify access the numerous applications we utilize within my company (Google Workspace, Slack, Zoom, Salesforce, Microsoft Office 365, among many others.)
I'm not sure it's really a room for improvement thing, but due to the granularity offered by Okta, sometimes it can be challenging to find exactly what you're looking for.
There was an instance in which we had issues getting SAML configured for an application. I feel this challenge was mostly user error (on our part) because we didn't realize the SAML instructions were SPECIFIC to each app integration and changed (codes) each time. We attempted to mirror the settings/configurations of an existing app (same app, but different domain). I think having a note somewhere that indicated that the instructions were unique to each integration would have saved us a bit of time. Again, I'm not sure this is really an issue with Okta though, more of a user learning curve thing.
Sometimes searching for things is a challenge (without the "Rockstar" add-in). For example, if you have a user group called "Okta_users_everyone", searching for "everyone" will not find it. You have to search for the beginning of the object name (not just any part of it). The ability to search partial or wildcard would greatly enhance search functionality.
Okta has a passion to provide secure and scalable identity solution. Their passion has come across as advocacy in a way that has deepened my knowledge of the field of authentication. I took identity for granted before but after seeing features such as external authentication I know that Okta can enable my business to reach new heights
While the product is solid, I do find there are an excessive number of sections you can navigate to. It takes some time getting used to, but it is a very powerful product. It's not something you'll master right off the bat.
The Okta Identity Cloud advertises 4 9's of reliability and I would go as far to say that it may even do better than that. As a true Global organization that operates in just about every region of the world, we have yet to have an issue with The Okta Identity Cloud that has impacted our business operations.
From my perspective, for the things that my group uses it for, Okta is very fast. It is as least as fast as the local password database methods that it replaces on our campus enterprise services. I do not believe that it slows anything down at all. In fact, not having to think too much about the login, because they all look the same, probably speeds things up somewhat.
We've had a few support cases over the years and every case has been handled by the Okta support team beautifully. We received clear answers to questions we had regarding setup and even were provided simple to follow guides on how to setup their product to use with custom applications.
When comparing to Cisco Duo, I felt like the product offered more than just MFA on RDP. When comparing to Silverfort, it came down to pricing. Silverfort was double the cost and I didn't like how Silverfort had separate SKUs. If you wanted MFA on everything the cost increased dramatically.
With respective to user interface and license cost, we thought The Okta Identity Cloud was better than other tools for use. Their customization of license was another reason for us to go with The Okta Identity Cloud over other tools.
Being a cloud native application, The Okta Identity Cloud is extremely scalable and easy to setup. By integrating into existing directories and applications via standard techniques and protocols, it is very easy to both initially setup and add additional users as required. Once all the necessary integrations are setup, it's a simple rinse and repeat process to onboard additional users (which can be automated with imports as well)
Being able to see right away during a Penetration Test that the product detected anomalies, but our MDR service didn't. It allowed us to go back to the MDR service to show them the results and fix the issue from slipping through the cracks.
By satisfying the requirements from our insurance provider, our premiums didn't go up (MFA on RDP).
