Okta Identity Security Posture Management release announcements

September 10, 2025

New issue detection for unauthorized apps connected to Salesforce

ISPM now detects user-installed apps that are connected to Salesforce and aren't managed by admins. These apps pose a risk as they may allow third parties to exploit OAuth tokens and gain unauthorized access or exfiltrate data. By highlighting these risky apps, ISPM enables security teams to proactively reduce exposure and maintain tighter control over critical data. See Supported detections.

August 27, 2025

Deep MFA & SSO Analysis Report

This page provides a unified view of your MFA adoption, enrollment, and enforcement trends, and the most common ways in which users bypass MFA.

Use it to get a continuous analysis of the following:

  • Account MFA statuses, app-level MFA requirements, and the security level of registered authenticators

  • Critical risks, such as admins without MFA, users with weak authenticators, and more

  • Accounts that bypass MFA and SSO policies

The Deep MFA & SSO Analysis Report page helps security teams to prioritize and reduce authentication risks across their organization.

See Monitor MFA posture

August 20, 2025

Error visibility and management for data source connections

Now you have more control over your data source connections in the ISPM console:

  • Identify problems with connectors: The ISPM console now shows health statuses and specific error messages for Failed authentication, Missing permissions, or Missing configuration, which can help you diagnose integration problems quickly.

  • Update credentials: When you encounter a Failed authentication error, you can now directly edit the credentials for your Entra ID, Google Workspace, GitHub, GitLab, and Jira connectors.

This allows you to resolve integration issues faster and independently, minimizes the data downtime for your org, and ensures that your data is always up to date. See Manage data source connections.

July 30, 2025

Interactive MFA & SSO Organization Graph

This graph provides a visual map of your organization's authentication flows, helping you gain a deeper understanding of your security posture. It enables you to do the following:

  • Discover and continuously monitor authentication methods across your environment.

  • Identify potential security risks, such as apps that bypass SSO or lack MFA enforcement.

  • Visualize the access and risk relationships between user accounts and apps.

  • Investigate MFA requirements at the app level, with clear visual indicators for enforcement status.

    See Identify potential MFA risks.

July 16, 2025

Universal Logout for ISPM

Universal Logout is now supported for ISPM. After you configure entity risk and session protection policies using Identity Threat Protection, Okta can terminate a user's ISPM session when ITP identifies a change in risk conditions. When an admin manually revokes the user's session from the Okta Admin Console, the user's ISPM session is also terminated. This ensures immediate and consistent security enforcement across your identity ecosystem.

Guided walkthrough for the ISPM console

The ISPM console now has an in-built, guided experience designed that helps you navigate the console and understand the security tools available for you to use. Focusing on the Dashboard and Issues pages, it highlights how you can use the ISPM console to get valuable insights and identify and remediate risks.

June 18, 2025

Workflows templates for automatic issue remediation

Use Okta workflows templates to respond to security issues detected by Okta Identity Security Posture Management (ISPM). These templates are automated workflows that help minimize security risks associated with privileged accounts, compromised credentials, and misconfigurations. You can trigger workflows for the following templates using ISPM event hooks:

  • ISPM Event Routing Flow

  • Suspend Okta Account as a Response to ISPM Detection

  • Disable Microsoft Entra ID Account as a Response to ISPM Detection

  • Deactivate Salesforce User as a Response to ISPM Detection

  • Suspend Google Workspace User as a Response to ISPM Detection

  • Okta - Add User to a Group as a Response to ISPM Detection

  • Entra ID - Add User to a Group as a Response to ISPM Detection

  • Okta - Reset User Password Upon Next Login as a Response to ISPM Detection

See Configure an event hook and Okta Workflows templates for Identity Security Posture Management

New issue detection for AI agents linked to Salesforce account

When multiple AI agents are linked to the same user account, all of the AI agents are granted the same set of permissions, even if they don't need it. This may lead to over-privileged access and expand the attack vector's threat surface for your org. One compromised agent risks all; one permission change affects all. See Supported detections.

Increased visibility for multi-account AWS apps

The security posture analysis that ISPM does for Okta apps that provide access to multiple AWS accounts has been enhanced. This enhancement gives you a centralized view of the security posture across all linked AWS accounts, aggregating key data such as MFA enforcement status and user risk detections.

Improved multifactor authentication analysis for Atlassian Jira and Box

The improved ISPM Multifactor Authentication (MFA) analysis provides deeper visibility into your Atlassian Jira and Box environments. This enhancement helps security teams identify potential authentication gaps, such as ensuring both federated and local user accounts in Jira and Box are properly protected by MFA.

Quick search suggestions

The ISPM search bar now features quick search suggestions for high-impact security queries. This provides one-click access to pre-built searches for identifying configurations such as service accounts, all super admins, admins who can bypass MFA, or applications with low MFA requirements.

ISPM console improvements

  • The User Access Graph now includes a search function to locate specific apps within the visual map. This allows you find apps quickly and view its associated access groups and risks, accelerating investigations into a user's security posture.

  • The dark mode theme has been enhanced with a refined color palette and improved contrast. These changes improve visual comfort and the readability of on-screen elements.

March 31, 2025

Enhanced visibility and risk category for Non-Human Identities

Okta ISPM now provides enhanced visibility into the Non-Human identities (NHI) aspect of potential security risks to your org in the ISPM console:

  • The Non Human identities risk status category card on the Dashboard shows a high-level count of NHI-specific issues in your org.

  • The Non Human Identities page in the Inventory lists service accounts, API keys, tokens, users with keys and tokens, and Salesforce AI Agents. It also displays details about identity types, privileges, login methods, and more.

  • 19 existing issue detections on the Issues page are now flagged with the NHI tag.

With this feature, ISPM helps you adopt a unified approach to your org's security by securing both human and non human identities. See Non-human identities and Supported detections.