<  Back to rules search

Okta MFA Bypass Attempted

okta

Classification:

attack

Tactic:

TA0005-defense-evasion

Set up the okta integration.

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Goal

Detect when a user attempts to bypass multi-factor authentication (MFA).

Strategy

This rule lets you monitor the following Okta events to detect when a user attempts to bypass MFA:

  • user.mfa.attempt_bypass

Triage and response

Contact the user who attempted to bypass MFA and ensure the request was legitimate.