Product
high
advisory
Okta Admin Console Unusual Behavior Detection
2 rules 4 TTPsThis brief details detection of anomalous activity within the Okta Admin Console, potentially indicating privilege escalation, persistence, defense evasion, or initial access attempts by malicious actors.
Okta Identity Engine
okta
identity
privilege-escalation
persistence
defense-evasion
initial-access
2r
4t
high
advisory
Okta Password Entered in AlternateID Field
2 rules 1 TTPOkta logs may contain user passwords if a user mistakenly enters their password into the username field during login, potentially exposing credentials in logs.
Okta Identity Engine
attack.credential-access
attack.t1552
okta
password-leak
2r
1t
medium
advisory
Okta Network Zone Deactivation or Deletion
2 rules 1 TTPAn Okta network zone was deactivated or deleted, potentially indicating malicious activity aimed at bypassing security controls.
Okta Identity Engine
okta
network-zone
impact
2r
1t