# Identity Intelligence Knowledge Base

## Cisco Identity Intelligence Knowledge Base

- [Home](https://docs.oort.io/readme.md)
- [Glossary](https://docs.oort.io/glossary.md): Oort's definitive guide to Identity Security terminology
- [Dashboards](https://docs.oort.io/dashboard.md): Identity Intelligence dashboards at a glance
- [Posture](https://docs.oort.io/dashboard/posture.md)
- [Identities Dashboard](https://docs.oort.io/dashboard/posture/identities-dashboard.md)
- [Non-Human Identities Dashboard](https://docs.oort.io/dashboard/posture/non-human-identities-dashboard.md): 2025.10.08
- [MFA Dashboard](https://docs.oort.io/dashboard/posture/mfa-dashboard.md)
- [Devices Dashboard](https://docs.oort.io/dashboard/posture/devices-dashboard.md)
- [Applications Dashboard](https://docs.oort.io/dashboard/posture/applications-dashboard.md)
- [Threats](https://docs.oort.io/dashboard/threats.md)
- [Compliance](https://docs.oort.io/dashboard/compliance.md)
- [Operations](https://docs.oort.io/dashboard/operations.md)
- [Identity Security Assessment (ISA)](https://docs.oort.io/dashboard/identity-security-assessment-isa.md)
- [Onboarding Checklists](https://docs.oort.io/dashboard/onboarding-checklists.md)
- [Understanding your users](https://docs.oort.io/understanding-your-users.md)
- [Users](https://docs.oort.io/understanding-your-users/users.md)
- [Saved Filters](https://docs.oort.io/understanding-your-users/users/saved-filters.md)
- [Basic Search & Advanced Query Mode](https://docs.oort.io/understanding-your-users/users/advanced-query-mode.md): 09/2024
- [User 360](https://docs.oort.io/understanding-your-users/user-360.md)
- [Overview Tab](https://docs.oort.io/understanding-your-users/user-360/overview-tab.md)
- [Activity Tab](https://docs.oort.io/understanding-your-users/user-360/activity-tab.md)
- [Networks Tab](https://docs.oort.io/understanding-your-users/user-360/networks-tab.md)
- [Devices Tab](https://docs.oort.io/understanding-your-users/user-360/devices-tab.md)
- [Applications and Groups Tabs](https://docs.oort.io/understanding-your-users/user-360/applications-and-groups-tabs.md)
- [Checks Tab](https://docs.oort.io/understanding-your-users/user-360/checks-tab.md)
- [Triaging Alerts and Remediation Actions](https://docs.oort.io/understanding-your-users/remediation-actions.md): 2026.05.08
- [Linking User Accounts](https://docs.oort.io/understanding-your-users/linking-user-accounts.md): 8/2024
- [User Statuses](https://docs.oort.io/understanding-your-users/user-statuses.md)
- [Applications](https://docs.oort.io/applications.md)
- [Devices](https://docs.oort.io/devices.md): 02/2026
- [Non-Human Identities (NHI)](https://docs.oort.io/non-human-identities-nhi.md): 2025.10.21
- [Configuring Integrations](https://docs.oort.io/integrations.md): SSO Setup, Identity Providers, Communications, and Ticketing Systems
- [Managed Integrations](https://docs.oort.io/integrations/managed-integrations.md)
- [Auth0](https://docs.oort.io/integrations/auth0.md)
- [Auth0 Data Integration](https://docs.oort.io/integrations/auth0/auth0-data-integration.md): 04/2023
- [Auth0 Log Streaming & Marketplace App](https://docs.oort.io/integrations/auth0/auth0-streaming-integration.md): 05/2023
- [Microsoft Active Directory](https://docs.oort.io/integrations/microsoft-active-directory.md): 2026.01.29
- [Microsoft Entra ID Data Integration](https://docs.oort.io/integrations/azure-active-directory-integration.md): 2026.05.05
- [Azure Event Hub Log Streaming for Microsoft Entra ID](https://docs.oort.io/integrations/azure-active-directory-event-hub-streaming.md): 2025.11.25
- [Azure Sentinel SIEM](https://docs.oort.io/integrations/azure-sentinel-siem-integration.md): 2023.03.23
- [AWS Identity Center](https://docs.oort.io/integrations/aws.md): 02/2026
- [Bloodhound Enterprise](https://docs.oort.io/integrations/bloodhound-enterprise.md): Learn how to prioritize investigation and remediation around identities that are positioned along high-risk paths.
