We're excited to announce our new Okta integration, which helps you discover critical security gaps in your authentication infrastructure.

Unlike Okta SSO setup—which focuses on enabling single sign-on for your users—this integration connects directly to your Okta tenant to identify login endpoints across your attack surface that are exposed to the internet without SSO protection layered on top of them.

Here's how it works: Guard continuously discovers web applications and login pages across your external attack surface. Our new Okta integration cross-references these discovered endpoints against your Okta application catalog to automatically tag exposed login endpoints with an "SSO Identified" attribute. This tells you at a glance whether each login page is protected by Okta SSO or if it's relying on traditional username/password authentication that's vulnerable to credential stuffing, password spraying, and phishing attacks.

You can filter for SSO Identified vulnerabilities directly on the vulnerability page, making it easy to focus on unprotected endpoints that need attention. When you open any exposed login endpoint, you'll see an "SSO identified" indicator displayed as a tag in the top left of the vulnerability details, providing immediate visibility into its authentication protection status.

This integration provides immediate visibility into authentication risk. You'll see a comprehensive list of every login endpoint exposed to the internet, with clear indicators showing which ones lack the protection of SSO. This allows security teams to prioritize remediation efforts, enforce SSO adoption across the organization, and reduce the attack surface associated with password-based authentication. Instead of manually auditing hundreds of applications, you get automated, continuous monitoring of your authentication security posture.

This integration is particularly valuable for organizations undergoing SSO migration, where understanding which legacy applications still expose traditional login pages helps drive adoption and close security gaps before attackers can exploit them.