Tracy Kelpman, lead engineer at small technology company, was recently tasked with investigating a security incident. She quickly realized that she would need to perform a root cause analysis in order to determine what had happened and how to prevent it from happening again. Her employees began reporting odd behaviour within their Okta applications and saw actions they themselves did not perform show up in their logs.
Kelpman began by reviewing the logs of the affected systems. She quickly identified that the initial point of entry for the attacker was through a phishing email that had been sent to one of the company's IT employees.
Using ThreatKey, Kelpman was able to track the attacker's movements through the Okta environment and noticed multiple misconfigured services.
She was able to see that the attacker had gained access to a number of sensitive systems and data, as well as the misconfigurations they introduced.
Kelpman was able to quickly determine the root cause of the incident and put together a plan to prevent it from happening again.
She also worked with the ThreatKey security team to understand what had happened and how to prevent it in the future.
Thanks to Kelpman's quick thinking and use of ThreatKey, the Okta security incident was quickly contained and prevented from causing further damage.