Truth in IT
    • Sign In
    • Register
        • Videos
        • Channels
        • Pages
        • Galleries
        • News
        • Events
        • All
Truth in IT Truth in IT
  • Data Management ▼
    • Converged Infrastructure
    • DevOps
    • Networking
    • Storage
    • Virtualization
  • Cybersecurity ▼
    • Application Security
    • Backup & Recovery
    • Data Security
    • Identity & Access Management (IAM)
    • Zero Trust
    • Compliance & GRC
    • Endpoint Security
  • Cloud ▼
    • Hybrid Cloud
    • Private Cloud
    • Public Cloud
  • Webinar Library
  • TiPs
  • DRAW

Palo Alto Networks: How Enterprise Browsers Protect Identity from Modern Attacks

Palo Alto Networks
07/03/2026
0 (0%)
Share
  • Comments
  • Download
  • Transcript
Report Like Favorite
  • Share/Embed
  • Email
Link
Embed

Transcript


Media Group. Delighted to be talking about secure browser and identity. Joining me in ISMG studio are Ofer Ben-Noon, he's a CTO SaaS here at Palo Alto Networks. Joined by Jamie Fitzgerald, VP Product Management, Access Management with Okta. Jamie, Ben, Ofer, thank you so much for being here today. Thank you for hosting us. I want to start by talking about the attack surface a little bit. What are the types of attacks on identity that give you the most concern today? And they are growing. Unfortunately, that's probably the most concerning thing is that they are growing. And I think why? Because adversaries understand that if they're able to compromise identity, they have persistence, they are much harder to detect. So what types of things are we seeing? You hear them in the news every day, you hear phishing, you hear credential theft, you hear account takeovers, token hijacking. I think every step of the way, we continue to see adversaries respond and react to the different types of controls that we're putting in place, to where they start to shift to onboarding, recovery. They're starting to use AI agents, browser plugins, where there's a gamut of different types of attacks that we're seeing on a regular basis. But to your point, there's more and more against identity. Okay, so Ofer, how are these attacks preying upon the inherent weaknesses in the consumer browsers many enterprises are using? Look, I think the most interesting thing is that, in a sense, the browser is becoming now the gateway to identity, right? Because at the end of the authentication flow, you are getting a cookie, a token, which is becoming now your digital identity as a user, as an employee, right? So when the malicious actors are able then to have key logging, screen scraping, cookie theft, in a sense, they're able to take over your identity. So when the browser itself is not secure, when the browser itself is vulnerable, it's fairly easy to just hijack your identity and then from everywhere in the world, access the organizational resources and to download. So even if we have the best identity security capabilities, the browser itself is not secured, then all of the identity theft process is becoming much easier and to surpass a lot of the protections that we have on the identity itself. And the other part of the story is how do we connect between the identity and the device controls, right? Because if we're thinking about the whole ZTNA concept, it's about connecting between the user, which is the identity, the device and application, so we can really add a lot of capabilities on the device side of the house. So I'm thinking about the convergence of the unsecured browsers with the rise in machine identities, exponential. What are the biggest security gaps arising from this convergence? So I'll take that. I think that what we're seeing is, again, you hear AI, you hear AI agents and all these things, and some of these concepts are new and some of them are not. Conceptually, for some time, we've had this challenge of a machine needing to communicate with another machine, and the easiest way to do that is normally what organizations and adversaries lean into. What does that mean? It means that they create a token or they auth as themselves to allow a machine to act on behalf of that individual user. Well, now that's just, again, the exponential phase of AI and folks seeing the value prop, the fact that I can move faster, I can do more, means that people are quickly leaning into how AI and agents to machine identities can help them. Well, the problem there, again, is that they're not following proper authentication methodologies. They're not using authorization correctly. They're just quickly, how quickly can I move faster? There's all this AI, look at all this awesomeness that's out there. And therefore, we're starting to see more and more of those different types of attacks. Again, there are some great tools that are out there. There are right best practices, but again, the business need versus doing the right thing has continued to be a challenge that we hear again and again from our customers. Great. Does that resonate with you, Ofer? Super resonating. So, I want to ask your advice for enterprises, and I guess, Jamie, this would be for you. What do you advise for improving identity management across all platforms and for all identities? So many things I'd love to advise, but I think- Too summarized. Right, too summarized. Let me use my LLM in my brain. And I think a few things. I think first things first, moving towards more and more secure auth. I think remote phishing attacks continues to be a real live attack surface, and there are much lower bars to raise security when it comes to just pure auth than there ever were before. So, I'm excited about that, and I think people should really look at it. I think when you start to look at it, you talked about devices and where devices come into play. Again, what we're telling our customers to do is to, as much as possible, control the device. It's great. You can't always do that. There's BYO. There's contractors. There's all these partner stories. And so, when you can't do that, what can you do? Well, there's certain ways that you can understand basic posture, good hygiene, leveraging those capabilities in all of your authentication decisions. And then, you start looking at partnerships like the ones we have, and you start looking at things like Secure Browser and how they can really complement a very large, diverse, hybrid-deployed enterprise, which is almost all of them. Ofer, your advice. What do