Identity Cloud

Key features

Autonomous Access is a new add-on service to your Identity Cloud subscription and has the following features:

  • Fully-native Identity Cloud deployment. Autonomous Access and its components are fully cloud-native. ForgeRock deploys Autonomous Access into the ForgeRock Identity Cloud customers' private tenants (dev, staging, and production) who sign up for the feature. Autonomous Access stores three months of data for dashboard and six months of data in the cloud for the Artificial Intelligence/Machine Learning (AI/ML) analytics.

  • Machine learning-based anomaly detection. Autonomous Access uses AI/ML-based detection analytics centered around user behavior and geospatial contextual information at authentication. Anomaly detection includes location, time of day, operating system version, device model and type, browser type and version. Autonomous Access’s AI/ML decisions are explainable and provide the reason for its scoring rather than black box results with no transparency. Autonomous Access looks for anomalies in the following manner:

    • Individual user behavior. Is this behavior anomalous compared to the user’s normal behavior?

    • Compare to a group of users. If the user typically behaves similarly to a group of users (for example, a department), is the user’s current behavior different this time?

    • Compare to all users. Is the user’s behavior different from any other behavior the platform has seen?

  • Real time threat detection. In addition to anomaly detection, Autonomous Access AI/ML analytics engine discovers the following risk threats using heuristics:

    • Credential stuffing. Count of users for an IP. It detects if many users are coming from the same IP.

    • Suspicious IPs. Total count of authentication attempts across all users from an IP.

    • Automated user agent filter. Automated bots in the user-agent string.

    • Impossible traveller. Users moving between two points at an impossible speed.

    • Brute force. Frequency of authentication attempts for a user over a period of time.

  • Pre-built Autonomous Access nodes. Autonomous Access provides three pre-built nodes to integrate within a customer’s Identity Cloud journeys. No custom coding and connectors are required for these nodes. The following Autonomous Access nodes are available:

    • Autonomous Access decision node

    • Autonomous Access result node

    • Autonomous Access signal node

  • Out-of-the-Box journey. Identity Cloud provides a preconfigured journey with Autonomous Access nodes. You can use this journey as a template for specific use cases and requirements. Identity Cloud Analytics dashboard also reports successful or failed Autonomous Access journeys.

  • Autonomous Access dashboards. Autonomous Access dashboard displays an Activity page showing all risky access threats that occurred in the past three months across a world-wide company. Authorized users can click on an event to drill down to view the details.

Copyright © 2010-2022 ForgeRock, all rights reserved.