New Features Include User Quarantine, Log Out, and MFA Reset to Improve Response Speeds and Security Posture
BOSTON, MA - Apr. 11, 2023 - Oort, provider of identity-centric enterprise security, has announced the launch of its new one-click remediation actions, designed to streamline response to identity threats. The new features include the ability to quarantine users, log out users, and reset multi-factor authentication (MFA) with a single click, enabling security teams to respond quickly and efficiently to identity threats.
Organizations are looking to improve their Identity Threat Detection and Response (ITDR) capabilities and there are a large number of potential threats that they can now detect. Nicolas Dard, VP Product at Oort said “Our customers have told us they are ready to move beyond detection to response, so we have worked with them to build some of the most powerful options that are easy to use.”
Oort already detects compromised employee accounts by alerting on administrator anomalies, new email forwarding rules, parallel sessions, and reported suspicious behavior. With the new option to “Quarantine User”, Oort customers can respond quickly to prevent compromised users from accessing applications and performing additional actions. Similarly, the log-out feature provides a quick way to remove unauthorized access. At the click of a button, all sessions can be cleared and the user logged out across all devices. If users wish to log back in, they need to re-authenticate.
Response is also about more than threats; Oort also helps teams to take action based on IAM hygiene issues. For example, when discovering discrepancies between HR and IdP records, Oort customers can now add and edit the user types to ensure consistency.
Remediation Actions occur across identity providers, including Okta, Azure AD, Duo, and G Suite. By having just one click to take action over all IdPs, ensuring effective response, reducing resolution times, and minimizing investigation time. Furthermore, Oort aggregates existing investigations, giving operators the visibility to make better decisions, decide the best remediation course, and avoid traps like MFA reset requests made by attackers.
"We are excited to launch these new Remediation Actions, which enable security teams to respond quickly and effectively to identity," said Nicolas Dard, VP of Product of Oort. "These new features demonstrate our commitment to delivering innovative solutions that enable our customers to improve the identity security program."
Remediation Actions are available immediately to all Oort customers as part of User 360 profiles within Oort Identity Security Platform. At no additional cost, Oort customers can take advantage of these new features to improve their identity threat response and enhance their security posture.
Oort is an identity-centric enterprise security platform. As a turnkey solution for Identity Threat Detection and Response (ITDR), Oort is providing immediate value to security teams by working with existing sources of identity to enable comprehensive identity attack surface management in minutes. Led by a team with decades of domain expertise across identity, networking, and security, Oort is backed by venture capital investors including Energy Impact Partners, .406 Ventures, Bain Capital Ventures, Cisco Investments and others. Market-leading technology companies, like Collibra and Avid Technology, rely on Oort to provide full visibility into their identity populations. To learn more, please visit oort.io.