you advise enterprises when it comes to moving to a secure browser? I think that when we're thinking about this conjunction between identity and secure browser, the biggest advantage is to say, look, now that we control the identity, the user, we know who can access what, and we can really have a good sense on the identity side. If we secure the browser itself, we can really harmonize that security to have the trust to run also in an insecure environment, right? So, as Jamie has mentioned, when the trend of BYO is continuing and definitely not reducing, we have the ability to say, even in a hostile environment, when good chances that there is an Info Stealer, which is doing key logging, trying to look at the memory of the browser to extract the identity token, in situations where someone is trying to look at the screen and to see, okay, that is the username and password, and now I'll try to hijack the MFA code. We are allowing the security and allow that identity process to happen also in a hostile environment and blocking that Info Stealer from taking over the browser, taking over the non-encrypted databases and caches, and in a sense, allowing that to happen in an environment which is hostile. The second area, I think, is now that we understand the identity, how do we apply the right DLP mechanisms around it? Because it's okay that you say, okay, we now understand that the user is the user, and we know that we are running from a BYO versus a managed environment. How do we now limit what the user can do on the endpoint itself, right? Because from the identity side, you can say where you can access, what you can do in terms of the SaaS applications, but what about, okay, when can you copy-paste the data out? When can you download a file which can be open or the file has to be encrypted on the operating system? I think really bringing these two together of knowing, okay, we have the access part covered, we have the secure browser, but in conjunction, we're able to really give the organization the full freedom and granularity of who can do what with the data in terms of the SaaS applications and the service and in terms of the endpoint side. I think that's why I'm so excited about this partnership. Totally. Funny you should mention that because I want to ask you about the partnership. It's no coincidence I've got the two of you here. What are Okta and Palo Alto Networks doing together to help your customers address these challenges? Yeah, so I think if you think about, again, what Ophir described, how do we work together to ensure that the controls, all the goodness that Ophir just laid out, is able to be enforced, right? Control matters. In security, it's about how do I balance choice for my users and productivity and all those other things with controls. One of the key things that we've been working on very closely is to ensure that when you're an Okta customer and you're a Palo Alto Networks customer, we want to make sure that when we work together, it becomes basically trivial for us to say, okay, you have standardized on Prisma Access Browser. How can I ensure that you can't access anything unless you're leveraging this amazing toolset? Our partnership starts off with that and making it dynamic and simple and a more native integration that is not brittle and actually lasts over time. So we're excited about that as the first step. We've got a lot of other things that we're cooking in the oven, but that's something we're really excited to talk about as part of RSA. Good. Ophir, anything you want to add to that? It's already quite fun, exciting to see how the first early customers are benefiting from this partnership. So it's already in early availability. Some of the largest organizations which are really seeing how the secure browser and identity can complement each other and really give them the next level of control, compliance. And excited about upcoming June where we are going to have general availability for all of our joint customers. Okay. You're teasing it. I got to ask you, what news are you announcing at RSAC 2025? For us, in terms of the secure browser, we are talking about our advanced anti-phishing capabilities, our VDI reduction support for Azure Virtual Desktop. We're talking about our additional capabilities for Gen AI security, Prisma Access Browser 2.0, which is the next level of secure browser. So we're quite excited about it and extremely excited about this partnership because at the end of the day, browser and identity has always been so important for our customers and very excited about this partnership. Absolutely. Jamie, what do you want to add to that? What are you talking about here at RSAC? A couple of things. I'll start with some of the things we've been working on, which are, again, the Prisma Access Browser integration. We actually also have an integration with something called Okta Identity Threat Protection, which is another way for us to have the single point where you connect Okta and Palo Alto networks is expanded in its capabilities to go to the browser, to go to the endpoint and the security automation tools and making those things work together. So that's exciting. I think all up, when it comes to Okta, some of the other exciting things that we've been working on is, I mentioned AI, you can't have a conversation without talking about AI. But because of the fact that we're actually seeing a lot of organizations lean in towards AI agents and how they're building their own tool sets and how they're thinking about how you provide access and control to the data at the enterprise level, Okta is really a key component there. We provide the layer of auth and authorization as well as authentication between these agents. And so we're working really hard to allow the next builder of an app or the next large customer that's trying to leverage AI and AI agents to do it in a secure way that's all grounded and rooted in proper, secure identity. So we're really excited about that. We've been ready to launch here at RSA. Well, I'm excited to have the two of you here. So Jamie, Ofer, thank you so much for your time and your insight. Absolutely. Thank you. Thank you. Again, we've been talking with Jamie Fitzgerald with Okta, Ofer Bendun with Palo Alto Networks. We've been talking about identity and secure browser. For Information Security Media Group, I'm Tom Field. Thanks so much for giving us your time and attention today.