- [Datadog](https://docs.oort.io/integrations/datadog.md): 2025.11.17
- [Duo Security](https://docs.oort.io/integrations/duo-security-integration.md)
- [Email Notifications](https://docs.oort.io/integrations/email-notifications.md): 08/2024
- [Github](https://docs.oort.io/integrations/github.md): 2025.11.17
- [Google](https://docs.oort.io/integrations/google-workspace-integration.md): 11/2023
- [Google Sheets](https://docs.oort.io/integrations/google-sheets.md)
- [Jamf](https://docs.oort.io/integrations/jamf.md)
- [Jira](https://docs.oort.io/integrations/jira-integration.md): 11/2022
- [Mailgun](https://docs.oort.io/integrations/mailgun-integration.md): 2023/12
- [Microsoft Teams Notification](https://docs.oort.io/integrations/microsoft-teams-notification-integration.md): 2026.01.29
- [Okta Log Streaming AWS EventBridge](https://docs.oort.io/integrations/okta-aws-eventbridge-streaming-integration.md): 10/2024
- [Okta Data Integration](https://docs.oort.io/integrations/okta-data-integration.md): 2026.04.20
- [Okta Workflows](https://docs.oort.io/integrations/okta-workflows.md): 02/2024
- [OpenAI](https://docs.oort.io/integrations/openai.md)
- [PingFederate](https://docs.oort.io/integrations/pingfederate.md): 2025.07.09
- [Salesforce](https://docs.oort.io/integrations/salesforce-integration.md): 2025.11.24
- [SCIM Provisioning](https://docs.oort.io/integrations/scim-provisioning.md)
- [Cisco Secure Access Data Integration](https://docs.oort.io/integrations/cisco-secure-access-data-integration.md)
- [SendGrid](https://docs.oort.io/integrations/sendgrid-integration.md): 2023/12
- [ServiceNOW](https://docs.oort.io/integrations/servicenow-integration.md): 9/2022
- [Shared Signals Framework (SSF) and SSF Receivers](https://docs.oort.io/integrations/shared-signals-framework-ssf-and-ssf-receivers.md): Describes signals from security products and platforms that Identity Intelligence can ingest.
- [AppOmni Integration Using SSF](https://docs.oort.io/integrations/shared-signals-framework-ssf-and-ssf-receivers/appomni-integration-using-ssf.md)
- [Slack](https://docs.oort.io/integrations/slack-notification-integration.md): 08/2024
- [Snowflake (Beta)](https://docs.oort.io/integrations/snowflake.md): 2025.06.17
- [Splunk](https://docs.oort.io/integrations/splunk.md): 2025.07.28
- [Webhook Splunk Integration](https://docs.oort.io/integrations/splunk/webhook-splunk-cii-integration.md): 2025.11.07
- [AWS S3 Splunk Integration](https://docs.oort.io/integrations/splunk/aws-s3-splunk-cii-integration.md): 2025.11.07
- [UKG (via SCIM)](https://docs.oort.io/integrations/ukg-via-scim.md): 2025.09.17
- [Webex Directory](https://docs.oort.io/integrations/webex.md)
- [Webex Notification](https://docs.oort.io/integrations/webex-notification-integration.md): 02/2024
- [Webhooks](https://docs.oort.io/integrations/webhooks.md): 04/17/2025
- [Workday](https://docs.oort.io/integrations/workday.md): Options for integrating with Workday HRIS platform
- [Manual Import (CSV)](https://docs.oort.io/integrations/workday/how-to-import-workday-hris-data.md): Import Workday data using data exported to a CSV
- [Report as a Service (RaaS)](https://docs.oort.io/integrations/workday/workday-report-as-a-service-integration.md): Create a Workday Report URL for Oort to integrate via Web Service
- [AWS User-Based Access \[Deprecated\]](https://docs.oort.io/integrations/aws-1.md): 08/2024
- [Polarity](https://docs.oort.io/integrations/polarity-integration.md): 03/2024
- [Understanding Check failures](https://docs.oort.io/understanding-check-failures.md)
- [Reviewing Check Results](https://docs.oort.io/understanding-check-failures/reviewing-check-results.md)
- [Customizing Checks](https://docs.oort.io/understanding-check-failures/customizing-checks.md)
- [Cisco Identity Checks](https://docs.oort.io/understanding-check-failures/oort-insights.md)
- [Identity Posture Management Checks](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights.md)
- [Access from Denied Territories](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/access-from-denied-countries.md)
- [Agentic Application Reuse](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/agentic-application-reuse.md)
- [Allow/Block Email Logins](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/allow-block-email-logins.md)
- [Application Login Bypasses SSO](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/application-login-bypasses-sso.md)
- [Applications with Directly Assigned Users](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/user-has-directly-assigned-application.md)
- [Applications with Expired Secret](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/applications-with-expired-secret.md)
- [Applications with Limited Adoption](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/unused-application-for-a-user.md)
- [Attack Path Alert](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/attack-path-alert.md)
- [HRIS Discrepancies](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/hris-discrepancy.md)
- [Identity Intelligence Client Secret Expiring Soon](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/oort-client-secret-expiring-soon.md)
- [Inactive Account Probing](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/inactive-account-probing.md)
- [Kerberoastable Accounts](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/kerberoastable-accounts.md)
- [Inactive Guest Users](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/inactive-guest-users.md)
- [Inactive Users](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/inactive-users.md)
- [Missing Value in Mandatory Field](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/missing-value-in-mandatory-field.md)
