The IT Nerd

Cerby, the comprehensive identity platform for disconnected applications, today announced it’s collaborating with  Okta, the leading independent Identity partner,  to improve threat detection and response when user accounts are compromised.

Cerby is introducing a new integration that enhances coverage of Universal Logout, part of Identity Threat Protection with Okta AI, to any application by leveraging Cerby’s capability to support application logout without requiring public APIs. This capability is particularly useful when security threats are detected, and immediate response is critical. Cerby’s technology enables Okta to build reliable and scalable integrations without requiring application changes. It also allows Okta customers to protect a broader set of applications, including those out of scope for traditional identity providers. 

Universal Logout enables organizations to terminate user sessions and their tokens for supported applications when Identity Threat Protection detects a change in risk, enabling faster threat response and significantly reducing the attack window.

Universal Logout key features include:

Comprehensive Access Revocation

• One-click revocation across all devices and supported applications
• Support for top applications, including those from Microsoft, Google, Salesforce, Slack, and more
• Continuous expansion of supported applications

Intelligent, Context-Aware Action

• Responds to changes in device context without user interaction
• Triggers logout even for out-of-band signals, a unique capability in the industry
• Adapts logout actions based on risk level and affected applications

Deep Access Revocation

• Eliminates all active tokens and session data
• Dismantles the entire chain of authorization inheritance
• Works to eliminate  lingering access points 

Seamless Integration

• Works with Okta’s Post-Auth Actions and Entity Risk Policy
• Complements Identity Threat Protection’s precision risk response capabilities  

As a result of the integration, organizations can bolster their security posture by significantly reducing the window of vulnerability during security events and enabling an immediate response mechanism when user accounts are compromised. In addition, they can improve operational efficiencies through streamlined security operations, incident processes, and simplified user offboarding procedures.

The new integration will become generally available later in 2024.

For more information, visit their solution web page.

 Cerby, the comprehensive access management platform for nonstandard applications, today announced its newest report, Threat Briefing: Social Media Security and Elections Volume II, a year-over-year analysis and research into social media platforms Facebook, Twitter, Instagram, TikTok, and Youtube across six key security parameters. The report provides detailed insights into gaps in their support for enterprise-grade authentication and authorization and the critical need for best practices for businesses and political leaders to secure their accounts as the November 2023 US elections quickly approach.

Cerby’s researchers scored each platform’s security on a scale of 0 to 5. Security categories included 2FA methods, enterprise-grade authentication and authorization, role-based access control (RBAC), privacy, enterprise-ready security, and account usage profiling. Platforms designated with a score of 0 do not support security controls or do not have a public roadmap to implement them. In contrast, those with a rating of 5 fully support security controls, and the controls are mature. In this year’s report, Cerby added YouTube and removed Reddit to align the evaluation with the current top social media platforms.

The average score across all platforms slightly improved from 2.54 in 2022 to 3.02 in 2023, marking an 18.9% enhancement. For the second year in a row, Facebook took the top prize with an overall score of 3.74. YouTube came in second at 3.15. Taking the third spot was Twitter with 2.95, followed by Instagram at 2.78, and TikTok at 2.5.

Key findings regarding security and privacy controls on social media platforms include:

• Two-factor authentication (2FA): Twitter significantly improved 2FA by supporting the phishing-resistant FIDO2 standard (a global authentication standard based on public key cryptography), scoring a perfect 5–joining the ranks with Facebook and YouTube.
• Enterprise-grade authentication and authorization: The category saw no change from last year. This finding highlights a glaring security gap and low adoption of vital standards such as SAML for authentication (single sign-on or SSO) and the System for Cross-domain Identity Management (SCIM) for automated user access onboarding and offboarding. Both are critical controls for protecting against account takeovers and individuals retaining access to high-profile accounts after they leave an organization.
• Privacy controls: An average increase of 25% was noted, primarily driven by Facebook’s significant improvements. Facebook leaped from 1.5 to 3.5 due to solid enhancements, specifically with time-based third-party access—an essential safeguard against retained access.
  

The report found that while the year-over-year comparison showed advancement in 2FA methods, the need for enterprise-grade authentication and authorization was concerning. This lack of integration can leave political and business leaders vulnerable to credential reuse attacks and account takeovers, resulting in large-scale disinformation campaigns, particularly during elections.

To read about the report’s findings in greater detail and learn what proactive measures political leaders and businesses can take to fortify their online presence against escalating threats that lurk within the social media landscape, download Cerby’s Threat Briefing: Social Media Security and Elections Volume II here.

Cerby, the comprehensive access management platform for nonstandard applications, today announced that the company has raised $17 million in Series A funding. Two Sigma Ventures led the round with significant participation from Outpost Ventures, an investment platform of Neuberger Berman. Participating investors include Ridge Ventures, Founders Fund, Bowery Capital, AV8, Salesforce Ventures, Tau Ventures, Okta Ventures, Incubate Fund, and Ben Johnson, co-founder of Obsidian Security and Carbon Black.

Cerby received significant inbound interest and preemptive terms sheets due to the unique risk they address in the identity and access management (IAM) market – nonstandard applications. These applications do not support common identity and security standards like APIs, Single Sign-on (SSO), and protocols for automating employee onboarding and offboarding from critical applications.

A recent study by the Ponemon Institute found that 52% of organizations have experienced a cybersecurity incident caused by their inability to secure nonstandard applications, posing an increasingly challenging risk in every business. This spotlights the growing need for a fully connected identity mesh that works for all applications: on-premises, OT, legacy, and cloud – not just those supporting standards. 

This latest round brings the company’s total funding to $32.5 million. The funds will be used to scale Cerby’s go-to-market efforts, including expanding sales and marketing efforts; accelerating innovation of Cerby’s access management solution for nonstandard applications; further building on customer momentum and industry research; continue investing in generative AI to enhance development speed and maintenance of integrations; and reinforce international teams and customers with additional support.

Founded in 2020, Cerby has evolved from its inception with a focus on managing access to applications for marketing teams to expand its reach to sales, product, financial services, and healthcare applications, catering to public SaaS and privately hosted applications. The investment highlights Cerby’s need in the financial services sector, which is often heavily dependent on nonstandard applications. Recent achievements in addition to fundraising include the company becoming Okta partner-approved and filing two patents to advance its IP strategy.