Attackers don’t just target endpoints. They target identity platforms because access is everything.
With BitLyft AIR® v1.21, we’re expanding identity threat detection and automated response for OneLogin environments, helping teams spot risky identity behavior sooner and act faster when it matters.
This release adds new OneLogin security detections designed to surface the identity activity that often leads to breaches, including:
Instead of more logs, AIR® highlights high-risk identity behavior that security teams need to act on.
Detection is only useful if teams can respond quickly. That’s why v1.21 introduces a OneLogin Compromised User Account playbook, built to guide and automate response actions when identity threats are detected.
What teams gain:
New out-of-the-box automation mappings connect OneLogin detections directly to remediation actions, no custom scripting required.
This means:
Security teams using OneLogin gain improved visibility into identity activity that commonly leads to incidents, along with faster and more consistent response through built-in automation. The combination of targeted OneLogin detections, automated response playbooks, and out-of-the-box automation reduces manual triage, shortens response time, and strengthens identity security coverage without adding operational complexity or additional tools.
Want to see how identity detections turn into automated response? Schedule a 15 minute demo.