You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -9,6 +9,8 @@ Created by David French ([@threatpunter](https://twitter.com/threatpunter)) at [
Dorothy is a tool to help security teams test their monitoring and detection capabilities for their Okta environment. Dorothy has several modules to simulate actions that an attacker might take while operating in an Okta environment and actions that security teams should be able to audit. The modules are mapped to the relevant [MITRE ATT&CK®](https://attack.mitre.org/) tactics, such as persistence, defense evasion, and discovery.
Learn more about Dorothy and how to get started with it in [this blog post](https://www.elastic.co/blog/testing-okta-visibility-and-detection-dorothy).
[Elastic Security's](https://www.elastic.co/security) free detection rules for Okta can be found in our [detection-rules](https://github.com/elastic/detection-rules) repo. You can read [this blog post](https://www.elastic.co/blog/cloud-monitoring-and-detection-with-elastic-security) to learn more about how Elastic Security helps with cloud monitoring and detection.
Dorothy can change the configuration of your Okta environment. Consider using Dorothy in a test environment to avoid any risk of impacting your production environment.
