[Meta] Okta Detection Coverage for Cross-Origin Authentication Credential Stuffing #3723

terrancedejesus · 2024-05-30T13:45:45Z

Parent Epic (If Applicable)

https://github.com/elastic/ia-trade-team/issues/271

Meta Summary

This meta will serve to review detection coverage and capability for Cross-Origin authentication credential stuffing in Okta. The outcome is to have coverage for this attack technique within the security solution related to the Okta integration data source. Additionally, threat hunting queries may be created as well.

Estimated Time to Complete

1 week

Potential Blockers

Data Visibility

Tasklist

Meta Tasks

Give feedback

TBD
Options

Resources / References

https://sec.okta.com/articles/2024/05/detecting-cross-origin-authentication-credential-stuffing-attacks

terrancedejesus added Area: DED Team: TRADE Meta labels May 30, 2024

terrancedejesus self-assigned this May 30, 2024

terrancedejesus added the Integration: Okta okta related rules label May 30, 2024

Mikaayenson added the backlog label Jun 12, 2024

Mikaayenson removed Area: DED labels Jun 21, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Meta] Okta Detection Coverage for Cross-Origin Authentication Credential Stuffing #3723

[Meta] Okta Detection Coverage for Cross-Origin Authentication Credential Stuffing #3723

terrancedejesus commented May 30, 2024

Meta Tasks

[Meta] Okta Detection Coverage for Cross-Origin Authentication Credential Stuffing #3723

[Meta] Okta Detection Coverage for Cross-Origin Authentication Credential Stuffing #3723

Comments

terrancedejesus commented May 30, 2024

Parent Epic (If Applicable)

Meta Summary

Estimated Time to Complete

Potential Blockers

Tasklist

Meta Tasks

Resources / References