<  Back to rules search

Okta MFA Bypass Attempted

okta

Classification:

attack

Tactic:

TA0005-defense-evasion

Set up the okta integration.

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Goal

Detect when a user attempts to bypass multi-factor authentication (MFA).

Strategy

This rule lets you monitor the following Okta events to detect when a user attempts to bypass MFA:

  • user.mfa.attempt_bypass

Triage and response

Contact the user who attempted to bypass MFA and ensure the request was legitimate.