Integrating IAM Solutions with SIEM

Security teams are overwhelmed with a high volume of user accounts. That’s why they’re turning to Identity Access Management (IAM) solutions for help. IAM should go beyond enabling consistent identity and Single Sign On (SSO) and instead seamlessly integrate with your SIEM and enhance security operations.

In this on-demand webcast, Greg Foss, senior manager of threat research at LogRhythm, and Randy Franklin Smith, Ultimate Windows Security expert, will team up to reveal how you can gain full visibility into IAM events.

The duo showcases a real-world example of a SIEM and IAM integration using LogRhythm and Okta, and demonstrate how it matures security operations. Gain an understanding of how you can use this integration to rapidly respond to security alarms with automatic protective measures.

The two dive into how security analysts can make more informed decisions and perform better investigations when they have the full picture of IAM events — ranging from on-premise to cloud-based activity.

Watch this on-demand webcast to learn how to:

  • Visualize and analyze data from Okta in your SIEM
  • Identify accounts that have compromised credentials by monitoring for successful authentications paired with failed multifactor logins
  • Utilize the Okta API to automate security tasks
  • Build upon identity monitoring to work toward a “Zero-Trust” architecture

Presenter Greg Foss is a recognized security expert and is responsible for creating LogRhythm Invoke-Okta, a bidirectional integration framework that enables the automation of Okta within the LogRhythm SIEM. Invoke-Okta is a PowerShell script that utilizes the Okta API to fully handle a majority of security-focused use cases, such as clearing user sessions across all Okta-integrated applications or resetting a user’s password.

Watch the on-demand webcast now to learn how you can integrate SIEM with IAM and start your move towards the Zero-Trust model.