TL;DR

  • Browsers have become the gateway to identity—authentication tokens and cookies stored in unsecured browsers are prime targets for info stealers, key loggers, and credential theft attacks.
  • Adversaries are evolving beyond phishing to target onboarding flows, recovery processes, and increasingly use AI agents and browser plugins to compromise identity at scale.
  • Secure enterprise browsers can protect identity processes even on unmanaged BYOD devices by blocking info stealers from accessing browser memory and preventing credential extraction.
  • The Okta and Palo Alto Networks partnership enables native enforcement of secure browser requirements, with general availability launching June 2025.

The Browser as Identity's Weakest Link

This ISMG-hosted discussion brings together Palo Alto Networks CTO SaaS Ofer Ben-Noon and Okta VP of Product Management Jamie Fitzgerald to examine why browsers have become the critical vulnerability in enterprise identity security. The conversation establishes that authentication flows ultimately deliver tokens and cookies that represent digital identity—and when browsers lack proper security controls, these credentials become easy targets for info stealers, key loggers, and screen scrapers. The experts explain how adversaries have evolved their tactics beyond traditional phishing to target onboarding, recovery flows, and increasingly leverage AI agents and browser plugins to compromise identity at scale.

Securing Identity in Hostile Environments

The discussion pivots to practical guidance for enterprises navigating the BYOD reality where managed devices aren't always possible. Jamie Fitzgerald emphasizes moving toward phishing-resistant authentication methods and leveraging device posture signals in access decisions even for unmanaged endpoints. Ofer Ben-Noon explains how secure browsers enable organizations to protect identity processes even in hostile environments—blocking info stealers from accessing browser memory, preventing credential theft, and applying granular DLP controls based on user identity and device context. The partnership between Okta and Palo Alto Networks is positioned as enabling seamless enforcement of secure browser requirements through native integration, with general availability announced for June 2025 following early customer deployments.

Chapters

0:00 - Introduction and Speakers
0:29 - Identity Attack Landscape
1:28 - Browser as Identity Gateway
3:07 - Machine Identity Risks
4:44 - Identity Management Advice
6:11 - Secure Browser Benefits
8:56 - Okta-Palo Alto Partnership
10:46 - RSAC 2025 Announcements

Key Quotes

1:43 "The browser is becoming now the gateway to identity, right? Because at the end of the authentication flow, you are getting a cookie, a token, which is becoming now your digital identity as a user, as an employee."
2:10 "So when the browser itself is not secure, when the browser itself is vulnerable, it's fairly easy to just hijack your identity and then from everywhere in the world, access the organizational resources."
4:33 "The business need versus doing the right thing has continued to be a challenge that we hear again and again from our customers."
7:02 "Even in a hostile environment, when good chances that there is an Info Stealer, which is doing key logging, trying to look at the memory of the browser to extract the identity token... we are allowing the security and allow that identity process to happen."

FAQ

How does a secure enterprise browser protect identity credentials?

Secure browsers protect identity by preventing info stealers from accessing browser memory to extract authentication tokens, blocking key logging attempts during credential entry, and securing the non-encrypted databases and caches where session cookies are stored. This allows secure authentication even on unmanaged or potentially compromised devices.

What does the Okta and Palo Alto Networks partnership provide?

