OKTA ASSESSMENT → AUTOMATED EVIDENCEEVIDENCE

Evidence buyers can inspect.

Atomation turns a read-only Okta snapshot into finding cards, reports, screenshots, framework mappings, and exports that different teams can review from one source.

  • Finding cards tie each issue to source evidence.
  • Report artifacts support leadership, operator, and audit review.
  • Exports keep remediation and evidence repositories moving.
Read report guideView examples
HIGHPrivileged accessOKTA-MFA-014

Admin-capable users without phishing-resistant MFA

Twelve users with admin-capable roles can authenticate without a phishing-resistant factor, leaving privileged paths exposed to credential phishing.

evidence
snapshot · 12 user records · policy export
frameworks
SOX ITGCHIPAA 164.312CMMC IA.L2
status
open · remediation recommended

Illustrative sample. Customer reports reflect the real org configuration.

01/ Dashboard evidence

Dashboard evidence, joined to the story.

Frozen Okta evidence becomes a dashboard teams can review before they open individual findings.

  • Freeze the Okta snapshot before findings are packaged.
  • Show severity counts, scope totals, and review queues together.
  • Keep public screenshots sanitized and customer-safe.
2finding views

customer summary and operator detail

6export paths

PDF, DOCX, Markdown, CSV, JSON, snapshot

4+framework lenses

plus customer-provided controls

Stats are representative product outputs, not a promise that every assessment has the same count or severity mix.

Anonymized Atomation Okta assessment dashboard preview
Dashboard views summarize assessment state without exposing customer identity data.
02/ Evidence pipeline

Capture, check, package.

  • Capture read-only Okta configuration and supplied evidence.
  • Run deterministic checks against the frozen snapshot.
  • Package findings, report views, framework mappings, and exports.
  • Use optional summaries only to explain results, not decide findings.
okta-posture · example.okta.comcomplete
68/ 100
NEEDS ATTENTION
findings
14
evidence
142
frameworks
4
Password and lockout policyPASS
Phishing-resistant MFA on admins12 GAPS
Inactive accounts 90d+37 USERS
Stale API tokens5 TOKENS
Deprovisioning latencyREVIEW
ThreatInsight enabledPASS
read-only · no tenant writessnapshot evidence captured
03/ Report preview

Evidence becomes artifacts, not a one-time dashboard.

  • Summary view for executives, security owners, and audit conversations.
  • Operator detail with affected objects, screenshots, excerpts, and notes.
  • Shared evidence model so every audience reviews the same source of truth.
Okta
Snapshot evidence
Posture72
Checks48
Frameworks4
Admin policyHigh
Alert coverageGap
LicensingReview
EvidenceMapped
PDFWordMarkdownEvidence
04/ Public screenshots

Sanitized examples, only where they help.

Public screenshots should prove the product shape without exposing customer identity data, raw hostnames, old-name emails, or internal-only evidence.

Evidence path

Group-rule dependencies

Visual evidence helps IAM teams review relationships that are easy to miss in exports.

  • Cascading rules
  • Duplicate conditions
  • Assignment paths that need owner review
Atomation group rules screen showing cascading dependency evidence
Cascading group-rule dependencies can become finding evidence.
Renewal context

Licensing signals

When scope includes licensing review, usage signals become evidence for renewal planning.

  • Licensed users with no sign-in history
  • Usage and assignment signals
  • Finance, procurement, IAM, and leadership review
Atomation users screen showing licensed users and users with no sign-in recorded
Licensed users with no sign-in history can support renewal planning.
05/ Export paths

Evidence leaves as reviewable artifacts.

Report artifacts

PDF, DOCX, and Markdown outputs for leadership, partner delivery, audit packets, and internal remediation planning.

Finding data

CSV and JSON finding exports for filtering, ticket creation, downstream reporting, and custom evidence repositories.

Snapshot evidence

Raw snapshot JSON and uploaded evidence metadata are available within the selected retention window and data boundary.

Open report docsOpen finding examples