Integrating Cylance Endpoint Security with Okta Skip Navigation

Integrating
Cylance Endpoint Security
with
Okta

You can add an
Okta
connection to your
Cylance
console to view
Okta
alerts in the Alerts view. The Alerts view allows administrators to view
Okta
authorization and access alerts from one unified interface. The
Okta
connector uses the
Okta
events API to display event telemetry in the Alerts view. The
Okta
user anomaly events that are aggregated in the Alerts view include suspicious user login attempts and blocked security request events. By aggregating
Okta
events into these categories, you will have greater visibility into login attempts by third parties, erroneous logins by users, and login attempts from suspicious source IP addresses.
The Alerts view aggregates requests from banned IP addresses across your company's user base to provide insight into possible patterns or campaigns. The surfaced data can also contain information on the source device of the access attempt, allowing you to determine if the request was made by a human or machine.
For more information about configuring
Okta
to generate alerts that can be viewed in the Alerts view, see the following resources:
For more information about the Alerts view, see Managing alerts across Cylance Endpoint Security services in the Administration content.