Oort’s new remediation features have gone down a storm with users–so we’re releasing even more! Continue reading to find out about our latest action option and what else we’ve made available in the last week.
🛑 New Action - Log Out User
We provide plenty of insights into suspicious user activity that detects threats for security teams. For those of you who are unfamiliar with Oort’s identity threat insights, here are a few examples:
- Risky Parallel Sessions
- Azure Admin Activity Anomaly
- Login to Admin Console in Okta
- Okta Admin Activity Anomaly
- Service Account Successful Sign In
- Successful Access from a Previously Only Failing IP
That’s great, now what do you do? With this release, users can log users out with the click of a button. Doing so will clear all sessions and log out the user across all devices. If users wish to log back in, they need to re-authenticate.
User 360 profiles are the most visited parts of the Oort dashboard, where you can access everything you might want to know about a user. Within these profiles, there is a tab specifically on Applications. This shows you which applications the user has access to, which they have logged in to, and when they last logged in.
In this release, we’ve included additional detail on how these applications were assigned to the user. Was it via a group, or was it directly assigned? If it was directly assigned, who granted it? The Applications tab now displays all this information.
Bug Fixes and Minor Improvements
- Enhanced IP details. For checks with an IP address associated, greater detail is now displayed about the IP address in the activity panel.
- Okta Event Streaming. We recommend setting up event streaming to ensure you see the latest data in Oort. In this release, we’ve included a new modal in the Integrations tab to help set up event streaming in Okta.