OKTA Single Sign-On

Version: Okta SSO.

OKTA SSO an enterprise-grade, identity management service, is built for the cloud, but compatible with many on-premises applications.

Netsurion's Open XDR platform monitors the OKTA SSO in real-time which help us monitor the login activities, audit activities (like device management, user and group management, app management, etc). Netsurion's Open XDR platform dashboard helps you to visualize the activities happening in OKTA and also provide information about the geolocation whenever the login activities happens

Netsurion Data Source Integration for Okta SSO allows you to monitor the following components

  • Operations - System events, application changes and user sessions.
  • Compliance - Policy changes, user management and application membership changes.
  • Security - Admin access and user authentication.

After the Okta SSO is configured to deliver events to the Netsurion's Open XDR platform, the dashboards and reports can be configured into Netsurion's Open XDR platform.

Some of the Data Source Integrations available in Netsurion are listed below.

Alerts

Type Name Description
Security OKTA SSO – User Login failed This alert will be triggered when a user attempt to login but fails. This will help us to find the unauthorized access.

Reports

Type Name Description
Security OKTA SSO - User authentication details This report provides information related to authentication attempt (failure as well as success) made by user.
Security OKTA SSO - Admin access This report provides information when user is trying to access admin console of OKTA SSO.
Operations OKTA SSO - Application membership changes This report provides information related to changes in OKTA SSO apps membership. This report contains activities like app added/removed from Application group.
Operations OKTA SSO - Policy changes This report provides information related to changes (policy added, deleted or modified) in OKTA SSO policy.
Compliance OKTA SSO - System events This report provides information related to system activities which is happening in OKTA SSO cloud.
Compliance OKTA SSO - Application changes This report provides information related to changes in application which is integrated with OKTA.
Compliance OKTA SSO - User management This report provides information related to changes (user added, deleted, modified, added into group, removed from groups, etc).
Compliance OKTA SSO - User session details This report provides information related to user login activities in mobile or application.

Documentation

The configuration details are consistent with Netsurion's Open XDR platform version 9.x or later, and Okta SSO.

Download Integration Guide for more information.