Okta User Attempted to Access Unauthorized App

Classification:

attack

Tactic:

Set up the okta integration.

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Goal

Detect when a user is denied access to an app.

This rule lets you monitor the following Okta events to detect when a user is denied access to an app:

Determine whether or not the user should have access to this app.
Contact the user to determine whether they attempted to access this app or whether their account is compromised.