- [Never Logged In](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/never-logged-in.md)
- [No MFA Configured](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/no-mfa-configured.md)
- [No Strong MFA Configured](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/no-strong-mfa-configured.md)
- [Non-Human Identity Password Expiration Failure](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/non-human-identity-password-expiration-failure.md)
- [Non-Human Identities with No MFA Configured](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/non-human-identities-with-no-mfa-configured.md)
- [Okta Long Running Sessions](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/okta-long-running-sessions.md)
- [Okta Session Length Policy Compliance](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/okta-session-length-policy-compliance.md)
- [Personal VPN Usage](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/personal-vpn-usage.md)
- [Provider User Type Missing](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/user-type-missing.md)
- [Rate Limit Alert](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/rate-limit-alert.md)
- [Role Assigned to Azure Cloud Only Account](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/role-assigned-to-azure-cloud-only-account.md)
- [Shared Mailbox Sign In Enabled](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/shared-mailbox-sign-in-enabled.md)
- [Service Account Reuse](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/service-account-reuse.md)
- [Slack User Inconsistencies](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/slack-user-inconsistencies.md)
- [Telecom MFA Limit Reached](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/telecom-mfa-limit-reached.md)
- [Unmanaged Devices Access](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/unmanaged-devices-access.md)
- [Upcoming App Key Expiration](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/upcoming-app-key-expiration.md)
- [User Authorized to Bypass MFA](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/user-authorized-to-bypass-mfa.md)
- [User in IDP but not in HRIS](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/user-in-idp-but-not-in-hris.md)
- [User Password Expiration Failure](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/user-password-expiration-failure.md)
- [User Stuck in Non-functional State](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/user-stuck-in-non-functional-state.md)
- [Users Sharing Authenticators](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/users-sharing-authenticators.md)
- [Weak MFA Was Used To Successfully Sign In](https://docs.oort.io/understanding-check-failures/oort-insights/identity-posture-management-insights/weak-mfa-was-used-to-successfully-sign-in.md)
- [Identity Threat Detection Insights](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights.md)
- [A Bypass Code Was Used To Successfully Sign In](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/a-bypass-code-was-used-to-successfully-sign-in.md)
- [Access From Dormant Account](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/access-from-dormant-account.md)
- [Access From Dormant Non-Human Identity](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/access-from-dormant-non-human-identity.md)
- [Accounts With Unusually High Activity](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/accounts-with-unusually-high-activity.md)
- [Active Account Under Heavy Attack](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/active-account-under-heavy-attack.md)
- [Activity From Untrustworthy ISP](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/activity-from-untrustworthy-isp.md)
- [Admin Impersonation in Okta](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/admin-impersonation-in-okta.md)
- [Admin Role Assigned to User](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/admin-role-assigned-to-user.md)
- [Admin Role Assigned to Non-Human Identity](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/admin-role-assigned-to-non-human-identity.md)
- [AppOmni High Severity Alert](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/appomni-high-severity-alert.md)
- [Authenticator Registration Anomalies](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/authenticator-registration-anomalies.md)
- [Break-Glass Account Successful Sign In](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/break-glass-account-successful-sign-in.md)
- [Code Exfiltration By Guest Account](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/code-exfiltration-by-guest-account.md)
- [Compromised Session](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/compromised-session.md)
- [Google Drive File with Excessive Sharing Permissions](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/google-drive-file-with-excessive-sharing-permissions.md)
- [Impossible Travel](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/impossible-travel.md)
- [IP Threat Detected](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/ip-threat-detected.md)
- [IP Threat Detected In Depth](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/ip-threat-detected/ip-threat.md): Overview
- [Leaked User Credentials Detected](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/leaked-user-credentials-detected.md)
- [Login to Admin Console](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/login-to-admin-console-in-okta.md)
- [MFA Flood](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/mfa-flood.md)
