Risk-based authentication (RBA), also called adaptive authentication, has come of age, and it couldn’t happen fast enough for many corporate security managers. As phishing and account takeovers have blossomed under the pandemic, RBA can become a key technology to protect corporate assets, particularly as remote work is more the rule than the exception.
What is risk-based authentication?
RBA is all about examining “signals,” as the vendors refer to the various observations they make in near-real time as a user moves through the login process or when a customer buys something online. It creates a risk profile of the person or device requesting access to the system. That profile is based on factors or signals including IP geolocation, user behavior, keystroke patterns, and connection type. These factors may change depending on specific threat factors, and this could require ongoing management of risk profiles.
To read this article in full, please click here
More Stories
Quishing Attacks Jump Tenfold, Attachment Payloads Halve
The figures come from Egress’s latest report, which also suggests secure email gateways lag behind tech advancements Read More
Russia’s Sandworm Upgraded to APT44 by Google’s Mandiant
Mandiant has confirmed that Sandworm is responsible for many cyber-attacks against Ukraine has close ties with a Russian hacktivist group...
New Cyber-Threat MadMxShell Exploits Typosquatting and Google Ads
Zscaler also confirmed MadMxShell uses DLL sideloading and DNS tunneling for C2 communication Read More
Change Healthcare data for sale on dark web as fallout from ransomware attack spirals out of control
February's crippling ransomware attack against Change Healthcare, which saw prescription orders delayed across the United States, continues to have serious...
3.5 million Omni Hotel guest details held to ransom by Daixin Team
The international hotel chain Omni Hotels & Resorts has confirmed that a cyber attack last month saw it shut down...
Police smash LabHost international fraud network, 37 arrested
Police have successfully infiltrated and disrupted the fraud platform "LabHost", used by more than 2,000 criminals to defraud victims worldwide....