Use Case	All Integrations Zero Trust Automation
Language	English
Share

Splunk Phantom

Overview

The Okta + Splunk Phantom integration orchestrates response for credential-based threats, using identity as the security control point to enable adaptive, automated response actions like step-up authentication. When suspicious account activity is detected, like a log-in from a new device or location, security teams can mitigate the threat automatically by clearing active sessions or forcing multi-factor authentication (MFA) with Okta. If a legitimate user's credentials have been compromised, security teams can take additional remediation actions against the bad actor by suspending the compromised account and conducting a password reset.

Securely enable access for your users from anywhere with Splunk Phantom

Last updated: Aug. 23 2019

Functionality

Add this integration to enable authentication and provisioning capabilities.

Functionality	API Entitlement Management Event Hooks Identity Security & Posture Management Inbound Federation Inline Hooks Outbound Federation Partial Universal Logout RADIUS Universal Logout Workflow Templates Workflows Connectors SAML SWA WS-Federation OIDC SCIM
Provisioning	Create Update Attribute Sourcing Deactivate Sync Password Group Push Group Linking Schema Discovery Attribute Writeback

Okta

Auth0

Discover our latest stories

Splunk Phantom

Overview

Functionality

Functionality

Provisioning

Take your integrations further

Build your own

Publish to the OIN

Secure your SaaS apps