Release Notes: Week 30, 2022

It’s been another busy week for us with some of our team at CSA Western Michigan’s CloudCon conference and others at AWS re:Inforce in Boston. 


aws reinforce


Although it’s been a busy week, there’s been even more action happening behind the scenes, so let’s dive right in to the magic that’s quickly making Oort the leading identity threat detection and response solution for enterprise organizations.



Sign up to receive monthly release notes and Oort news straight from our team! (Unsubscribe at any time.)
First Name(Required)
This field is for validation purposes and should be left unchanged.




AWS EventBridge

Oort now supports real-time Okta logs in AWS EventBridge! This capability allows greater fidelity and time-sensitive reporting on several behavioral Identity Security Checks in Oort. If you are using Oort for threat detection in Okta and want this turned on, please contact Andy Winiarski and he will get you set up right away.


aws eventbridge



New Features

💬 Free Text Search In Activity

User activity can now be searched with free text for all available information. This new feature speeds up threat investigations by an order of magnitude, enabling SOC and security analysts to find pertinent information much faster during any threat investigation.

search okta logs




📥 Download User Activity

You can now download the activity of any user into a convenient .csv file. The downloaded file comes populated with post-filter information, so once you zero in on the criteria or filter out any information that might not be relevant to your identity threat investigation, your download will be full of “just the facts, ma’am.”

download okta user activity



🗓 Custom Date Ranges

You can now apply a custom date range to any user activity. This is in addition to existing presets for 1 hour, 4 hour, 1 day, 2 days, 3 days, 7 days, 15 days, and 30 days. This is useful when the boss calls and says “get me Bob’s authentication history from July 4th through the 7th.”

event dates okta


**NEW** Identity Security Checks: 


✅ Users with New Email Forwarding Rule

We have a new check for data leak prevention (DLP) that alerts on users who have set up email forwarding from their corporate Google Workspace account. For insider threat detection, the presence of an email forwarding rule is a leading indicator of risk, especially when it’s set to forward to a non-corporate or external email account.




That’s a wrap for this week! Make sure you subscribe to our updates up top so you don’t miss any new features or announcements coming from Oort!  Can’t wait? Get a demo today!


Get a Demo
facebook instagram twitter


Release Notes: Week 31, 2022

We have some more great product updates this week, including […]

Read More

Release Notes: Week 30, 2022

It’s been another busy week for us with some of […]

Read More

Have a question for us?

Contact us

Let’s get started

Sign up now