Okta is an identity solution used as a single sign-on (SSO) for logging into multiple platforms at once. For prerequisites and installation steps see Okta Quick Start Setup Guide.
Cisco Cloudlock monitors Okta in the following policy:
- Build Your Own: Event Analysis
See UEBA for more information and a complete list of Okta Events.
In addition to the Global Response Actions available in all platforms, Okta also has one unique Response Action:
Adds the user who violated the policy to a specified Okta group.
Event Analysis Policy Incident