- [Microsoft Entra ID Admin Activity Anomaly](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/azure-admin-activity-anomaly.md)
- [New Country for Tenant](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/new-country-for-tenant.md)
- [New IDP Created](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/new-idp-created.md)
- [Non-Human Identity with Interactive Browser Access](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/non-human-identity-with-interactive-browser-access.md)
- [Okta Admin Activity Anomaly](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/okta-admin-activity-anomaly.md)
- [Rare Browser Activity](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/rare-browser-activity.md)
- [Registered Location Mismatch](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/registered-location-mismatch.md)
- [Risky Parallel Sessions](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/risky-parallel-sessions.md)
- [Service Account Successful Sign In](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/service-account-successful-sign-in.md)
- [Service Principal Risk Detected](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/service-principal-risk-detected.md)
- [Shared Mailbox Successful Sign In](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/shared-mailbox-successful-sign-in.md)
- [Sign In Threat Detected](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/sign-in-threat-detected.md)
- [Sign-in from Recently Created IdP](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/sign-in-from-recently-created-idp.md)
- [Successful Access from a Previously Only Failing IP](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/successful-access-from-a-previously-only-failing-ip.md)
- [Super Admin Login to Google](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/super-admin-login-to-google.md)
- [Suspicious Activity Reported by End User](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/suspicious-activity-reported-by-end-user.md)
- [Unusual Repo Access](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/unusual-repo-access.md)
- [User IP in Blocked State](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/user-ip-in-blocked-state.md)
- [User Lock Out Risk Detected](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/user-lock-out-risk-detected.md)
- [User Trust Level Alert](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/user-trust-level-alert.md)
- [Users With Defined Email Forward Rules](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/users-with-defined-email-forward-rules.md)
- [Users With New Email Forward Rules](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/users-with-new-email-forward-rules.md)
- [Weak MFA Manually Activated and Utilized](https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/weak-mfa-manually-activated-and-utilized.md)
- [Campaigns](https://docs.oort.io/campaigns.md)
- [Tenant Settings](https://docs.oort.io/oort-tenant-settings-overview.md): 04/2024
- [Role-based Access (RBAC) and Tenant Access Logs](https://docs.oort.io/oort-tenant-settings-overview/role-based-access-and-access-logs.md): 12/2024
- [Systems Logs](https://docs.oort.io/oort-tenant-settings-overview/systems-logs.md): Using System Logs to Monitor and Troubleshoot your Oort Tenant
- [Identity Posture Score](https://docs.oort.io/identity-posture-score.md)
- [User Trust Level](https://docs.oort.io/user-trust-level.md)
- [How-to Guides](https://docs.oort.io/how-to-guides.md)
- [Accessing and Securing your Cisco Identity Intelligence Tenant](https://docs.oort.io/how-to-guides/accessing-and-securing-your-oort-tenant.md): 08/2024
- [Can Identity Intelligence analyze behavior and fail checks more frequently?](https://docs.oort.io/how-to-guides/can-identity-intelligence-analyze-behavior-and-fail-checks-more-frequently.md)
- [Importing Known IP Address Lists](https://docs.oort.io/how-to-guides/importing-known-ip-address-lists.md)
- [Networks Tab & User Investigations](https://docs.oort.io/how-to-guides/networks-tab-and-user-investigations.md): 6/2023
- [Okta Workflows Webhook Example](https://docs.oort.io/how-to-guides/okta-workflows-webhook-example.md): 8/2023
- [Oort Dashboard Overview](https://docs.oort.io/how-to-guides/oort-dashboard-overview.md): Oort Dashboard at-a-glance
- [Understanding HRIS Data and SCIM](https://docs.oort.io/how-to-guides/understanding-hris-data-and-scim.md): 04/2022 - rev 2
- [MFA FAQ](https://docs.oort.io/how-to-guides/mfa-factors-faq.md): 08/2024
- [Public API](https://docs.oort.io/public-api.md): 10/2024
- [APIs](https://docs.oort.io/public-api/apis.md): 10/2024
- [Troubleshooting & Support](https://docs.oort.io/troubleshooting.md)
- [API Permissions for Integrations](https://docs.oort.io/troubleshooting/api-permissions-for-integrations.md): This page outlines the API permissions required by an Integration for enabling features within Oort
- [Responsible Disclosure Policy](https://docs.oort.io/troubleshooting/responsible-disclosure-policy.md)
- [Best Practices](https://docs.oort.io/best-practices.md)
- [What’s Next? How to use Identity Intelligence effectively](https://docs.oort.io/best-practices/whats-next-how-to-use-identity-intelligence-effectively.md)
- [Identity Security Reading List](https://docs.oort.io/best-practices/identity-security-resources.md): Want to learn more about identity but don't know where to start? Here's some useful resources
- [KPIs for
 IAM Teams](https://docs.oort.io/best-practices/kpis-for-iam-teams.md): A practical guide for measuring performance of your enterprise identity and access management program
- [Blogs](https://docs.oort.io/blogs.md): Stay up to date on Cisco Identity news, product tips, and industry insights.
