Safeguard
Tag

okta

Safeguard articles tagged "okta" — guides, analysis, and best practices for software supply chain and application security.

7 articles

Incident Analysis

Okta 2023 Customer Support Breach: Implications for Identity Supply Chain

The Okta customer support breach of October 2023 exposed HAR files containing session tokens for major customers. The structural lessons run deeper than the incident.

Apr 3, 20265 min read
Incident Analysis

Okta Cross-Tenant Impersonation 2024

Okta's cross-tenant impersonation advisory and related social-engineering campaigns exposed how identity providers get targeted. Lessons for defenders.

Mar 26, 20268 min read
Incident Analysis

Okta 2022-2023 Incidents: Supply Chain Lessons

A retrospective on Okta's string of security incidents from 2022 through 2023 and what they teach us about identity providers as critical supply chain dependencies.

Mar 18, 20246 min read
Incident Analysis

Cloudflare's Thanksgiving 2023 Breach: How Okta Credentials Led to a Nation-State Intrusion

Cloudflare disclosed that a nation-state actor used credentials stolen from the October 2023 Okta breach to access their Atlassian systems. Their transparent post-mortem set a new standard.

Feb 1, 20245 min read
Incident Response

Okta's Support System Breach: Identity Provider Under Fire Again

Okta disclosed that attackers used stolen credentials to access its customer support system, downloading HAR files containing session tokens for multiple customers.

Oct 20, 20235 min read
Threat Actors

Scattered Spider: The Social Engineering Group That Outmaneuvered Enterprise Security

Scattered Spider combined aggressive social engineering with deep knowledge of enterprise IT to breach MGM Resorts, Caesars Entertainment, and dozens of other organizations.

Oct 8, 20237 min read
Incident Analysis

Okta LAPSUS$ Breach: When Your Identity Provider Gets Compromised

LAPSUS$ breached an Okta support contractor, gaining access to customer tenants. The incident raised critical questions about identity provider supply chain risk.

Mar 22, 20226 min read
okta — Safeguard Blog