Okta

Okta
Okta

Detecting Cross-Origin Authentication Credential Stuffing Attacks

Summary Okta has determined that the cross-origin authentication feature in Customer Identity Cloud (CIC) is prone to being targeted by threat actors orchestrating credential-stuffing attacks. As part of our Okta Secure Identity Commitment and commitment to customer security, we routinely monitor and review potentially suspicious activity and proactively send notifications to customers. In this case, we have proactively notified the customers we identified that have this feature enabled, and...

Okta

Okta Verify Vulnerability Disclosure Report - Response and Remediation

Summary Okta has confirmed and remediated a reported Okta Verify vulnerability. No action is needed by customers, and outside of the original proof of concept Okta did not identify any evidence of attempts to exploit this vulnerability. As part of our recent Okta Secure Identity Commitment, we are communicating this remediation to customers in the spirit of transparency. Response On April 5th, Okta received a report from a researcher at Persistent Security of a potential vulnerability in...

Okta

User Sign-in and Recovery Events in the Okta System Log

During a security incident, it's critical that SOC analysts (or Okta admins) can rapidly identify all activity associated with a suspicious session, user or IP. We are often asked to provide some sort of "cheat sheet" for new analysts that are unfamiliar with the extensive library of events available in Okta's Event Library. The following blog post re-publishes a support article that offers a few of these shortcuts. Okta Security has also published a range of platform and...