News
Safeguard User Credentials Through Early Threat Detection with Okta and AlienApp Integration
29 Aug 2019
 
 
The AlienApp™ for Okta detects compromised user credentials, policy violations, abuse, and other threats to your Okta account, directly from USM Anywhere (AT&T Cybersecurity platform). 
 
It provides deep security monitoring for your users’ single sign-on (SSO) and multi-factor authentication (MFA) Okta activities, helping you to safeguard user credentials through early threat detection and rapid response.
 
Delivered out of the box in USM Anywhere, the AlienApp for Okta extends your security capabilities without the usual complexities of integrating multiple IT and security tools.
 
AlienApp for Okta helps to detect threats to your Okta account, by alerting you to:
  • Suspicious or anomalous changes to Okta user accounts, profiles, and permissions
  • Authentication activities from a known malicious host
  • Attempts to bypass multi-factor authentication policies
  • Repeated login failures and possible brute force attacks
  • Escalations in administrative privileges and other admin-level changes
How It Works:
  1. USM Anywhere collects and analyzes data through the Okta API, including authentication events, user profile updates, and changes to your Okta account. Our unique Okta plugin parses the API data and generates events in USM Anywhere
  2. If USM Anywhere detects an anomalous or suspicious event, such as user sign-on from a known malicious host, it raises an alarm, letting you know what to investigate.
  3. USM Anywhere has a pre-built, interactive dashboard for Okta that summarizes authentication events and failures, so you can quickly identify anomalies and drill down to investigate—all within USM Anywhere.
If you have questions about AT&T Cybersecurity solutions, please, write us at alienvault@bakotech.com.
 
News-Liste      >