Okta faces identity security challenges despite commitment to secure design standards

Okta is facing challenges in identity security despite signing CISA’s Secure by Design pledge. A recent security flaw allowed unauthorized access by bypassing username authentication, highlighting weaknesses in their testing processes. Okta advises customers to check their logs for unusual activity. While Okta reports high adoption of multi-factor authentication (MFA), competitors like Google and Microsoft are making MFA mandatory. This shift underscores a gap between Okta's voluntary measures and the industry's evolving security standards. To improve security, Okta needs to enhance its vulnerability management and red teaming efforts. Learning from AI companies, Okta should adopt proactive testing and real-time threat intelligence to better identify and address vulnerabilities before they can be exploited.