And we’d be remiss not to mention: the scenario, questions, and dataset were masterminded by a team of summer interns at Okta, led by Cornell University CS student Michelle Prior. We’re excited for you to check out the Okta Partner Experience on. We’ve allocated two hours, but you can always come back later and play again. Not familiar with Okta data or identity and access management? Don’t worry! There are plenty of hints available as you go through the 20 questions. You’ll investigate failed logins, MFA factors, automatic identity lifecycle provisioning functions, Okta sign-on policies at the global and application level, session cookie re-use attacks, and many other realistic pieces of data. These adversaries are leveraging modern identity-based attacks. ![]() Similar to our past Frothly scenarios in BOTS, Coffeecase has a “bad day” on July 28th, 2022, where they come under attack by various interesting adversaries. The BOTS Okta Partner Experience plunges you into a day managing the SOC at Coffeecase, a Bay-area startup that markets curated coffee subscription boxes to under-caffeinated consumers worldwide. Okta provides significant capabilities surrounding Single Sign On, Multi-Factor Authentication, Identity Lifecycle Provisioning, Privileged Access Management, and many others, and integrates with over 7,000 applications through the Okta Integration Network. Through the Okta Identity Cloud, organizations can securely manage any employee or customer’s access to any application, from any device. These customers use Okta for both workforce-facing identity requirements as well as customer-facing ones. Okta provides the world's leading, enterprise-grade, cloud-native Identity as a Service solution to more than 14,000 customers worldwide. As you’ll experience, Okta’s Identity Engine and Advanced Server Access solutions provide detailed data to Splunk Enterprise that is significant for cybersecurity monitoring, detection, and threat hunting as well as general identity management operations and reporting. And as such, Okta should be a popular choice - there are thousands of organizations that are customers of both Splunk and Okta. The whole point of these no-cost, no-obligation experiences is to expose you, our readers, to more data sets - especially ones similar to what you might find in your real-world environments. Anyone with a account can access this experience, linked from the main BOTS portal page at. With identity-based attacks on the rise and high-profile breaches making headlines, identity and access management logs are a critical component of any Blue Team’s toolset. Well, good things come in threes, right? Splunk is proud to announce the debut of our third BOTS Partner Experience, this time with Identity and Access Management partner Okta. ![]() We followed up the Corelight scenario with one from OT Cybersecurity partner Dragos in July. Since inception, more than 500 individuals have played at least one of these partner experiences. The idea that anyone in the world could access BOTS experiences at any time of day which showcase data from Splunk’s many partners proved a popular one. A little less than a year ago, a small team of us at Splunk released the first of our Boss of the SOC (BOTS) Partner Experiences, covering integration between Splunk and one of our network/wire data partners, Corelight.
0 Comments
Leave a Reply. |