The BlueApp for Okta provides deep security monitoring for single sign-on (SSO) and multifactor authentication (MFA) activities, helping you safeguard user credentials through early threat detection and rapid response. It enhances the threat detection capabilities of USM Anywhere by collecting and analyzing log data from your Okta environment to help you detect user credential theft, abuse, policy violations, and other threats to your Okta account.
The BlueApp for Okta supports the following features:
- It regularly queries the Okta API for information, such as authentication events, user profile updates, user state changes, application and group assignment, and Okta platform changes.
- The out-of-the-box correlation rules for Okta events enable USM Anywhere to automatically create alarms Alarms provide notification of an event or sequence of events that require attention or investigation., notifying you about suspicious activity in your Okta environment.
- It includes a predefined dashboard that provides an overview of Okta activity so that you have quick visibility to streamline your investigation and incident response processes.
Warning: If the BlueApp fails and you receive a message informing you that it has not been loaded, please contact LevelBlue Technical Support to solve the problem.
This topic discusses these subtopics: