SlideShare a Scribd company logo

Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for VPNs

SecureAuth
SecureAuth

Two-factor authentication is a great first step in securing your VPN, but we have seen that it is not always infallible. With advances in authentication technology we now have techniques to analyze the context of a user before and during authentication and step up your security when needed, without burdening your users. SecureAuth IdP is the industry’s first access control solution to provide adaptive authentication and leverage live attack intelligence to identify suspicious actors and drop a net around them, stopping them in their tracks.

Software
1 of 38
Protecting the Keys to the Kingdom The Case for Adaptive AuthenticationforVPNs
2Protecting the Keys to the Kingdom Today’s Speaker Tim Arvanites Vice President of Technical Services SecureAuth
3Protecting the Keys to the Kingdom Housekeeping + All attendee audio lines are muted + Submit questions via questions panel at any time! + Questions will be answered at the end of the presentation + Contact us at webinars@secureauth.com + Slides and recording will be sent
4Protecting the Keys to the Kingdom Agenda + Today’s Reality + The Alternative + Adaptive Authentication in SecureAuth IdP + Live Demo – SecureAuth IdP + Q & A
5Protecting the Keys to the Kingdom
6Protecting the Keys to the Kingdom The reality is…. • Preventativemeasures are failing • We’re never going to totally stop an attack • There are humans involved (on both sides) • Passwords are no longer good enough • VPNs are the “keys to your kingdom”
7Protecting the Keys to the Kingdom Lets Examine an Attack
8Protecting the Keys to the Kingdom Lets Examine an Attack
9Protecting the Keys to the Kingdom Tighter security has a price • Consumerization of IT • Leading our users to demand less “friction” • BUT two-factor is becoming more mainstream • Biometrics are going commercial • Is 2-Factor the best we’ve got?
So what’s the alternative?
11Protecting the Keys to the Kingdom Adaptive Authentication • Using an open-ended variety of identity-relevantdata to incrementally elevate the trust in a claimed identity* • When layered they’re powerful • Device Fingerprinting • Geo-fencing • IP Reputation • Geo-velocity • Directory Lookup • Behavioral Analysis • Geo-location • Etc. *Gartner - A Taxonomy of User Authentication Methods, April 2014
12Protecting the Keys to the Kingdom Device Fingerprinting • First-time authentication - register the endpointfingerprint • Subsequentauthentications- validatethe endpointagainst the stored fingerprint • Fingerprintsincludecertain characteristicsaboutan endpointsuch as: • web browser configuration • device IPaddress • language • screen resolution • installedfonts • browser cookies settings • browser plugin • time zone
13Protecting the Keys to the Kingdom IP Reputation Data
14Protecting the Keys to the Kingdom Identity Store Lookup + Compare information to identities kept in a directory or user store - Group membership - Object attributes
15Protecting the Keys to the Kingdom Geo-location + Comparethe currentgeographicallocation (a physical,meaningful location) against known good/bad locations
16Protecting the Keys to the Kingdom Geo-fencing + Determine if the authentication location is within a geographical area or ‘virtual barrier’
17Protecting the Keys to the Kingdom Geo-velocity + Comparecurrentlocation and login history to determinewhether an improbabletraveleventhas occurred
18Protecting the Keys to the Kingdom • Analyze behavior that can be used to verify a person • Gather & store characteristics about the way the user interacts with a device such as: • Keystroke dynamics • Mouse movements • Gesturepatterns • Motion patterns Behavioral Analysis
19Protecting the Keys to the Kingdom Where does it help?
20Protecting the Keys to the Kingdom Putting it all together
21Protecting the Keys to the Kingdom Putting it all together • Implement these techniques in layers • Analyze, score and develop risk profile • Take action based on result: • Allow • Step up • Redirect • Deny • Tailor to your organizations risk tolerance • Deliver security with low friction - users are unaware
22Protecting the Keys to the Kingdom There is hope • Adaptive authentication: an emerging trend in authentication technology • You can achieve: • Greater analysis and control of authentication • Balance between security and a better user experience • Preventativemethods are failing, but you can tighten the net around attackers
SecureAuth IdP
24Protecting the Keys to the Kingdom Locking the doors isn’t enough… + Attackers are focusing efforts on stealing credentials – Once inside they move laterally through your network, evading detection + Simply having password-based security is not enough – You must also be analyzing login attempts in real time + Adaptive authentication can.. – Prevent intruders from getting to apps and data – Maintain user experience – Keep you from being the next headline
25Protecting the Keys to the Kingdom One Approach SSL VPN Identity Provider Adapter Identity Provider Authentication Adapter DMZ SaaS Adaptive Authentication Server On Premise Adaptive Authentication Server Provider Hosting Facility
26Protecting the Keys to the Kingdom Another Approach Two-Factor Authentication Policies Analyze Administrator Audit LogsHigh Risk - Deny Access Low Risk - Proceed Medium Risk - Step Up Authentication
27Protecting the Keys to the Kingdom SecureAuth IdP Two-Factor + Adaptive Authentication Assert Administrator Policies Audit Logs Accept, Authorize and Authenticate Analyze VPN On premise Web Cloud Mobile
28Protecting the Keys to the Kingdom The SecurePath to Strong Access Control Consume any identity from various sources Map identity to existing data stores for authentication information Utilize one or more of 20+ methods to confirm user identity Transparently assert identity to on-premise, cloud, mobile and VPN resources (SSO) Centralize and inspect access control activity
29Protecting the Keys to the Kingdom IdP Adaptive Authentication Before authentication begins IdP examines the IP address + Compares to defined white and black lists – Inspects full or partial addresses, ranges of addresses, and country codes + Analyzes using real-time data from Norse Corporation – Assigns a risk score – Takes action based on selected risk threshold IP Inspection
30Protecting the Keys to the Kingdom IdP Adaptive Authentication + During authorization IdP inspects the identity – Consumes information in the data store – Compares defined group memberships to authorization restrictions – Takes action based on defined criteria Group Membership
31Protecting the Keys to the Kingdom IdP Adaptive Authentication At authentication IdP examines: + Digital Fingerprints – Compares client-unique informationfrom browser or device to stored profile – Action taken when variances exceed defined threshold + Geo-location/velocity – Compares last log in time and location to currentlogin attempt – Responds based on allowable travelparameters Heuristics and Velocity
32Protecting the Keys to the Kingdom IdP Adaptive Authentication + Pass – User is authenticated + Redirect – Use is redirected to a customizable URL + Challenge – User is routed through additional multi-factor workflow(s) + Hard Stop – Authentication is halted and a custom error message is displayed User Response Options
Live Demo
34Protecting the Keys to the Kingdom • Founded in 2006 • Privately held company • HQ in Irvine, California • 10 technology patentsand counting • Technology partners: Cisco, Juniper, F5, Citrix, Microsoft,Amazonand Google Our mission: to deliver unbelievablevalue to our customersby linking legacy and emerging technologyinvestmentsusingnew and innovativetechniquesforsecureuser accesscontrol SecureAuth Corporation
35Protecting the Keys to the Kingdom Why SecureAuth? + We are an innovator of identity and information security solutions that deliver secure access control in ways you never thought possible • Culture of innovation • Customer focused • Standards based – no lock in!
36Protecting the Keys to the Kingdom SecureAuth IdP
Q&A
The intellectual contentwithinthisdocumentisthe propertyof SecureAuth and must not be shared withoutprior consent.

Recommended

501 ch 2 understanding iam
501 ch 2 understanding iam501 ch 2 understanding iam
501 ch 2 understanding iamgocybersec
 
PKI Industry growth in Bangladesh
PKI Industry growth in BangladeshPKI Industry growth in Bangladesh
PKI Industry growth in BangladeshBangladesh Network Operators Group
 
How to write secure code
How to write secure codeHow to write secure code
How to write secure codeFlaskdata.io
 
Hunting: Defense Against The Dark Arts v2
Hunting: Defense Against The Dark Arts v2Hunting: Defense Against The Dark Arts v2
Hunting: Defense Against The Dark Arts v2Spyglass Security
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutLancope, Inc.
 
The Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutputThe Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutputSilas Cutler
 
Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)Security Innovation
 
Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Lancope, Inc.
 

Recommended

501 ch 2 understanding iam
501 ch 2 understanding iam501 ch 2 understanding iam
501 ch 2 understanding iamgocybersec
 
PKI Industry growth in Bangladesh
PKI Industry growth in BangladeshPKI Industry growth in Bangladesh
PKI Industry growth in BangladeshBangladesh Network Operators Group
 
How to write secure code
How to write secure codeHow to write secure code
How to write secure codeFlaskdata.io
 
Hunting: Defense Against The Dark Arts v2
Hunting: Defense Against The Dark Arts v2Hunting: Defense Against The Dark Arts v2
Hunting: Defense Against The Dark Arts v2Spyglass Security
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutLancope, Inc.
 
The Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutputThe Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutputSilas Cutler
 
Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)Security Innovation
 
Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Lancope, Inc.
 
A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
A Look Into Emerging Security Issues Within Cryptocurrency EcosystemsA Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
A Look Into Emerging Security Issues Within Cryptocurrency EcosystemsBeau Bullock
 
Avoiding the Pitfalls of Hunting - BSides Charm 2016
Avoiding the Pitfalls of Hunting - BSides Charm 2016Avoiding the Pitfalls of Hunting - BSides Charm 2016
Avoiding the Pitfalls of Hunting - BSides Charm 2016Tony Cook
 
SafeNet overview 2014
SafeNet overview 2014SafeNet overview 2014
SafeNet overview 2014Sectricity
 
DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010Affan Basalamah
 
How Google Protects Its Corporate Security Perimeter without Firewalls
How Google Protects Its Corporate Security Perimeter without FirewallsHow Google Protects Its Corporate Security Perimeter without Firewalls
How Google Protects Its Corporate Security Perimeter without FirewallsPriyanka Aash
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applicationsArash Ramez
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Positive Hack Days
 
Secure Your Encryption with HSM
Secure Your Encryption with HSMSecure Your Encryption with HSM
Secure Your Encryption with HSMNarudom Roongsiriwong, CISSP
 
