Okta SSO Detection Suite: Richer Alert Context, Configurable Thresholds, and Corrected Entity Mappings Across 9 Rules and 10 Hunting Queries

Nine Analytic Rules and ten Hunting Queries for Okta SSO have been overhauled with configurable thresholds, allowlist variables, improved JSON parsing, and corrected entity mappings, closing fidelity gaps that degraded Sentinel entity behaviour and alert context. Read More →

Okta Detection Rule: Fixed Blind Spot After Connector Migration to OktaV2_CL

Critical Okta detection was broken after connector migration — now uses OktaSSO parser to restore session impersonation monitoring. Read More →

Four Legacy Azure Function Connectors Marked for Deprecation - Migration to CCF Required

Microsoft has deprecated Azure Function-based connectors for Okta SSO, SentinelOne, Sophos Endpoint Protection, and VMware Carbon Black Cloud in favor of CCF alternatives. Read More →

Microsoft Sentinel Training Lab: Comprehensive Hands-On Security Operations Environment Now Available

New deployment-ready training lab delivers 14 guided exercises with pre-recorded telemetry, detection rules, and automation workflows for practical Microsoft Sentinel skill development. Read More →

Okta Single Sign-On: ARM Template Compliance Fix for SessionId Variable

Resolved ARM TTK validation error by parameterizing hardcoded SessionId reference in deployment template. Read More →

Okta Single Sign-On Connector: Title Update to Clarify CCF Usage

Cosmetic title change to clarify the connector uses Codeless Connector Framework for Okta API ingestion. Read More →

ASIM Authentication: New Okta OktaSystemLogs Parser Enables Normalized Identity Event Analysis

New ASIM parser normalizes Okta authentication events from OktaSystemLogs table to standard Authentication schema. Read More →