- [0ktapus for humans](https://docs.oort.io/blogs/0ktapus-for-humans.md): Sep 13, 2022
- [Oort Releases GitHub Integration To Extend Identity Threat Detection](https://docs.oort.io/blogs/oort-releases-github-integration-to-extend-identity-threat-detection.md)
- [Oort Recognized Twice as a Sample Vendor in Gartner® 2023 Hype Cycle Reports™](https://docs.oort.io/blogs/oort-recognized-twice-as-a-sample-vendor-in-gartner-r-2023-hype-cycle-reports-tm.md)
- [Oort's Response Capabilities: Remediate Compromised Accounts with Just One Click](https://docs.oort.io/blogs/oorts-response-capabilities-remediate-compromised-accounts-with-just-one-click.md)
- [Oort Unveils Dashboard, Providing A Single Pane of Glass for Identities](https://docs.oort.io/blogs/oort-unveils-dashboard-providing-a-single-pane-of-glass-for-identities.md)
- [Oort’s New Identity Security Dashboard](https://docs.oort.io/blogs/oorts-new-identity-security-dashboard.md)
- [Oort Unveils Identity Technology Ecosystem, Bringing Identity Data out of Orbit and Into View](https://docs.oort.io/blogs/oort-unveils-identity-technology-ecosystem-bringing-identity-data-out-of-orbit-and-into-view.md)
- [Oort: Your Security Layer On Top Of Okta](https://docs.oort.io/blogs/oort-your-security-layer-on-top-of-okta.md)
- [Populating the Unpopulated: Challenges of Building a Comprehensive User Inventory](https://docs.oort.io/blogs/populating-the-unpopulated-challenges-of-building-a-comprehensive-user-inventory.md)
- [Protecting IT Help Desk Teams Against Cyber Attacks](https://docs.oort.io/blogs/protecting-it-help-desk-teams-against-cyber-attacks.md)
- [Protecting Salesforce Accounts from Takeovers and Ungoverned Access](https://docs.oort.io/blogs/protecting-salesforce-accounts-from-takeovers-and-ungoverned-access.md)
- [Restrict Guest Access Permissions: Best Practices and Challenges](https://docs.oort.io/blogs/restrict-guest-access-permissions-best-practices-and-challenges.md)
- [Seizing the Communication Opportunity: Aligning Perspectives in Identity Security](https://docs.oort.io/blogs/seizing-the-communication-opportunity-aligning-perspectives-in-identity-security.md)
- [Session Hijacking in a Post-Genesis World](https://docs.oort.io/blogs/session-hijacking-in-a-post-genesis-world.md)
- [SIEM vs. Security Data Lake: Why it's Time to Rethink Your Security Program](https://docs.oort.io/blogs/siem-vs.-security-data-lake-why-its-time-to-rethink-your-security-program.md)
- [Speaking the Same Language for Identity Security: Identify, Protect, Detect, Respond](https://docs.oort.io/blogs/speaking-the-same-language-for-identity-security-identify-protect-detect-respond.md)
- [State of Identity Security research reveals 40% of accounts use weak or no form of multi-factor auth](https://docs.oort.io/blogs/state-of-identity-security-research-reveals-40-of-accounts-use-weak-or-no-form-of-multi-factor-authe.md)
- [Strengthening Identity Controls: Mapping to CIS CSC and NIST CSF Security Frameworks](https://docs.oort.io/blogs/strengthening-identity-controls-mapping-to-cis-csc-and-nist-csf-security-frameworks.md)
- [Strengthening Identity Security with Single Sign-On (SSO) Systems](https://docs.oort.io/blogs/strengthening-identity-security-with-single-sign-on-sso-systems.md)
- [Succeeding with Proper Detection for Identity Security: A Comprehensive Approach](https://docs.oort.io/blogs/succeeding-with-proper-detection-for-identity-security-a-comprehensive-approach.md)
- [Taking a Data-Driven Approach to Identity Security](https://docs.oort.io/blogs/taking-a-data-driven-approach-to-identity-security.md)
- [The Concerning Prevalence of Weak Second Factors](https://docs.oort.io/blogs/the-concerning-prevalence-of-weak-second-factors.md)
- [The Crucial Role of an Identity Security Leader](https://docs.oort.io/blogs/the-crucial-role-of-an-identity-security-leader.md)
- [Why I am Joining Oort](https://docs.oort.io/blogs/why-i-am-joining-oort.md)
- [The Quest for a Passwordless World](https://docs.oort.io/blogs/the-quest-for-a-passwordless-world.md)
- [Understanding Azure Active Directory (Azure AD)](https://docs.oort.io/blogs/understanding-azure-active-directory-azure-ad.md)
- [Understanding the Implications of New SEC Rules on Cyber Incident Disclosure](https://docs.oort.io/blogs/understanding-the-implications-of-new-sec-rules-on-cyber-incident-disclosure.md)
- [Unlocking the Power of Zero Trust: The Crucial Role of Identity and Oort's Identity Security Platfor](https://docs.oort.io/blogs/unlocking-the-power-of-zero-trust-the-crucial-role-of-identity-and-oorts-identity-security-platform.md)
- [Respond Even Quicker to Identity Threats](https://docs.oort.io/blogs/respond-even-quicker-to-identity-threats.md)