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?Cryptzone
 
Common crypto attacks and secure implementations
Common crypto attacks and secure implementationsCommon crypto attacks and secure implementations
Common crypto attacks and secure implementationsTrupti Shiralkar, CISSP
 
How to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneHow to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneArash Ramez
 
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilLASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilDavid Ochel
 
Java zone ASVS 2015
Java zone ASVS 2015Java zone ASVS 2015
Java zone ASVS 2015Joachim Van der Auwera
 
How to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedHow to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedArash Ramez
 
Zerotrusting serverless applications protecting microservices using secure d...
Zerotrusting serverless applications protecting microservices using secure d...Zerotrusting serverless applications protecting microservices using secure d...
Zerotrusting serverless applications protecting microservices using secure d...Trupti Shiralkar, CISSP
 
Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...Chris Ryu
 
Cryptzone AppGate Technical Architecture
Cryptzone AppGate Technical ArchitectureCryptzone AppGate Technical Architecture
Cryptzone AppGate Technical ArchitectureCryptzone
 
Certificates, PKI, and SSL/TLS for infrastructure builders and operators
Certificates, PKI, and SSL/TLS for infrastructure builders and operatorsCertificates, PKI, and SSL/TLS for infrastructure builders and operators
Certificates, PKI, and SSL/TLS for infrastructure builders and operatorsDavid Ochel
 
Securing Your Mobile Applications
Securing Your Mobile ApplicationsSecuring Your Mobile Applications
Securing Your Mobile ApplicationsGreg Patton
 
Juan Francisco Losa - Nuevos enfoques de seguridad en un Banco Digital [roote...
Juan Francisco Losa - Nuevos enfoques de seguridad en un Banco Digital [roote...Juan Francisco Losa - Nuevos enfoques de seguridad en un Banco Digital [roote...
Juan Francisco Losa - Nuevos enfoques de seguridad en un Banco Digital [roote...RootedCON
 
How to Stop Cyber Attacks Using Adaptive Authentication
How to Stop Cyber Attacks Using Adaptive AuthenticationHow to Stop Cyber Attacks Using Adaptive Authentication
How to Stop Cyber Attacks Using Adaptive AuthenticationSecureAuth
 
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
Stopping Breaches at the Perimeter: Strategies for Secure Access ControlStopping Breaches at the Perimeter: Strategies for Secure Access Control
Stopping Breaches at the Perimeter: Strategies for Secure Access ControlSecureAuth
 

More Related Content

What's hot

A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
A Look Into Emerging Security Issues Within Cryptocurrency EcosystemsA Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
A Look Into Emerging Security Issues Within Cryptocurrency EcosystemsBeau Bullock
 
Avoiding the Pitfalls of Hunting - BSides Charm 2016
Avoiding the Pitfalls of Hunting - BSides Charm 2016Avoiding the Pitfalls of Hunting - BSides Charm 2016
Avoiding the Pitfalls of Hunting - BSides Charm 2016Tony Cook
 
SafeNet overview 2014
SafeNet overview 2014SafeNet overview 2014
SafeNet overview 2014Sectricity
 
DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010Affan Basalamah
 
How Google Protects Its Corporate Security Perimeter without Firewalls
How Google Protects Its Corporate Security Perimeter without FirewallsHow Google Protects Its Corporate Security Perimeter without Firewalls
How Google Protects Its Corporate Security Perimeter without FirewallsPriyanka Aash
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applicationsArash Ramez
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Positive Hack Days
 
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?Cryptzone
 
Common crypto attacks and secure implementations
Common crypto attacks and secure implementationsCommon crypto attacks and secure implementations
Common crypto attacks and secure implementationsTrupti Shiralkar, CISSP
 
How to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneHow to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneArash Ramez
 
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilLASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilDavid Ochel
 
How to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedHow to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedArash Ramez
 
Zerotrusting serverless applications protecting microservices using secure d...
Zerotrusting serverless applications protecting microservices using secure d...Zerotrusting serverless applications protecting microservices using secure d...
Zerotrusting serverless applications protecting microservices using secure d...Trupti Shiralkar, CISSP
 
Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...Chris Ryu
 
Cryptzone AppGate Technical Architecture
Cryptzone AppGate Technical ArchitectureCryptzone AppGate Technical Architecture
Cryptzone AppGate Technical ArchitectureCryptzone
 
Certificates, PKI, and SSL/TLS for infrastructure builders and operators
Certificates, PKI, and SSL/TLS for infrastructure builders and operatorsCertificates, PKI, and SSL/TLS for infrastructure builders and operators
Certificates, PKI, and SSL/TLS for infrastructure builders and operatorsDavid Ochel
 
Securing Your Mobile Applications
Securing Your Mobile ApplicationsSecuring Your Mobile Applications
Securing Your Mobile ApplicationsGreg Patton
 
Juan Francisco Losa - Nuevos enfoques de seguridad en un Banco Digital [roote...
Juan Francisco Losa - Nuevos enfoques de seguridad en un Banco Digital [roote...Juan Francisco Losa - Nuevos enfoques de seguridad en un Banco Digital [roote...
Juan Francisco Losa - Nuevos enfoques de seguridad en un Banco Digital [roote...RootedCON
 

What's hot (20)

A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
A Look Into Emerging Security Issues Within Cryptocurrency EcosystemsA Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
 
Avoiding the Pitfalls of Hunting - BSides Charm 2016
Avoiding the Pitfalls of Hunting - BSides Charm 2016Avoiding the Pitfalls of Hunting - BSides Charm 2016
Avoiding the Pitfalls of Hunting - BSides Charm 2016
 
SafeNet overview 2014
SafeNet overview 2014SafeNet overview 2014
SafeNet overview 2014
 
DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010
 
How Google Protects Its Corporate Security Perimeter without Firewalls
How Google Protects Its Corporate Security Perimeter without FirewallsHow Google Protects Its Corporate Security Perimeter without Firewalls
How Google Protects Its Corporate Security Perimeter without Firewalls
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
 
Secure Your Encryption with HSM
Secure Your Encryption with HSMSecure Your Encryption with HSM
Secure Your Encryption with HSM
 
Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?Cryptzone: What is a Software-Defined Perimeter?
Cryptzone: What is a Software-Defined Perimeter?
 
Common crypto attacks and secure implementations
Common crypto attacks and secure implementationsCommon crypto attacks and secure implementations
Common crypto attacks and secure implementations
 
How to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneHow to do Cryptography right in Android Part One
How to do Cryptography right in Android Part One
 
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilLASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
 
Java zone ASVS 2015
Java zone ASVS 2015Java zone ASVS 2015
Java zone ASVS 2015
 
How to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedHow to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewed
 
Zerotrusting serverless applications protecting microservices using secure d...
Zerotrusting serverless applications protecting microservices using secure d...Zerotrusting serverless applications protecting microservices using secure d...
Zerotrusting serverless applications protecting microservices using secure d...
 
Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...
 
Cryptzone AppGate Technical Architecture
Cryptzone AppGate Technical ArchitectureCryptzone AppGate Technical Architecture
Cryptzone AppGate Technical Architecture
 
Certificates, PKI, and SSL/TLS for infrastructure builders and operators
Certificates, PKI, and SSL/TLS for infrastructure builders and operatorsCertificates, PKI, and SSL/TLS for infrastructure builders and operators
Certificates, PKI, and SSL/TLS for infrastructure builders and operators
 
Securing Your Mobile Applications
Securing Your Mobile ApplicationsSecuring Your Mobile Applications
Securing Your Mobile Applications
 
Juan Francisco Losa - Nuevos enfoques de seguridad en un Banco Digital [roote...
Juan Francisco Losa - Nuevos enfoques de seguridad en un Banco Digital [roote...Juan Francisco Losa - Nuevos enfoques de seguridad en un Banco Digital [roote...
Juan Francisco Losa - Nuevos enfoques de seguridad en un Banco Digital [roote...
 

Similar to Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for VPNs

How to Stop Cyber Attacks Using Adaptive Authentication
How to Stop Cyber Attacks Using Adaptive AuthenticationHow to Stop Cyber Attacks Using Adaptive Authentication
How to Stop Cyber Attacks Using Adaptive AuthenticationSecureAuth
 
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
Stopping Breaches at the Perimeter: Strategies for Secure Access ControlStopping Breaches at the Perimeter: Strategies for Secure Access Control
Stopping Breaches at the Perimeter: Strategies for Secure Access ControlSecureAuth
 
SharePointlandia 2013: SharePoint and Compliance
SharePointlandia 2013: SharePoint and ComplianceSharePointlandia 2013: SharePoint and Compliance
SharePointlandia 2013: SharePoint and ComplianceMatthew R. Barrett
 
Public Digital Identity as a Service
Public Digital Identity as a ServicePublic Digital Identity as a Service
Public Digital Identity as a ServicePT Datacomm Diangraha
 
PCI DSS Simplified: What You Need to Know
PCI DSS Simplified: What You Need to KnowPCI DSS Simplified: What You Need to Know
PCI DSS Simplified: What You Need to KnowAlienVault
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session Splunk
 
Webinar: Goodbye RSA. Hello Modern Authentication.
Webinar: Goodbye RSA. Hello Modern Authentication.Webinar: Goodbye RSA. Hello Modern Authentication.
Webinar: Goodbye RSA. Hello Modern Authentication.SecureAuth
 
Protecting Financial Networks from Cyber Crime
Protecting Financial Networks from Cyber CrimeProtecting Financial Networks from Cyber Crime
Protecting Financial Networks from Cyber CrimeLancope, Inc.
 
