Suspicious Activity Reported by End User

Detects users that have reported suspicious or unrecognized activity to the organization’s admin from an email notification.

This check requires the "Suspicious Activity Reporting" feature to be configured in Okta.

Recommended Actions

Oort recommends you notify the user and admin channel. Oort allows the user to say the user made a mistake to reduce false positives. Please review the highlighted activity in the log to see the highlighted session.

Compatibility

Okta

Duo

Microsoft Entra ID

PreviousSuper Admin Login to Google NextUnusual Repo Access

Last updated 1 year ago