2021-09-12 20:33:27 -05:00
|
|
|
title: Okta Security Threat Detected
|
|
|
|
|
id: 5c82f0b9-3c6d-477f-a318-0e14a1df73e0
|
2022-10-09 16:54:04 +02:00
|
|
|
status: test
|
2021-09-12 20:33:27 -05:00
|
|
|
description: Detects when an security threat is detected in Okta.
|
|
|
|
|
references:
|
|
|
|
|
- https://okta.github.io/okta-help/en/prod/Content/Topics/Security/threat-insight/configure-threatinsight-system-log.htm
|
|
|
|
|
- https://developer.okta.com/docs/reference/api/system-log/
|
|
|
|
|
- https://developer.okta.com/docs/reference/api/event-types/
|
2022-10-09 16:54:04 +02:00
|
|
|
author: Austin Songer @austinsonger
|
2024-08-12 12:02:50 +02:00
|
|
|
date: 2021-09-12
|
|
|
|
|
modified: 2022-10-09
|
2024-01-29 13:37:20 +01:00
|
|
|
tags:
|
2024-08-12 12:02:50 +02:00
|
|
|
- attack.command-and-control
|
2021-09-12 20:33:27 -05:00
|
|
|
logsource:
|
2022-10-09 16:54:04 +02:00
|
|
|
product: okta
|
|
|
|
|
service: okta
|
2021-09-12 20:33:27 -05:00
|
|
|
detection:
|
|
|
|
|
selection:
|
|
|
|
|
eventtype: security.threat.detected
|
|
|
|
|
condition: selection
|
|
|
|
|
falsepositives:
|
2022-10-09 16:54:04 +02:00
|
|
|
- Unknown
|
|
|
|
|
level: medium
|