Operationalizing Security Intelligence
Operationalizing Security IntelligenceOperationalizing Security Intelligence
Operationalizing Security IntelligenceSplunk
 
Top 5 security errors and how to avoid them - DEM06-S - Mexico City AWS Summit
Top 5 security errors and how to avoid them - DEM06-S - Mexico City AWS SummitTop 5 security errors and how to avoid them - DEM06-S - Mexico City AWS Summit
Top 5 security errors and how to avoid them - DEM06-S - Mexico City AWS SummitAmazon Web Services
 
Today's Cyber Challenges: Methodology to Secure Your Business
Today's Cyber Challenges: Methodology to Secure Your BusinessToday's Cyber Challenges: Methodology to Secure Your Business
Today's Cyber Challenges: Methodology to Secure Your BusinessJoAnna Cheshire
 
Cyber_Security_CyberPact.pdf
Cyber_Security_CyberPact.pdfCyber_Security_CyberPact.pdf
Cyber_Security_CyberPact.pdfNaveenKumar470500
 
Customer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWSCustomer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWSAmazon Web Services
 
Top five security errors and how to avoid them - DEM09 - Santa Clara AWS Summ...
Top five security errors and how to avoid them - DEM09 - Santa Clara AWS Summ...Top five security errors and how to avoid them - DEM09 - Santa Clara AWS Summ...
Top five security errors and how to avoid them - DEM09 - Santa Clara AWS Summ...Amazon Web Services
 
Technology Overview - Validation & ID Protection (VIP)
Technology Overview - Validation & ID Protection (VIP)Technology Overview - Validation & ID Protection (VIP)
Technology Overview - Validation & ID Protection (VIP)Iftikhar Ali Iqbal
 
Strong authentication for your organization in a cost effective cloud-based...
Strong authentication for your organization in a cost effective cloud-based...Strong authentication for your organization in a cost effective cloud-based...
Strong authentication for your organization in a cost effective cloud-based...NetwayClub
 
All Your Base Still Belong To Us Physical Penetration Testing Tales From The ...
All Your Base Still Belong To Us Physical Penetration Testing Tales From The ...All Your Base Still Belong To Us Physical Penetration Testing Tales From The ...
All Your Base Still Belong To Us Physical Penetration Testing Tales From The ...EC-Council
 

Similar to Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for VPNs (20)

How to Stop Cyber Attacks Using Adaptive Authentication
How to Stop Cyber Attacks Using Adaptive AuthenticationHow to Stop Cyber Attacks Using Adaptive Authentication
How to Stop Cyber Attacks Using Adaptive Authentication
 
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
Stopping Breaches at the Perimeter: Strategies for Secure Access ControlStopping Breaches at the Perimeter: Strategies for Secure Access Control
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
 
Widepoint orc thales webinar 111313d - nov 2013
Widepoint orc thales webinar 111313d - nov 2013Widepoint orc thales webinar 111313d - nov 2013
Widepoint orc thales webinar 111313d - nov 2013
 
SharePointlandia 2013: SharePoint and Compliance
SharePointlandia 2013: SharePoint and ComplianceSharePointlandia 2013: SharePoint and Compliance
SharePointlandia 2013: SharePoint and Compliance
 
Public Digital Identity as a Service
Public Digital Identity as a ServicePublic Digital Identity as a Service
Public Digital Identity as a Service
 
PCI DSS Simplified: What You Need to Know
PCI DSS Simplified: What You Need to KnowPCI DSS Simplified: What You Need to Know
PCI DSS Simplified: What You Need to Know
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session
 
Webinar: Goodbye RSA. Hello Modern Authentication.
Webinar: Goodbye RSA. Hello Modern Authentication.Webinar: Goodbye RSA. Hello Modern Authentication.
Webinar: Goodbye RSA. Hello Modern Authentication.
 
Protecting Financial Networks from Cyber Crime
Protecting Financial Networks from Cyber CrimeProtecting Financial Networks from Cyber Crime
Protecting Financial Networks from Cyber Crime
 
Operationalizing Security Intelligence
Operationalizing Security IntelligenceOperationalizing Security Intelligence
Operationalizing Security Intelligence
 
Top 5 security errors and how to avoid them - DEM06-S - Mexico City AWS Summit
Top 5 security errors and how to avoid them - DEM06-S - Mexico City AWS SummitTop 5 security errors and how to avoid them - DEM06-S - Mexico City AWS Summit
Top 5 security errors and how to avoid them - DEM06-S - Mexico City AWS Summit
 
Symantec SSL Explained
Symantec SSL ExplainedSymantec SSL Explained
Symantec SSL Explained
 
Today's Cyber Challenges: Methodology to Secure Your Business
Today's Cyber Challenges: Methodology to Secure Your BusinessToday's Cyber Challenges: Methodology to Secure Your Business
Today's Cyber Challenges: Methodology to Secure Your Business
 
Cyber_Security_CyberPact.pdf
Cyber_Security_CyberPact.pdfCyber_Security_CyberPact.pdf
Cyber_Security_CyberPact.pdf
 
Cyber_Security_CyberPact.pdf
Cyber_Security_CyberPact.pdfCyber_Security_CyberPact.pdf
Cyber_Security_CyberPact.pdf
 
Customer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWSCustomer Case Study: Achieving PCI Compliance in AWS
Customer Case Study: Achieving PCI Compliance in AWS
 
Top five security errors and how to avoid them - DEM09 - Santa Clara AWS Summ...
Top five security errors and how to avoid them - DEM09 - Santa Clara AWS Summ...Top five security errors and how to avoid them - DEM09 - Santa Clara AWS Summ...
Top five security errors and how to avoid them - DEM09 - Santa Clara AWS Summ...
 
