Risk-based authentication (RBA), also called adaptive authentication, has come of age, and it couldn’t happen fast enough for many corporate security managers. As phishing and account takeovers have blossomed under the pandemic, RBA can become a key technology to protect corporate assets, particularly as remote work is more the rule than the exception.
What is risk-based authentication?
RBA is all about examining “signals,” as the vendors refer to the various observations they make in near-real time as a user moves through the login process or when a customer buys something online. It creates a risk profile of the person or device requesting access to the system. That profile is based on factors or signals including IP geolocation, user behavior, keystroke patterns, and connection type. These factors may change depending on specific threat factors, and this could require ongoing management of risk profiles.
More Stories
CISA and NFL Collaborate to Secure Super Bowl LVIII
Tabletop exercise assessed the cybersecurity response capabilities, plans and procedures for the event Read More
Over 700 Dark Web Ads Offer DDoS Attacks Via IoT in 2023
Kaspersky said these services range from $20 per day to $10,000 a month Read More
Elusive Sandman APT Targets Telecom Giants With LuaJIT Toolkit
SentinelLabs said the group’s tactics focus on stealthy lateral movements and minimal interactions Read More
#mWISE: Why Zero Days Are Set for Highest Year on Record
Experts at the mWISE conference discussed who is behind the surge in zero-day exploits Read More
US Government IT Staffer Arrested on Espionage Charges
Maryland resident faces possible death penalty Read More
UK Security Agency Publishes New Crypto Designs
NCSC hopes research will inform future standards Read More