We use Okta SSO for our end user apps and are discussing if our security tools should also be behind it. One less login is nice but some of our concern is if our Okta instance is hacked, the threat actor has access to what we need to respond to the incident.
Do others share this concern? We do have other controls where possible, such as off prem apps being accessible only from our IPs.
Edit: spelling submitted by /u/MyMomDoesntKnowMe
[link] [comments]
http://dlvr.it/T1WSls
Full width home advertisement
Blog Archive
-
▼
2024
(231)
-
▼
January
(55)
- Project Manager without technical experience? I wo...
- Clicker — HackTheBox Machine Simple Writeup by Kar...
- IT, IS, Cybersecurity and/or InfoSec Audit
- Your Life in the Crosshairs of Cybersecurity Threats!
- Is hacking getting boring
- 5.7 Lab: Weak isolation on dual-use endpoint | 2024
- Top cybersecurity stories for the week of 01-22-24...
- How do you do Detection-as-Code?
- The art of learning bug bounty.
- SQL Injection on PostgreSQL
- How do you actually find bugs? (My 2 year experience)
- Does anyone know of a 3rd party vendor risk *monit...
- Making My First 10K by Hacking Open Source Targets
- Pivoting to pentesting/red teaming
- Login DoS — That requires simply sending a lot of ...
- Technology Consultant - Obsolescence and Security
- 52% of IT leaders will adopt GenAI tools for cyber...
- Top cybersecurity stories for the week of 01-15-24...
- Hydra Tryhackme: Walkthrough/Writeup
- AI is making cyber criminals dangerous with tools ...
- question for the younger folks in the 'biz, about ...
- Security tools behind Okta?
- Web Security Academy — Business Logic Vulnerabilit...
- The problem with most file encryption tools. A cas...
- SMTP Server (JAMES SMTP Server 2.3.2)
- Despite A Rise in Cyber Attacks, Many Users Still ...
- Aussie Small Business Owners – Join Our New Cybers...
- 3.2 Lab: File path traversal, traversal sequences ...
- Common obstacles to exploiting path traversal vuln...
- Seeking Insights from UK Businesses Conducting Cyb...
- Windows Exploitation Learning Path in TryHackMe
- Few consumers adopt cybersecurity tools, despite p...
- A Beginner’s Guide to Bug Hunting: Your Passport t...
- How AI Tools Are Revolutionizing Cybersecurity in ...
- Automating the Detection of Malicious URLs
- Subdomain Bruteforce Tool
- New York State Plans to Give Some Cities Free Cybe...
- Blind boolean-based SQLi, by manipulating url
- How to build a DLP program from the ground up?
- Paid Subscriptions Resources which will be useful ...
- Week in review: 15 open-source cybersecurity tools...
- Massive Data Breach Unveiled by Orrick Law Firm, A...
- The Art of Shodan
- Cybersecurity posture for AI app: a viable busines...
- My first bugs in 2024
- Survey Surfaces Lack of Confidence in Existing Cyb...
- Adding mTLS to legacy tools?
- 2.6 Lab: Broken brute-force protection, IP block |...
- 15 open-source cybersecurity tools you'll wish you...
- Inventory of assets - what tooling do you use?
- My First Bug Bounty: Lessons Learned and Money Earned
- Cybersecurity Toolbox: 10 Essential Tools for Ever...
- From Disclosure to High Severity: Leveraging Dyte ...
- Penetration testing?
- Simple Subdomain Takeover
-
▼
January
(55)
Advertisement
LIVE CYBERTHREAT
Latest Trends
Contact Form
amcat question search
search Pentest tools
Total Pageviews
Search Blog
Copyright 2017, " Vpentest ". All rights Reserved.
| Designed by Colorlib
No comments:
Post a Comment