Technology Overview - Validation & ID Protection (VIP)
Technology Overview - Validation & ID Protection (VIP)Technology Overview - Validation & ID Protection (VIP)
Technology Overview - Validation & ID Protection (VIP)
 
Strong authentication for your organization in a cost effective cloud-based...
Strong authentication for your organization in a cost effective cloud-based...Strong authentication for your organization in a cost effective cloud-based...
Strong authentication for your organization in a cost effective cloud-based...
 
All Your Base Still Belong To Us Physical Penetration Testing Tales From The ...
All Your Base Still Belong To Us Physical Penetration Testing Tales From The ...All Your Base Still Belong To Us Physical Penetration Testing Tales From The ...
All Your Base Still Belong To Us Physical Penetration Testing Tales From The ...
 

More from SecureAuth

The Death of 2FA and the Birth of Modern Authentication
The Death of 2FA and the Birth of Modern AuthenticationThe Death of 2FA and the Birth of Modern Authentication
The Death of 2FA and the Birth of Modern AuthenticationSecureAuth
 
Portal Protection Using Adaptive Authentication
Portal Protection Using Adaptive AuthenticationPortal Protection Using Adaptive Authentication
Portal Protection Using Adaptive AuthenticationSecureAuth
 
SecureAuth Solution Enhancements in 2017
SecureAuth Solution Enhancements in 2017SecureAuth Solution Enhancements in 2017
SecureAuth Solution Enhancements in 2017SecureAuth
 
Passwordless is Possible - How to Remove Passwords and Improve Security
Passwordless is Possible - How to Remove Passwords and Improve Security Passwordless is Possible - How to Remove Passwords and Improve Security
Passwordless is Possible - How to Remove Passwords and Improve Security SecureAuth
 
Top 5 Reasons to Choose Adaptive SSO
Top 5 Reasons to Choose Adaptive SSOTop 5 Reasons to Choose Adaptive SSO
Top 5 Reasons to Choose Adaptive SSOSecureAuth
 
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365 Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365SecureAuth
 
What's New in SecureAuth IdP in 2017
What's New in SecureAuth IdP in 2017What's New in SecureAuth IdP in 2017
What's New in SecureAuth IdP in 2017SecureAuth
 
2017 Predictions: Identity and Security
2017 Predictions: Identity and Security 2017 Predictions: Identity and Security
2017 Predictions: Identity and Security SecureAuth
 
Why Two-Factor Isn't Enough
Why Two-Factor Isn't EnoughWhy Two-Factor Isn't Enough
Why Two-Factor Isn't EnoughSecureAuth
 
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...SecureAuth
 
A CISO's Guide to Cyber Liability Insurance
A CISO's Guide to Cyber Liability InsuranceA CISO's Guide to Cyber Liability Insurance
A CISO's Guide to Cyber Liability InsuranceSecureAuth
 
The Rise of California Cybercrime
The Rise of California Cybercrime The Rise of California Cybercrime
The Rise of California Cybercrime SecureAuth
 
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...SecureAuth
 
What's New in IdP 9.0 Behavioral Biometrics and more…
What's New in IdP 9.0 Behavioral Biometrics and more…What's New in IdP 9.0 Behavioral Biometrics and more…
What's New in IdP 9.0 Behavioral Biometrics and more…SecureAuth
 
What’s New In SecureAuth™ IdP, 8.2
What’s New In SecureAuth™ IdP, 8.2What’s New In SecureAuth™ IdP, 8.2
What’s New In SecureAuth™ IdP, 8.2SecureAuth
 
What to Expect in 2016: Top 5 Predictions for Security and Access Control
What to Expect in 2016: Top 5 Predictions for Security and Access ControlWhat to Expect in 2016: Top 5 Predictions for Security and Access Control
What to Expect in 2016: Top 5 Predictions for Security and Access ControlSecureAuth
 
Balancing User Experience with Secure Access Control in Healthcare
Balancing User Experience with Secure Access Control in HealthcareBalancing User Experience with Secure Access Control in Healthcare
Balancing User Experience with Secure Access Control in HealthcareSecureAuth
 
Advanced Authentication: Past, Present, and Future
Advanced Authentication: Past, Present, and FutureAdvanced Authentication: Past, Present, and Future
Advanced Authentication: Past, Present, and FutureSecureAuth
 
The Future of Mobile Application Security
The Future of Mobile Application SecurityThe Future of Mobile Application Security
The Future of Mobile Application SecuritySecureAuth
 
Modern Architectures
Modern ArchitecturesModern Architectures
Modern ArchitecturesSecureAuth
 

More from SecureAuth (20)

The Death of 2FA and the Birth of Modern Authentication
The Death of 2FA and the Birth of Modern AuthenticationThe Death of 2FA and the Birth of Modern Authentication
The Death of 2FA and the Birth of Modern Authentication
 
Portal Protection Using Adaptive Authentication
Portal Protection Using Adaptive AuthenticationPortal Protection Using Adaptive Authentication
Portal Protection Using Adaptive Authentication
 
SecureAuth Solution Enhancements in 2017
SecureAuth Solution Enhancements in 2017SecureAuth Solution Enhancements in 2017
SecureAuth Solution Enhancements in 2017
 
