Release Notes: Week 35, 2022

It’s been a busy week in the world of identity with some sobering developments impacting organizations using Okta. The so-called “0ktapus” campaign is out there stealing credentials and weak one-time passcodes to virtually walk right in the front door of some pretty big companies.




As you probably know by now, this type of attack is one of the main reasons Oort exists. Detecting weak forms of MFA (such as SMS) and high-fidelity alerting on behavioral anomalies are just some of what we do better than anyone. With reports of over 10,000 submissions of valid credentials during the attack, it’s possible that more is yet to come. So, if you’re worried about these types of attacks, or if you just want to get a free assessment of your identity security posture, let’s start you with a demo of Oort.



Get a Demo


Now is also a good time to subscribe to our release notes so you don’t miss any new features, integrations or Identity Security Checks.


Sign up to receive monthly release notes and Oort news straight from our team! (Unsubscribe at any time.)
First Name(Required)
This field is for validation purposes and should be left unchanged.


New Features


👍🏻👎🏻 Allow & Block Lists Now Bi-Directional

You can now toggle your lists to ‘Allow’ or ‘Block’ certain email domains or browser types. Setting these lists will help security analysts quickly identify authentication behavior that is out of policy for your organization by failing its respective checks when any of the criteria are met.

Block Lists



🎛 Filter Panel Now Actionable

You can now take action to include or exclude filters from the side panel when viewing the Users list. This enables specific populations of users to be shown in the results without having to enter a query in the search bar.

User Filters



📝 Behavioral Check Failures Now Explained

You can now see the reason why a behavioral check failed. Navigate to any user, click the ‘Activity’ tab, then click the event in the table. The sidebar will open up with details of what behavior triggered the check failure.

Identity Analytics


▶️ EventHub Integration Now Available for Azure AD

You can now configure your Azure AD instance to utilize the EventHub streaming service. Using EventHub reduces the likelihood that your organization will hit any sort of rate limit when collecting logs. To enable EventHub, go to the “Integrations” tab, select your Azure AD instance, then click the “Event Streaming” tab. Enter your information and click Save.


EventHub Log Streaming



👌🏻Customers using OIE can now enable collections for “Devices” and “Authenticators”

👌🏻 The Identity Security Check for “Risky Parallel Sessions” has been optimized to remove obvious machine communications



That’s a wrap for this week! Make sure you subscribe to our updates up top so you don’t miss any new features or announcements coming from Oort!  Can’t wait? Get a demo today!


Get a Demo
facebook instagram twitter


Release notes: Week 38, 2022

Week 37 | New features: New Check: Admin Impersonation in Okta

Read More

Release notes: Week 37, 2022

Week 37 | New features: New Check: Admin Impersonation in Okta

Read More

Have a question for us?

Contact us