Login
      Contents x
      Integrate Okta Workforce Identity with Red Canary
      • 30 Aug 2024
      • 1 Minute to read
      • PDF
      Contents

      Integrate Okta Workforce Identity with Red Canary

      • Updated on 30 Aug 2024
      • 1 Minute to read
      • PDF
      Article summary

      The integration between Red Canary’s Managed Detection and Response (MDR) service and Okta’s Workforce Identity platform helps organizations detect and respond to credential compromise before it results in a data breach.

      Stolen credentials are a common path for attackers to gain initial access, and while multi-factor authentication (MFA) can help mitigate this risk, adversaries have found ways to circumvent it. Red Canary’s integration with Okta Workforce Identity allows users to correlate Okta alerts with data from other security tools to quickly identify potential credential compromise incidents. Additionally, Red Canary has developed custom detections to identify threats, such as MFA fatigue attacks, that Okta’s out-of-the-box alerts may miss.

      Once a credential compromise is detected, Red Canary’s built-in Security Orchestration and Automated Response (SOAR) platform enables organizations to easily configure automated responses in Okta, such as suspending user accounts, clearing sessions, and applying access restrictions. This helps organizations respond quickly and effectively to mitigate the risk of a data breach stemming from stolen credentials.

      To integrate Okta Workforce Identity with Red Canary, follow the procedure below from beginning to end.

      Note: This functionality is only available to Red Canary users who have an MDR Identities subscription. 

      Create your Okta Workforce Identity integration with Red Canary

      1. From your Red Canary homepage, click Integrations. If you do not see the required integration, click See all integrations.

      2. In the search bar, type and then select Okta Workforce Identity.

      3. Click Configure.

      4. Enter a name for your Okta Domain.

      5. Enter your Okta API Token. Learn more about creating an Okta API Token.

      6. Click Save.

      FAQ

      What kind of data is Red Canary collecting from Okta? 

      For legacy integrations, Red Canary used to collect only alert data from Okta Workforce Identity. Red Canary now collects alert data and raw telemetry that is used to develop our own analytics. This raw telemetry includes system activities such as MFA events,  user actions, and timestamp information for authentication attempts.

      Was this article helpful?
      What's Next
      PRODUCTS
      USE RED CANARY
      SUPPORT
      Change password!
      Changing your password will log you out immediately. Use the new password to log back in.
      Change profile
      Success!
      First name must have atleast 2 characters. Numbers and special characters are not allowed.
      Last name must have atleast 1 characters. Numbers and special characters are not allowed.
      Enter a valid email
      Enter a valid password
      Your profile has been successfully updated.
      Logout