- [What to Look Out For at Gartner IAM](https://docs.oort.io/blogs/what-to-look-out-for-at-gartner-iam.md)
- [7 Critical Requirements for Securing Third-Party and Vendor Access](https://docs.oort.io/blogs/7-critical-requirements-for-securing-third-party-and-vendor-access.md)
- [Best Practices for Efficiently Responding to Identity Threats](https://docs.oort.io/blogs/best-practices-for-efficiently-responding-to-identity-threats.md)
- [Announcing our Identity Technology Partner Ecosystem](https://docs.oort.io/blogs/announcing-our-identity-technology-partner-ecosystem.md)
- [Catching waves and building clouds](https://docs.oort.io/blogs/catching-waves-and-building-clouds.md)
- [Cisco Announces Intent to Acquire Oort](https://docs.oort.io/blogs/cisco-announces-intent-to-acquire-oort.md)
- [CISO Perspectives: Eric Richard, HubSpot](https://docs.oort.io/blogs/ciso-perspectives-eric-richard-hubspot.md)
- [Defining Roles & Responsibilities for an Identity Security Program](https://docs.oort.io/blogs/defining-roles-and-responsibilities-for-an-identity-security-program.md)
- [Detecting Session Hijacking](https://docs.oort.io/blogs/detecting-session-hijacking.md)
- [8 Things to Look for in an ITDR Solution](https://docs.oort.io/blogs/8-things-to-look-for-in-an-itdr-solution.md)
- [Enhancing Identity Threat Detection: Introducing Oort’s New GitHub Integration](https://docs.oort.io/blogs/enhancing-identity-threat-detection-introducing-oorts-new-github-integration.md)
- [Founder Perspective: Matt Caulfield On Why He Started Oort](https://docs.oort.io/blogs/founder-perspective-matt-caulfield-on-why-he-started-oort.md)
- [Founder Perspective: Vision To Reality](https://docs.oort.io/blogs/founder-perspective-vision-to-reality.md)
- [Four Reasons Why Traditional SIEMs Fall Short For Identity Security Programs](https://docs.oort.io/blogs/four-reasons-why-traditional-siems-fall-short-for-identity-security-programs.md)
- [How Oort Partners with Duo for Unbeatable Secure Access](https://docs.oort.io/blogs/how-oort-partners-with-duo-for-unbeatable-secure-access.md)
- [Governance, Risk, and Compliance](https://docs.oort.io/blogs/governance-risk-and-compliance.md)
- [How to Find Inactive Users](https://docs.oort.io/blogs/how-to-find-inactive-users.md)
- [Identity and Access Management and Oort Explained](https://docs.oort.io/blogs/identity-and-access-management-and-oort-explained.md)
- [5 Identity Security Questions Every IAM Leader Needs to Answer](https://docs.oort.io/blogs/5-identity-security-questions-every-iam-leader-needs-to-answer.md)
- [Identity security is bigger than just ITDR](https://docs.oort.io/blogs/identity-security-is-bigger-than-just-itdr.md)
- [Identity is the apex threat vector, so why is identity security still a mess?](https://docs.oort.io/blogs/identity-is-the-apex-threat-vector-so-why-is-identity-security-still-a-mess.md)
- [Identity Threat Detection](https://docs.oort.io/blogs/identity-threat-detection.md)
- [Identity Threat Detection and Response: what you need to know](https://docs.oort.io/blogs/identity-threat-detection-and-response-what-you-need-to-know.md)
- [Identiverse 2023: What I'm Looking Forward to & What Not to Miss](https://docs.oort.io/blogs/identiverse-2023-what-im-looking-forward-to-and-what-not-to-miss.md)
- [Interview with Oort: Best Practices for Managing & Protecting Service Accounts](https://docs.oort.io/blogs/interview-with-oort-best-practices-for-managing-and-protecting-service-accounts.md)
- [Interview with Alex “Sasha” Zaslavsky (Oort Data Science Lead)](https://docs.oort.io/blogs/interview-with-alex-sasha-zaslavsky-oort-data-science-lead.md)
- [Interview with Andy Winiarski (Head of Solutions Engineering)](https://docs.oort.io/blogs/interview-with-andy-winiarski-head-of-solutions-engineering.md)
- [Interview with Nicolas Dard (Oort’s VP of Product Management)](https://docs.oort.io/blogs/interview-with-nicolas-dard-oorts-vp-of-product-management.md)
- [Introducing our Latest Integration to Protect Identities in AWS](https://docs.oort.io/blogs/introducing-our-latest-integration-to-protect-identities-in-aws.md)
- [Introducing The 2023 State of Identity Security Report](https://docs.oort.io/blogs/introducing-the-2023-state-of-identity-security-report.md)
- [Maintaining a Strong Identity Security Posture: Why IAM Hygiene Matters](https://docs.oort.io/blogs/maintaining-a-strong-identity-security-posture-why-iam-hygiene-matters.md)
- [Managing Machine Identities: A Comprehensive Guide](https://docs.oort.io/blogs/managing-machine-identities-a-comprehensive-guide.md)
- [Managing Risk In Shipwreck Diving and Security](https://docs.oort.io/blogs/managing-risk-in-shipwreck-diving-and-security.md)
