惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

小众软件
小众软件
IT之家
IT之家
博客园 - 聂微东
www.infosecurity-magazine.com
www.infosecurity-magazine.com
P
Privacy International News Feed
人人都是产品经理
人人都是产品经理
PCI Perspectives
PCI Perspectives
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 叶小钗
V
Vulnerabilities – Threatpost
美团技术团队
S
Secure Thoughts
N
News | PayPal Newsroom
L
LINUX DO - 最新话题
腾讯CDC
Application and Cybersecurity Blog
Application and Cybersecurity Blog
雷峰网
雷峰网
B
Blog
MyScale Blog
MyScale Blog
T
The Blog of Author Tim Ferriss
TaoSecurity Blog
TaoSecurity Blog
N
News and Events Feed by Topic
Blog — PlanetScale
Blog — PlanetScale
C
Check Point Blog
T
Tailwind CSS Blog
月光博客
月光博客
Simon Willison's Weblog
Simon Willison's Weblog
Hacker News: Ask HN
Hacker News: Ask HN
The Last Watchdog
The Last Watchdog
Google DeepMind News
Google DeepMind News
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
MongoDB | Blog
MongoDB | Blog
S
Security @ Cisco Blogs
Jina AI
Jina AI
Engineering at Meta
Engineering at Meta
S
Security Affairs
Forbes - Security
Forbes - Security
P
Palo Alto Networks Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
博客园 - 司徒正美
博客园 - 三生石上(FineUI控件)
T
Tor Project blog
O
OpenAI News
L
Lohrmann on Cybersecurity
Security Archives - TechRepublic
Security Archives - TechRepublic
P
Proofpoint News Feed
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
L
LangChain Blog
B
Blog RSS Feed
H
Hackread – Cybersecurity News, Data Breaches, AI and More

Okta Security RSS Feed

OpenSSL HollowByte: A DoS Hiding in 11 Bytes Datadog and Okta Combine for New Customer Detections Detecting OpenClaw at Sign-In Okta Hardening Guide Updated to Secure Non-Human Identities Okta Pooled Security Audits: a One-Year Retrospective Account Recovery, without Password Resets Okta’s Response to React2Shell Uncloaking VoidProxy: a Novel and Evasive Phishing-as-a-Service Framework Attackers Target Hotelier Accounts in Malvertising and Phishing Campaign Using Auth0 Logs for Proactive Threat Detection Controlling Cross-App Data Sprawl in Google Workspace How this ClickFix campaign leads to Redline Stealer Paving the Path: Pooled Audits with Okta Security Building Confidence in Support Comms with Caller Verify at Okta Okta’s Secure by Design Pledge - One Year On Leveraging Okta System Logs for Proactive Threat Detection Enhancing Customer Trust Through a Comprehensive Audit Program Okta's new Security Technical Implementation Guide (STIG) A Guide to DORA Compliance with Okta How AI services power the DPRK’s IT contracting scams Detect and Prevent Cross Device Authentication How Responsible Disclosures are Shaping a Safer Cyberspace Cybersecurity’s Next Gen Next.js CVE-2025-29927 CSO Conversations: Matthew Hansen, Regional CSO of Americas West Empowering Security with Customer Trust Solutions Putting Security First with Secure Development One trick finds the root of any Okta troubles CSO Conversations: Stephen McDermid, Regional CSO of EMEA Content-Security-Policy in a Complex Environment CSO Conversations: Keiko Itakura, Regional CSO of Japan How Okta Embraces Identity Verification Using Persona CSO Conversations: Matt Immler, Regional CSO of Americas East Raising the Bar for our Industry with IPSIE Cyber-Safety over the Holidays Okta Social Engineering Impersonation Report - Response and Recommendation Five Reasons to Upgrade your Org to Okta Identity Engine Okta’s Ongoing Commitment to Secure By Design Unveiling the Essence of the Security Customer Trust Function Security Education Through the Art of Storytelling Seven Ways to Reduce Super Admins in Okta The Case for Zero Standing Privileges FastPass: The battle-hardened authenticator Detecting Cross-Origin Authentication Credential Stuffing Attacks How to Block Anonymizing Services using Okta Why Cyber-heroes need a Zero Trust CAEP! Okta Verify Vulnerability Disclosure Report - Response and Remediation Defensive Domain Registration is a Mug’s Game Protecting Administrative Sessions in Okta How to Secure the SaaS Apps of the Future Okta October 2023 Security Incident Investigation Closure October Customer Support Security Incident - Update and Recommended Actions Unauthorized Access to Okta's Support Case Management System: Root Cause and Remediation Tracking Unauthorized Access to Okta's Support System Go “Secure by Default” With Custom Admin Roles for IT support staff Cross-Tenant Impersonation: Prevention and Detection BYO Telephony and the future of SMS at Okta Saying “No Thanks” to nOAuth Telling More Okta Detection Stories with Google Chronicle An Unexpected Endorsement for WebAuthn Social Engineering is Getting More Extreme, but the Fixes Can Be Simple Study up on Okta Logs for Splunk’s Boss of the SOC! Keeping Phishing Adversaries Out of the Middle Using Workflows to Respond to Anomalous Push Requests Okta and Splunk Combine to Detect Common Attacks Setting the Right Levels of Assurance for Zero Trust Catch-All's and Canary Rules User Sign-in and Recovery Events in the Okta System Log Okta Code Repositories Detecting Real-Time Phishing Attacks Detecting Real-Time Phishing Attacks Okta’s Response to OpenSSL Security Update Monitoring for Abuse of Administrative Privileges System Log: a Window into Supporting the Okta Cloud The Human Factor in Phishing Resistance Auth0 Code Repository Archives From 2020 and Earlier Phishing Resistance and Why it Matters Detecting Scatter Swine: Insights into a Relentless Phishing Campaign Defending against Session Hijacking Unlocking the Mystery of 700+ Okta System Log Events Official Okta Statement on LAPSUS$ Claims Protection, without perimeters We (still) need to talk about RDP Just How Risky is Legacy Authentication?
Enabling ISO/IEC 27001:2022 Compliance with Okta
Gemma Parkes · 2025-06-04 · via Okta Security RSS Feed

ISO/IEC 27001 continues to be a globally recognized security standard and a consistently popular choice for today’s organizations seeking to demonstrate robust security controls and the effectiveness of their Information Security Management Systems (ISMS). This blog introduces a new Factsheet that provides guidance on how Okta can support organizations of any size in achieving or maintaining compliance to the ISO/IEC 27001:2022 standard.

What is ISO/IEC 27001:2022?

ISO/IEC 27001 is an international standard for information security management. It provides a framework for organizations to follow to establish, implement, monitor, and maintain an effective Information Security Management System (ISMS). The standard consists of security controls, which are divided into groups of:

  • Organizational, 

  • People,

  • Physical, and 

  • Technological controls.

The 2022 iteration of the standard introduced “Operational Capabilities” such as Identity and Access Management (IAM). By implementing applicable IAM controls in an organization’s environment, it can be demonstrated that best practices are being followed for securing information, data, and assets.

How Okta supports compliance to ISO/IEC 27001:2022

Okta and Auth0 are ISO27001:2022-compliant. Our platforms can also support organizations in achieving or maintaining their compliance to the ISO/IEC 27001:2022 standard. 

To guide our customers on how Okta can support, we’ve recently released a helpful new resource: The ISO/IEC 27001:2022 Compliance with Okta Platform Factsheet. This Factsheet provides an overview of ISO27001’s benefits and a detailed summary of how Okta’s products provide a unified approach in compliance adherence to IAM-specific and other controls. Keeping our customers in mind, we’ve methodically documented our guidance in three key sections:

  • How Okta Supports IAM Controls

  • How Okta Supports Non-IAM Specific Controls

  • ISO/IEC 27001:2022 Reporting Requirements

Each section is strategically mapped to Okta products that support adhering to the controls, as presented. Leveraging the control guidance of the Factsheet can benefit all Okta customers, even organizations not currently targeting adherence to these controls.

More on Compliance

Okta upholds a strong compliance framework to demonstrate our commitment to maintaining highly available, secure, and resilient products and services. Many of these controls are embedded in Okta’s business-as-usual activities. We invite you to visit our new Factsheet, as well as our latest independent audit reports and other security compliance-related documents on our Security Trust Center. For more information on accessing Okta's Security Trust Center, visit our Okta Docs.

The Security Trust Center and all available documentation is accessible to customers and prospects of Okta. Site visitors can view Okta’s certifications and access industry-standard questionnaires. To learn more about our efforts, read our blog article, Empowering Security with Customer Trust Solutions.  Keep watching as we publish additional helpful resources; more to come.

Disclaimer: While this article discusses certain legal concepts, it does not constitute legal advice. It is provided for informational purposes only. For legal advice regarding your organization's compliance needs, please consult your organization's legal department. Okta makes no representations, warranties, or other assurances regarding the content of this article. Information regarding Okta's contractual assurances to its customers can be found at okta.com/agreements.

Gemma Parkes is a Security Assurance Analyst in the EMEA region at Okta. The Customer Assurance team within Security Trust & Culture supports Okta’s growing customer base with inquiries pertaining to security and compliance. Working within the defence and aerospace industry, then moving to global corporations supporting public and private sector customers, Gemma has gained extensive experience in implementing and managing security frameworks and associated security practices. Backed by over 20 years of experience in security governance, risk management, and compliance, she now enjoys working collaboratively to provide strategic support to Okta’s customers and prospects. In her downtime, Gemma enjoys spending time with her family and going to the theatre.