Okta App for Sumo Logic

Satisfy PCI Requirement 10 for log retention, including requirement 10.5.3 mandating immutable log storage. Monitor and visualize Okta events including, but not limited to, administrator activity events.

With the Sumo Logic App for Okta, you can:

• Store and visualize Okta events, including administrator activity events.
• Satisfy compliance requirements for log retention.
• Monitor Okta administrator activities to detect anomalous admin behavior.

The Okta and Sumo Logic integration provides better visibility and faster detection of insider threats, as Okta ensures that every user is uniquely identified across multiple SaaS applications. Sumo Logic can ingest authentication logs from Okta and correlate with the user activities across multiple SaaS applications.

Sumo Logic, with its advanced machine learning capabilities, can detect outliers in the access pattern and detect accounts most likely to be compromised.

The Sumo Logic App for Okta gives you the tools to:

• Highlight top 10 user account lockouts in last 24 hours.
• Correlate user account lockout followed by a successful login with user activities across SaaS applications.
• Identify abnormal user activity across SaaS apps.
• Conduct geo-velocity analysis to detect the same user logging in from two different locations in a short time period.

When Okta is combined with Sumo Logic, you get better visibility into top applications and anomalous user activity. Security operations and DevOps teams can view top users with failed authentication attempts and users with deactivated multi-factor authentication (MFA), giving you better visibility into threats across your applications.

Use the Sumo Logic App for Okta to:

• Identify accounts with disabled MFA.
• Detect successful and failed logins.
• Identify client browsers and OS version.
• Monitor Okta administrator activities.
• Detect outliers in successful login activity events.