- [Monitoring MFA Usage and Adoption: Strengthening Your Security Strategy](https://docs.oort.io/blogs/monitoring-mfa-usage-and-adoption-strengthening-your-security-strategy.md)
- [Okta Breach: Why Attackers Target GitHub, and What You Can Do to Secure It](https://docs.oort.io/blogs/okta-breach-why-attackers-target-github-and-what-you-can-do-to-secure-it.md)
- [Okta Security](https://docs.oort.io/blogs/okta-security.md)
- [Oort and Polarity Combine to Provide Instant Context on Identities](https://docs.oort.io/blogs/oort-and-polarity-combine-to-provide-instant-context-on-identities.md)
- [Oort + Polarity: Instant Identity Context to Power Investigations and Response](https://docs.oort.io/blogs/oort-+-polarity-instant-identity-context-to-power-investigations-and-response.md)
- [Oort Announces $15M in Seed and Series A Funding Round](https://docs.oort.io/blogs/oort-announces-usd15m-in-seed-and-series-a-funding-round.md)
- [Oort Stacks Go-to-Market Leadership Team Following Series A Investment](https://docs.oort.io/blogs/oort-stacks-go-to-market-leadership-team-following-series-a-investment.md)
- [Oort Extends Identity Threat Detection with New AWS Integration](https://docs.oort.io/blogs/oort-extends-identity-threat-detection-with-new-aws-integration.md)
- [Announcing General Availability of the Oort Identity Analytics & Automation Platform](https://docs.oort.io/blogs/announcing-general-availability-of-the-oort-identity-analytics-and-automation-platform.md)
- [Oort Joins Forces with Microsoft Intelligent Security Association to Bring Visibility into Unmanaged](https://docs.oort.io/blogs/oort-joins-forces-with-microsoft-intelligent-security-association-to-bring-visibility-into-unmanaged.md)
- [Oort Joins the Microsoft Intelligent Security Association (MISA)](https://docs.oort.io/blogs/oort-joins-the-microsoft-intelligent-security-association-misa.md)
- [Building an Effective Identity Security Program: A Comprehensive Handbook](https://docs.oort.io/blogs/building-an-effective-identity-security-program-a-comprehensive-handbook.md)
- [Oort Launches Identity Security Platform in Auth0 Marketplace](https://docs.oort.io/blogs/oort-launches-identity-security-platform-in-auth0-marketplace.md)
- [Oort Launches Identity Security Platform in AWS Marketplace](https://docs.oort.io/blogs/oort-launches-identity-security-platform-in-aws-marketplace.md)
- [Oort Launches One-Click Remediation Actions for Streamlined Identity Security Response](https://docs.oort.io/blogs/oort-launches-one-click-remediation-actions-for-streamlined-identity-security-response.md)
- [Oort Origins and Our Vision for Identity Security](https://docs.oort.io/blogs/oort-origins-and-our-vision-for-identity-security.md)
- [Release Notes](https://docs.oort.io/release-notes.md)
- [Week 22, 2024](https://docs.oort.io/release-notes/week-22-2024.md)
- [Week 21, 2024](https://docs.oort.io/release-notes/week-21-2024.md)
- [Week 20, 2024](https://docs.oort.io/release-notes/week-20-2024.md)
- [Week 19, 2024](https://docs.oort.io/release-notes/week-19-2024.md)
- [Week 18, 2024](https://docs.oort.io/release-notes/week-18-2024.md)
- [Week 17, 2024](https://docs.oort.io/release-notes/week-17-2024.md)
- [Week 16, 2024](https://docs.oort.io/release-notes/week-16-2024.md)
- [Week 14, 2024](https://docs.oort.io/release-notes/week-14-2024.md)
- [Week 13, 2024](https://docs.oort.io/release-notes/week-13-2024.md)
- [Week 11, 2024](https://docs.oort.io/release-notes/week-11-2024.md)
- [Week 9, 2024](https://docs.oort.io/release-notes/week-9-2024.md)
- [Week 7, 2024](https://docs.oort.io/release-notes/week-7-2024.md)
- [Week 5, 2024](https://docs.oort.io/release-notes/week-5-2024.md)
- [Week 4, 2024](https://docs.oort.io/release-notes/week-4-2024.md)
- [Week 3, 2024](https://docs.oort.io/release-notes/week-3-2024.md)
- [Week 2, 2024](https://docs.oort.io/release-notes/week-2-2024.md)
- [2023](https://docs.oort.io/release-notes/2023.md)
- [Week 49, 2023](https://docs.oort.io/release-notes/2023/week-49-2023.md)
- [Week 48, 2023](https://docs.oort.io/release-notes/2023/week-48-2023.md)
- [Week 47, 2023](https://docs.oort.io/release-notes/2023/week-47-2023.md)
- [Week 46, 2023](https://docs.oort.io/release-notes/2023/week-46-2023.md)
- [Week 45, 2023](https://docs.oort.io/release-notes/2023/week-45-2023.md)
- [Week 44, 2023](https://docs.oort.io/release-notes/2023/week-44-2023.md)
- [Week 43, 2023](https://docs.oort.io/release-notes/2023/week-43-2023.md)
- [Week 42, 2023](https://docs.oort.io/release-notes/2023/week-42-2023.md)
- [Week 41, 2023](https://docs.oort.io/release-notes/2023/week-41-2023.md)
