Although I am a fan of Okta Platform overall, there are areas where it could improve security outcomes and reduce admin friction. My top improvement areas include the system log and analytics upgrade, which are great for point troubleshooting, but trending and root cause analysis across large tenants still require exporting to SIEM. Verbose queries and long-range retention costs can add up. Additionally, while certificate rotations are better than most, the process is still manual for busy portfolios, especially concerning multi-SP SAML certificate rotations and app metadata drift. Two more buckets of potential improvements for Okta Platform involve user experience and security. There is the issue of push fatigue and prompt sprawl, where users receive multiple prompts across different apps and sessions. I arrived at the rating of eight because the core controls are strong and reliable, but a few operational UX and UI gaps prevent it from being rated higher. The reasons for not giving it a nine or ten include ongoing issues concerning safety and change safety, the complexity of group rules and mappings, and the lack of robustness in policy management. Additionally, there remains a need for more manual involvement than necessary, especially for large portfolios and dual certificate rotation, along with proactive SP data metadata validation.
