ערוך

שתף באמצעות


How Defender for Cloud Apps helps protect your Okta environment

As an identity and access management solution, Okta holds the keys to your organizations most business critical services. Okta manages the authentication and authorization processes for your users and customers. Any abuse of Okta by a malicious actor or any human error may expose your most critical assets and services to potential attacks.

Connecting Okta to Defender for Cloud Apps gives you improved insights into your Okta admin activities, managed users, and customer sign-ins and provides threat detection for anomalous behavior.

Use this app connector to access SaaS Security Posture Management (SSPM) features, via security controls reflected in Microsoft Secure Score. Learn more.

Main threats

  • Compromised accounts and insider threats

How Defender for Cloud Apps helps to protect your environment

SaaS security posture management

Connect Okta to automatically get security recommendations for Okta in Microsoft Secure Score.

In Secure Score, select Recommended actions and filter by Product = Okta. For example, recommendations for Okta include:

  • Enable multi-factor authentication
  • Enable session timeout for web users
  • Enhance password requirements

For more information, see:

Control Okta with built-in policies and policy templates

You can use the following built-in policy templates to detect and notify you about potential threats:

Type Name
Built-in anomaly detection policy Activity from anonymous IP addresses
Activity from infrequent country
Activity from suspicious IP addresses
Impossible travel
Multiple failed login attempts
Ransomware detection
Unusual administrative activities
Activity policy template Logon from a risky IP address

For more information about creating policies, see Create a policy.

Automate governance controls

Currently, there are no governance controls available for Okta. If you are interested in having governance actions for this connector, you can open a support ticket with details of the actions you want.

For more information about remediating threats from apps, see Governing connected apps.

Protect Okta in real time

Review our best practices for securing and collaborating with external users and blocking and protecting the download of sensitive data to unmanaged or risky devices.

Connect Okta to Microsoft Defender for Cloud Apps

This section provides instructions for connecting Microsoft Defender for Cloud Apps to your existing Okta account using the connector APIs. This connection gives you visibility into and control over Okta use. For information about how Defender for Cloud Apps protects Okta, see Protect Okta.

Use this app connector to access SaaS Security Posture Management (SSPM) features, via security controls reflected in Microsoft Secure Score. Learn more.

To connect Okta to Defender for Cloud Apps:

  1. It's recommended that you create an admin Service Account in Okta for Defender for Cloud Apps.

    Make sure you use an account with Super Admin permissions.

    Make sure your Okta account is verified.

  2. In the Okta console, select Admin.

    • Select Security and then API.

      Okta api.

    • Select Create Token.

      Okta create token.

    • In the Create Token pop-up, name your Defender for Cloud Apps token, and select Create Token.

      Okta token pop-up.

    • In the Token created successfully pop-up, copy the Token value.

      Okta token value.

  3. In the Microsoft Defender Portal, select Settings. Then choose Cloud Apps. Under Connected apps, select App Connectors.

  4. In the App connectors page, select +Connect an app, and then Okta.

    Connect Okta.

  5. In the next window, give your connection a name and select Next.

  6. In the Enter details window, in the Domain field, enter your Okta domain and paste your Token into the Token field.

  7. Select Submit to create the token for Okta in Defender for Cloud Apps.

  8. In the Microsoft Defender Portal, select Settings. Then choose Cloud Apps. Under Connected apps, select App Connectors. Make sure the status of the connected App Connector is Connected.

After connecting Okta, you'll receive events for seven days prior to connection.

If you have any problems connecting the app, see Troubleshooting App Connectors.

Next steps

If you run into any problems, we're here to help. To get assistance or support for your product issue, please open a support ticket.