- [Week 40, 2023](https://docs.oort.io/release-notes/2023/week-40-2023.md)
- [Week 39, 2023](https://docs.oort.io/release-notes/2023/week-39-2023.md)
- [Week 38, 2023](https://docs.oort.io/release-notes/2023/week-38-2023.md)
- [Week 37, 2023](https://docs.oort.io/release-notes/2023/week-37-2023.md)
- [Week 35, 2023](https://docs.oort.io/release-notes/2023/week-35-2023.md)
- [Week 34, 2023](https://docs.oort.io/release-notes/2023/week-34-2023.md)
- [Week 33, 2023](https://docs.oort.io/release-notes/2023/week-33-2023.md)
- [Week 32, 2023](https://docs.oort.io/release-notes/2023/week-32-2023.md)
- [Week 31, 2023](https://docs.oort.io/release-notes/2023/week-31-2023.md)
- [Week 30, 2023](https://docs.oort.io/release-notes/2023/week-30-2023.md)
- [Week 29, 2023](https://docs.oort.io/release-notes/2023/week-29-2023.md)
- [Week 28, 2023](https://docs.oort.io/release-notes/2023/week-28-2023.md)
- [Week 27, 2023](https://docs.oort.io/release-notes/2023/week-27-2023.md)
- [Week 26, 2023](https://docs.oort.io/release-notes/2023/week-26-2023.md)
- [Week 25, 2023](https://docs.oort.io/release-notes/2023/week-25-2023.md)
- [Week 24, 2023](https://docs.oort.io/release-notes/2023/week-24-2023.md)
- [Week 23, 2023](https://docs.oort.io/release-notes/2023/week-23-2023.md)
- [Week 22, 2023](https://docs.oort.io/release-notes/2023/week-22-2023.md)
- [Week 21, 2023](https://docs.oort.io/release-notes/2023/week-21-2023.md)
- [Week 20, 2023](https://docs.oort.io/release-notes/2023/week-20-2023.md)
- [Week 19, 2023](https://docs.oort.io/release-notes/2023/week-19-2023.md)
- [Week 18, 2023](https://docs.oort.io/release-notes/2023/week-18-2023.md)
- [Week 17, 2023](https://docs.oort.io/release-notes/2023/week-17-2023.md)
- [Week 16, 2023](https://docs.oort.io/release-notes/2023/week-16-2023.md)
- [Week 15, 2023](https://docs.oort.io/release-notes/2023/week-15-2023.md)
- [Week 13, 2023](https://docs.oort.io/release-notes/2023/week-13-2023.md)
- [Week 12, 2023](https://docs.oort.io/release-notes/2023/week-12-2023.md)
- [Week 11, 2023](https://docs.oort.io/release-notes/2023/week-11-2023.md)
- [Week 10, 2023](https://docs.oort.io/release-notes/2023/week-10-2023.md)
- [Week 9, 2023](https://docs.oort.io/release-notes/2023/week-9-2023.md)
- [Week 8, 2023](https://docs.oort.io/release-notes/2023/week-8-2023.md)
- [Week 7, 2023](https://docs.oort.io/release-notes/2023/week-7-2023.md)
- [Week 6, 2023](https://docs.oort.io/release-notes/2023/week-6-2023.md)
- [Week 5, 2023](https://docs.oort.io/release-notes/2023/week-5-2023.md)
- [Week 4, 2023](https://docs.oort.io/release-notes/2023/week-4-2023.md)
- [Week 3, 2023](https://docs.oort.io/release-notes/2023/week-3-2023.md)
- [Week 2, 2023](https://docs.oort.io/release-notes/2023/week-2-2023.md)
- [Week 1, 2023](https://docs.oort.io/release-notes/2023/week-1-2023.md)
- [2022](https://docs.oort.io/release-notes/2022.md)
- [Week 51, 2022](https://docs.oort.io/release-notes/2022/week-51-2022.md)
- [Week 50, 2022](https://docs.oort.io/release-notes/2022/week-50-2022.md)
- [Week 49, 2022](https://docs.oort.io/release-notes/2022/week-49-2022.md)
- [Week 48, 2022](https://docs.oort.io/release-notes/2022/week-48-2022.md)
- [Week 47, 2022](https://docs.oort.io/release-notes/2022/week-47-2022.md)
- [Week 46, 2022](https://docs.oort.io/release-notes/2022/week-46-2022.md)
- [Week 43, 2022](https://docs.oort.io/release-notes/2022/week-43-2022.md)
- [Week 42, 2022](https://docs.oort.io/release-notes/2022/week-42-2022.md)
- [Week 41, 2022](https://docs.oort.io/release-notes/2022/week-41-2022.md)
- [Week 38, 2022](https://docs.oort.io/release-notes/2022/week-38-2022.md)
- [Week 37, 2022](https://docs.oort.io/release-notes/2022/week-37-2022.md)
- [Week 36, 2022](https://docs.oort.io/release-notes/2022/week-36-2022.md)
- [Week 35, 2022](https://docs.oort.io/release-notes/2022/week-35-2022.md)
- [Week 34, 2022](https://docs.oort.io/release-notes/2022/week-34-2022.md)
- [Week 33, 2022](https://docs.oort.io/release-notes/2022/week-33-2022.md)
- [Week 32, 2022](https://docs.oort.io/release-notes/2022/week-32-2022.md)
- [Week 31, 2022](https://docs.oort.io/release-notes/2022/week-31-2022.md)
- [Week 30, 2022](https://docs.oort.io/release-notes/2022/week-30-2022.md)
- [Week 29, 2022](https://docs.oort.io/release-notes/2022/week-29-2022.md)
- [Week 24, 2022](https://docs.oort.io/release-notes/2022/week-24-2022.md)
- [Week 12, 2022](https://docs.oort.io/release-notes/2022/week-12-2022.md)


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on a page URL with the `ask` query parameter:
```
GET https://docs.oort.io/readme.md?ask=<question>
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.