Configure Okta ThreatInsight
Configure Okta ThreatInsight to detect malicious IP addresses that attempt credential-based attacks.
- Create an IP zone that contains trusted IP addresses for your org so it may be exempted from Okta ThreatInsight.
- Trusted IP addresses include IPs such as office gateway IPs or Okta agents. See Exempt Zones for more details.
Start this task
- From the Admin Console, click Security > General.
- Go to Okta ThreatInsight Settings.
- Click Edit. A list of actions is displayed:
No Action: Okta ThreatInsight actions are not enabled. Okta collects Okta ThreatInsight data for aggregation purposes even if this option is selected.
Log authentication attempts from malicious IPs: Sign-in attempts from malicious IP addresses are displayed in the system log.
Log and block authentication attempts from malicious IPs: Sign-in attempts from malicious IP addresses are displayed in the system log and blocked, returning an appropriate HTTP error.
- Select the desired action for your org.
- Add any trusted network zones that you want to exclude from threat detection.
- Click Save to save your changes.
It may take a few minutes for any changes to these settings to take effect.