The partnership enables native integration that makes it trivial to enforce secure browser requirements for Okta authentication. When deployed together, organizations can ensure users cannot access resources unless they're using Prisma Access Browser, with dynamic enforcement that isn't brittle and persists over time. General availability is planned for June 2025.


Categories:
  • » Cybersecurity » Zero Trust
  • » Cybersecurity » Endpoint Security
  • » Data Protection
Channels:
News:
Events:
Tags:
  • Identity & Access
  • Zero Trust
  • Endpoint Management
  • Technical Deep Dive
  • Interview
  • enterprise browser security
  • identity protection
  • credential theft prevention
  • info stealer defense
  • BYOD security
  • zero trust network access
  • AI agent security risks
  • DLP controls
Show more Show less

Browse videos

  • Related
  • Featured
  • By date
  • Most viewed
  • Top rated
  •  

              Video's comments: Palo Alto Networks: How Enterprise Browsers Protect Identity from Modern Attacks

              Upcoming Webinar Calendar

              • 07/09/2026
                01:00 PM
                07/09/2026
                The HUMAN Experience: Empowering Agentic Trust in Practice
                https://www.truthinit.com/index.php/channel/2026/the-human-experience-empowering-agentic-trust-in-practice/
              • 07/14/2026
                01:00 PM
                07/14/2026
                Crafting an Elite Security Team to Achieve Championship-Level Defense
                https://www.truthinit.com/index.php/channel/2025/crafting-an-elite-security-team-to-achieve-championship-level-defense/
              • 07/14/2026
                02:00 PM
                07/14/2026
                Understanding the Crucial Role of Context in AI Data
                https://www.truthinit.com/index.php/channel/2037/understanding-the-crucial-role-of-context-in-ai-data/
              • 07/21/2026
                04:00 AM
                07/21/2026
                Strategies for Managing AI Governance and Securing App-to-LLM API Traffic
                https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
              • 07/21/2026
                01:00 PM
                07/21/2026
                HUMAN Dialogue: Insights from Attackers During the FIFA World Cup
                https://www.truthinit.com/index.php/channel/2029/human-dialogue-insights-from-attackers-during-the-fifa-world-cup/
              • 07/22/2026
                06:30 AM
                07/22/2026
                Insights and Strategies for Mastering the DPDP Framework
                https://www.truthinit.com/index.php/channel/2000/insights-and-strategies-for-mastering-the-dpdp-framework/
              • 07/28/2026
                01:00 PM
                07/28/2026
                Illumio + Netskope: Zero Trust in the Age of AI Autonomy
                https://www.truthinit.com/index.php/channel/2031/illumio-netskope-zero-trust-in-the-age-of-ai-autonomy/
              • 07/29/2026
                04:00 AM
                07/29/2026
                Real-Time Strategies for Safeguarding Against Prompt Injections
                https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
              • 07/29/2026
                12:00 PM
                07/29/2026
                Unified Data Security in Action: Uncover, Analyze, and Resolve Threats
                https://www.truthinit.com/index.php/channel/2045/unified-data-security-in-action-uncover-analyze-and-resolve-threats/
              • 08/19/2026
                12:00 PM
                08/19/2026
                Becoming Agent Ready: Insights from Cyera's Expertise
                https://www.truthinit.com/index.php/channel/2036/becoming-agent-ready-insights-from-cyeras-expertise/
              • 09/30/2026
                04:00 AM
                09/30/2026
                AI Command Center: Optimizing Visibility and Control in Your Operations
                https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/

              Upcoming Events

              • Jul
                09

                The HUMAN Experience: Empowering Agentic Trust in Practice

                07/09/202601:00 PM ET
                • Jul
                  14

                  Crafting an Elite Security Team to Achieve Championship-Level Defense

                  07/14/202601:00 PM ET
                  • Jul
                    14

                    Understanding the Crucial Role of Context in AI Data

                    07/14/202602:00 PM ET
                    • Jul
                      21

                      Strategies for Managing AI Governance and Securing App-to-LLM API Traffic

                      07/21/202604:00 AM ET
                      • Jul
                        21

                        HUMAN Dialogue: Insights from Attackers During the FIFA World Cup

                        07/21/202601:00 PM ET
                        More events
                        Truth in IT
                        • Sponsor
                        • About Us
                        • Terms of Service
                        • Privacy Policy
                        • Contact Us
                        • Preference Management
                        Desktop version
                        Standard version