Applying Automated Response

There are multiple ways to apply automated response to stop threats: by enabling automated remediations, by suspending cloud service users with stale access, or by syncing with your own tools.

• Automated response is possible with any supported IdP. Apply automated response by setting up the response workflow with the following supported actions:

  • Suspend a cloud service user

  • Reset the cloud service user's password

  • Log out from all active sessions and trigger MFA

  • Add to group/coronational access group to elevate additional security requirements

• Leverage the APIs or webhooks by automatically trigger and even to sync with your own existing tools such as ITSM, SIEM, SOAR and workflow engines.

• Automated response using email or Slack can be integrated into your own internal workflow and trigger an automated response.

Automated response workflow example in Okta: