Okta Managing AD Cached Credentials and Okta Self-Service For AD admins, managing remote workstations has become a neverending challenge. Adopting Okta made things easier, but sometimes, quality-of-life features, such as AD password self-service, come with the cost of lacking native ways to verify credentials between a domain controller, the identity store (Okta), and the actual workstation. So in
Research Featured MITM Attack Risk on Okta Disclaimer: The risk described in this article applies to ANY website or SaaS platform with a public authentication mechanism that allows using traditional 2FA, such as push approvals or OTP, not just Okta. 📜 Background Story An enterprise client suffers a significant compromise, security teams and organizations with an IAM system
News LAPSUS$ Impact on Okta “Caution is the eldest child of wisdom.” There is a fine line between what may seem like a minor, contained event and the actual damage LAPSUS$ could have inflicted when they had access to the right tools via the support engineer’s laptop. First, let’s take a look at