Passwordless is Possible - How to Remove Passwords and Improve Security
Passwordless is Possible - How to Remove Passwords and Improve Security Passwordless is Possible - How to Remove Passwords and Improve Security
Passwordless is Possible - How to Remove Passwords and Improve Security
 
Top 5 Reasons to Choose Adaptive SSO
Top 5 Reasons to Choose Adaptive SSOTop 5 Reasons to Choose Adaptive SSO
Top 5 Reasons to Choose Adaptive SSO
 
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365 Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
 
What's New in SecureAuth IdP in 2017
What's New in SecureAuth IdP in 2017What's New in SecureAuth IdP in 2017
What's New in SecureAuth IdP in 2017
 
2017 Predictions: Identity and Security
2017 Predictions: Identity and Security 2017 Predictions: Identity and Security
2017 Predictions: Identity and Security
 
Why Two-Factor Isn't Enough
Why Two-Factor Isn't EnoughWhy Two-Factor Isn't Enough
Why Two-Factor Isn't Enough
 
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
 
A CISO's Guide to Cyber Liability Insurance
A CISO's Guide to Cyber Liability InsuranceA CISO's Guide to Cyber Liability Insurance
A CISO's Guide to Cyber Liability Insurance
 
The Rise of California Cybercrime
The Rise of California Cybercrime The Rise of California Cybercrime
The Rise of California Cybercrime
 
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
 
What's New in IdP 9.0 Behavioral Biometrics and more…
What's New in IdP 9.0 Behavioral Biometrics and more…What's New in IdP 9.0 Behavioral Biometrics and more…
What's New in IdP 9.0 Behavioral Biometrics and more…
 
What’s New In SecureAuth™ IdP, 8.2
What’s New In SecureAuth™ IdP, 8.2What’s New In SecureAuth™ IdP, 8.2
What’s New In SecureAuth™ IdP, 8.2
 
What to Expect in 2016: Top 5 Predictions for Security and Access Control
What to Expect in 2016: Top 5 Predictions for Security and Access ControlWhat to Expect in 2016: Top 5 Predictions for Security and Access Control
What to Expect in 2016: Top 5 Predictions for Security and Access Control
 
Balancing User Experience with Secure Access Control in Healthcare
Balancing User Experience with Secure Access Control in HealthcareBalancing User Experience with Secure Access Control in Healthcare
Balancing User Experience with Secure Access Control in Healthcare
 
Advanced Authentication: Past, Present, and Future
Advanced Authentication: Past, Present, and FutureAdvanced Authentication: Past, Present, and Future
Advanced Authentication: Past, Present, and Future
 
The Future of Mobile Application Security
The Future of Mobile Application SecurityThe Future of Mobile Application Security
The Future of Mobile Application Security
 
Modern Architectures
Modern ArchitecturesModern Architectures
Modern Architectures
 

Recently uploaded

TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 

Recently uploaded (20)

TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 

Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for VPNs

  • 1. Protecting the Keys to the Kingdom The Case for Adaptive AuthenticationforVPNs
  • 2. 2Protecting the Keys to the Kingdom Today’s Speaker Tim Arvanites Vice President of Technical Services SecureAuth
  • 3. 3Protecting the Keys to the Kingdom Housekeeping + All attendee audio lines are muted + Submit questions via questions panel at any time! + Questions will be answered at the end of the presentation + Contact us at webinars@secureauth.com + Slides and recording will be sent
  • 4. 4Protecting the Keys to the Kingdom Agenda + Today’s Reality + The Alternative + Adaptive Authentication in SecureAuth IdP + Live Demo – SecureAuth IdP + Q & A
  • 5. 5Protecting the Keys to the Kingdom
  • 6. 6Protecting the Keys to the Kingdom The reality is…. • Preventativemeasures are failing • We’re never going to totally stop an attack • There are humans involved (on both sides) • Passwords are no longer good enough • VPNs are the “keys to your kingdom”
  • 7. 7Protecting the Keys to the Kingdom Lets Examine an Attack
  • 8. 8Protecting the Keys to the Kingdom Lets Examine an Attack
  • 9. 9Protecting the Keys to the Kingdom Tighter security has a price • Consumerization of IT • Leading our users to demand less “friction” • BUT two-factor is becoming more mainstream • Biometrics are going commercial • Is 2-Factor the best we’ve got?
  • 10. So what’s the alternative?
  • 11. 11Protecting the Keys to the Kingdom Adaptive Authentication • Using an open-ended variety of identity-relevantdata to incrementally elevate the trust in a claimed identity* • When layered they’re powerful • Device Fingerprinting • Geo-fencing • IP Reputation • Geo-velocity • Directory Lookup • Behavioral Analysis • Geo-location • Etc. *Gartner - A Taxonomy of User Authentication Methods, April 2014
  • 12. 12Protecting the Keys to the Kingdom Device Fingerprinting • First-time authentication - register the endpointfingerprint • Subsequentauthentications- validatethe endpointagainst the stored fingerprint • Fingerprintsincludecertain characteristicsaboutan endpointsuch as: • web browser configuration • device IPaddress • language • screen resolution • installedfonts • browser cookies settings • browser plugin • time zone
  • 13. 13Protecting the Keys to the Kingdom IP Reputation Data
  • 14. 14Protecting the Keys to the Kingdom Identity Store Lookup + Compare information to identities kept in a directory or user store - Group membership - Object attributes
  • 15. 15Protecting the Keys to the Kingdom Geo-location + Comparethe currentgeographicallocation (a physical,meaningful location) against known good/bad locations
  • 16. 16Protecting the Keys to the Kingdom Geo-fencing + Determine if the authentication location is within a geographical area or ‘virtual barrier’
  • 17. 17Protecting the Keys to the Kingdom Geo-velocity + Comparecurrentlocation and login history to determinewhether an improbabletraveleventhas occurred
  • 18. 18Protecting the Keys to the Kingdom • Analyze behavior that can be used to verify a person • Gather & store characteristics about the way the user interacts with a device such as: • Keystroke dynamics • Mouse movements • Gesturepatterns • Motion patterns Behavioral Analysis
  • 19. 19Protecting the Keys to the Kingdom Where does it help?
  • 20. 20Protecting the Keys to the Kingdom Putting it all together
  • 21. 21Protecting the Keys to the Kingdom Putting it all together • Implement these techniques in layers • Analyze, score and develop risk profile • Take action based on result: • Allow • Step up • Redirect • Deny • Tailor to your organizations risk tolerance • Deliver security with low friction - users are unaware
  • 22. 22Protecting the Keys to the Kingdom There is hope • Adaptive authentication: an emerging trend in authentication technology • You can achieve: • Greater analysis and control of authentication • Balance between security and a better user experience • Preventativemethods are failing, but you can tighten the net around attackers
  • 24. 24Protecting the Keys to the Kingdom Locking the doors isn’t enough… + Attackers are focusing efforts on stealing credentials – Once inside they move laterally through your network, evading detection + Simply having password-based security is not enough – You must also be analyzing login attempts in real time + Adaptive authentication can.. – Prevent intruders from getting to apps and data – Maintain user experience – Keep you from being the next headline
  • 25. 25Protecting the Keys to the Kingdom One Approach SSL VPN Identity Provider Adapter Identity Provider Authentication Adapter DMZ SaaS Adaptive Authentication Server On Premise Adaptive Authentication Server Provider Hosting Facility
  • 26. 26Protecting the Keys to the Kingdom Another Approach Two-Factor Authentication Policies Analyze Administrator Audit LogsHigh Risk - Deny Access Low Risk - Proceed Medium Risk - Step Up Authentication
  • 27. 27Protecting the Keys to the Kingdom SecureAuth IdP Two-Factor + Adaptive Authentication Assert Administrator Policies Audit Logs Accept, Authorize and Authenticate Analyze VPN On premise Web Cloud Mobile
  • 28. 28Protecting the Keys to the Kingdom The SecurePath to Strong Access Control Consume any identity from various sources Map identity to existing data stores for authentication information Utilize one or more of 20+ methods to confirm user identity Transparently assert identity to on-premise, cloud, mobile and VPN resources (SSO) Centralize and inspect access control activity
  • 29. 29Protecting the Keys to the Kingdom IdP Adaptive Authentication Before authentication begins IdP examines the IP address + Compares to defined white and black lists – Inspects full or partial addresses, ranges of addresses, and country codes + Analyzes using real-time data from Norse Corporation – Assigns a risk score – Takes action based on selected risk threshold IP Inspection
  • 30. 30Protecting the Keys to the Kingdom IdP Adaptive Authentication + During authorization IdP inspects the identity – Consumes information in the data store – Compares defined group memberships to authorization restrictions – Takes action based on defined criteria Group Membership
  • 31. 31Protecting the Keys to the Kingdom IdP Adaptive Authentication At authentication IdP examines: + Digital Fingerprints – Compares client-unique informationfrom browser or device to stored profile – Action taken when variances exceed defined threshold + Geo-location/velocity – Compares last log in time and location to currentlogin attempt – Responds based on allowable travelparameters Heuristics and Velocity
  • 32. 32Protecting the Keys to the Kingdom IdP Adaptive Authentication + Pass – User is authenticated + Redirect – Use is redirected to a customizable URL + Challenge – User is routed through additional multi-factor workflow(s) + Hard Stop – Authentication is halted and a custom error message is displayed User Response Options
  • 34. 34Protecting the Keys to the Kingdom • Founded in 2006 • Privately held company • HQ in Irvine, California • 10 technology patentsand counting • Technology partners: Cisco, Juniper, F5, Citrix, Microsoft,Amazonand Google Our mission: to deliver unbelievablevalue to our customersby linking legacy and emerging technologyinvestmentsusingnew and innovativetechniquesforsecureuser accesscontrol SecureAuth Corporation
  • 35. 35Protecting the Keys to the Kingdom Why SecureAuth? + We are an innovator of identity and information security solutions that deliver secure access control in ways you never thought possible • Culture of innovation • Customer focused • Standards based – no lock in!
  • 36. 36Protecting the Keys to the Kingdom SecureAuth IdP
  • 37. Q&A
  • 38. The intellectual contentwithinthisdocumentisthe propertyof SecureAuth and must not be shared withoutprior consent.