Powerful new capabilities to secure individual and outside collaborator identities
BOSTON, MA - July. 11, 2023 - Oort, a provider of identity-centric enterprise security, is excited to announce its integration with GitHub, the world's most popular source code management tool. This partnership aims to strengthen identity security posture and extend threat detection and response capabilities to safeguard sensitive assets and data within source code repositories.
In light of recent security breaches across various organizations, including high-profile incidents affecting notable companies like Okta, Dropbox, Gentoo Linux, and Microsoft, the significance of identity security for code repositories has never been higher.
Adversaries target code repositories because of the value of the data that often sits within them. If they gain unauthorized access, they can extract hard-coded keys and passwords, and harvest credentials for unauthorized access to cloud services and databases hosted on platforms like Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP).
GitHub, with its massive user base of 90 million active users, serves as a critical foundation for securing both open-source projects and private enterprise repositories. “There is no question that GitHub is a critical part of the organization's infrastructure, but locking it down is a complex and challenging identity security problem,” says Matt Caulfield, CEO of Oort. “The beauty of the GitHub model is that it allows for unfettered collaboration, but that also creates one of the biggest headaches in modern IT security.”
Oort’s new integration with GitHub will seek to address the complex identity security challenges stemming from the collaborative nature of the platform. Oort will continuously monitor for internal and external users where no multi-factor authentication (MFA) is configured, inactive user accounts, rare browser activity, admin roles assigned to users, and instances where a user's tenant is accessed from a new country. By monitoring these specific factors, Oort will strengthen identity security and prevent unauthorized access to GitHub repositories.
Furthermore, Oort will consolidate all activity in one place, providing organizations with a centralized view of user activities and entitlements across various identity providers like Okta, Azure AD, and Duo. This holistic approach ensures a comprehensive understanding of identities, enabling swift detection and response to potential security incidents.
"We're thrilled to release this integration with GitHub," said Nicolas Dard, VP of Product at Oort. "In a world where attackers constantly target code repositories, successful identity security programs need more visibility and greater controls to protect against account takeovers.”
This integration is free to use and can be set up in the Oort dashboard within 5 minutes. To benefit from these new capabilities, customers must have an Enterprise GitHub plan. We're excited to invest in and improve this integration, and we welcome your valuable feedback to make it even better.
Oort is an identity-centric enterprise security platform. As a turnkey solution for Identity Threat Detection and Response (ITDR), Oort is providing immediate value to security teams by working with existing sources of identity to enable comprehensive identity attack surface management in minutes. Led by a team with decades of domain expertise across identity, networking, and security, Oort is backed by venture capital investors including Energy Impact Partners, .406 Ventures, Bain Capital Ventures, Cisco Investments and others. Market-leading technology companies, like Collibra and Avid Technology, rely on Oort to provide full visibility into their identity populations. To learn more, please visit oort.io.