Update rules/integrations/okta/credential_access_multiple_user_agent_os_authentication.toml

terrancedejesus · imays11 · web-flow · commit 909f3082433b · 2025-11-24T10:02:03.000-05:00
Co-authored-by: Isai &lt;59296946+imays11@users.noreply.github.com&gt;
diff --git a/rules/integrations/okta/credential_access_multiple_user_agent_os_authentication.toml b/rules/integrations/okta/credential_access_multiple_user_agent_os_authentication.toml
@@ -48,7 +48,7 @@ same dt_hash. This will help identify the nature of the anomaly.
 - If compromise is confirmed, reset the user's credentials and enforce multi-factor authentication (MFA)
 - Revoke any active sessions associated with the compromised account to prevent further unauthorized access.
 - Review and monitor the affected dt_hash for any further suspicious activity.
-- Educate users about the importance of device security and the risks associated with device token tokens.
+- Educate users about the importance of device security and the risks associated with device tokens.
 - Implement additional monitoring for device token tokens and consider using conditional access policies to restrict access based on device compliance status.
 """
 risk_score = 73
