Identity Security Insights 23.10.1
October 24, 2023
New Features and Enhancements:
- A "Warning" connectivity status has been added to the Configured Connectors page, indicating that the connector is ingesting data, but some connector requests are failing.
- Detailed information on these requests is available in the connector's Activity History page, allowing for troubleshooting of connectivity issues.
- Detections with remediation steps have been added for the following findings:
- Okta admin privileges were assigned to an entire group. Assigning admin privileges to a group, instead of directly assigning a user admin privileges, is a common behavior to avoid detection.
- Okta admin privileges were granted to a user. This activity is fairly rare and should always be investigated. Although not necessarily malicious, this activity could be generated by a valid assignment from a system administrator, accidental overprivileged assignment, or a user who made the assignment without proper authorization. However, this is a common method of privilege escalation used by attackers.
- Clicking the Quick View on a detection no longer reloads the grid content while the Quick View content loads.
- Tiles on the Entitlements grid were not appropriately aligned, and have been adjusted.
- The Entitlements grid no longer displays entries that have no associated account or identity.