Okta SSO Detection Suite: Richer Alert Context, Configurable Thresholds, and Corrected Entity Mappings Across 9 Rules and 10 Hunting Queries

Nine Analytic Rules and ten Hunting Queries for Okta SSO have been overhauled with configurable thresholds, allowlist variables, improved JSON parsing, and corrected entity mappings, closing fidelity gaps that degraded Sentinel entity behaviour and alert context. Read More →

Okta Detection Rule: Fixed Blind Spot After Connector Migration to OktaV2_CL

Critical Okta detection was broken after connector migration — now uses OktaSSO parser to restore session impersonation monitoring. Read More →

Four Legacy Azure Function Connectors Marked for Deprecation - Migration to CCF Required

Microsoft has deprecated Azure Function-based connectors for Okta SSO, SentinelOne, Sophos Endpoint Protection, and VMware Carbon Black Cloud in favor of CCF alternatives. Read More →

Okta Single Sign-On: ARM Template Compliance Fix for SessionId Variable

Resolved ARM TTK validation error by parameterizing hardcoded SessionId reference in deployment template. Read More →

Okta Single Sign-On Connector: Title Update to Clarify CCF Usage

Cosmetic title change to clarify the connector uses Codeless Connector Framework for Okta API ingestion. Read More →