Discover and read the best of Twitter Threads about #okta
Most recents (5)
🔑 More passkeys for everyone!
Descope now helps you add passkey authentication to your app without changing your primary identity provider or user store.
Amazon Cognito and Auth0 customers can now add passkeys to existing logins by using our service as a federated IdP.
🧵👇
Descope now helps you add passkey authentication to your app without changing your primary identity provider or user store.
Amazon Cognito and Auth0 customers can now add passkeys to existing logins by using our service as a federated IdP.
🧵👇
🗣️@slavikm: “We are huge believers in the potential of passkeys. They are unphishable and make the process easier for end users. Our goal with these product enhancements is to reduce friction for any developers looking to add passkeys to their apps.”
🔗: descope.com/press-release/…
🔗: descope.com/press-release/…
Amazon Cognito customer?
✅ Check out our dev blog on how to add #passkeys to your existing user pools: descope.com/blog/post/pass…
âś… If you're a visual learner, this video covers the basics:
#authentication #identity #security #developers #cognito #amazon
✅ Check out our dev blog on how to add #passkeys to your existing user pools: descope.com/blog/post/pass…
âś… If you're a visual learner, this video covers the basics:
#authentication #identity #security #developers #cognito #amazon
LAPSUS$ is the group on everyone’s mind today, having just leaked data around a potential breach of #Okta, a widely-used SSO & identity provider. So let’s take some time to dive into #LAPSUS$, where they came from, how they’ve evolved, and how to defend against them.
LAPSUS$ appeared in only a few months ago, in December 2021. They appear to be Brazilian-based or affiliated, going off of their initial targets and the languages used on their Telegram channels
Notable analysts have described them as “erratic and unusual” (@BrettCallow in Wired) and “competent and incompetent at the same time” because of their seeming inability to monetize their successful breaches
A thread on the (suspected) Okta compromise from an incident response perspective 🧵
#okta #LAPSUS$ #dfir #incidentresponse
#okta #LAPSUS$ #dfir #incidentresponse
1. Collect and preserve all Okta logs, focus on the Okta System Log as it's the main audit trail for Okta activities
Need more info on this log check (developer.okta.com/docs/reference…)
Need more info on this log check (developer.okta.com/docs/reference…)
2. Search your audit log for suspicious activity focus on your superuser/admin Okta accounts as they pose the largest risk
I rarely use this account anymore, but due to the potential #Okta breach here are some SIEM rules which could potentially be useful running back over the past 90 days of data if you can.
github.com/SigmaHQ/sigma/…
github.com/elastic/detect…
github.com/SigmaHQ/sigma/…
github.com/elastic/detect…
@ZephrFish Has also shared the below hunting opportunities to add to the above links
Analysis: #NASDAQ $OKTA
Case 452 #Okta Inc.
DISCLAIMER: The analysis is strictly for educational purposes and should not be construed as an invitation to trade.
#OKTA 1/4
Case 452 #Okta Inc.
DISCLAIMER: The analysis is strictly for educational purposes and should not be construed as an invitation to trade.
#OKTA 1/4
Chart 1
Weekly Chart: The strong close above the July 2019 #pivot at 140.53 has seen price take off clipping in and out of the synthetic #resistance sloping at 213.50- 218.81. We look for a 2 week close above the latter to target 238.22 then .....
OKTA 2/4
Weekly Chart: The strong close above the July 2019 #pivot at 140.53 has seen price take off clipping in and out of the synthetic #resistance sloping at 213.50- 218.81. We look for a 2 week close above the latter to target 238.22 then .....
OKTA 2/4
..... 256.80. A trading range (227.97- 191.83) has developed since July 2020 and the control point at 191.83 must not be lost to maintain upside #momentum.
OKTA 3/4
OKTA 3/4
