Identity Cloud

Key features

Autonomous Access 2022.5.0 is a new paid service for the Identity Cloud and has the following features:

  • Fully-native Identity Cloud deployment. Autonomous Access and its components are fully cloud-native. ForgeRock deploys Autonomous Access into the ForgeRock Identity Cloud customers' private tenants (dev and production) who sign up for the feature.

  • Streamed data ingestion. Autonomous Access uses streamed data as a data source in this release. You can define multiple data sources and ingest them into Autonomous Access. Autonomous Access stores three months of data for the dashboard, and six months of data in the cloud for the AI/ML analytics.

  • Machine learning-based anomaly detection. Autonomous Access uses Artificial Intelligence/Machine Learning (AI/ML)-based detection heuristics centered around user behavior, geospatial contextual information, and anomalous intrusions at authentication. Anomaly detection includes location, time of day, operating system version, device model and type, browser specifics. Autonomous Access’s AI/ML decisions are explainable and provide the reason for its scoring rather than black box results with no transparency.

  • Autonomous Access UI. The initial Autonomous Access UI displays an Activities page to show anomalous access events across a company world-wide for all events occurring in the past three months. Authorized users can click on an event to drill down to view the details.

  • Threat detection for authentication behavior. Autonomous Access provides protection detects authentication anomalies on a per company, per segment, and per user basis. Autonomous Access currently detects the following threats:

    • Anomaly detection. Anomaly detection is a possible threat when the user’s access, device, browser, and time of access differs from normal behavior and context.

    • Credential stuffing. Credential Stuffing is a threat where an attacker runs compromised user credentials to attempt to log in to the system.

    • Suspicious IPs. Suspicious IPs are suspect IP addresses or IP ranges that have been found with malware, adware, or other suspicious behavior.

    • Impossible travel. Impossible Travel is a threat where an attacker exhibits multiple authentication attempts from various locations in a short time span, making such travel impossible for a single person.

    • Brute force. Brute Force is a threat where an attacker runs through a whole dictionary of possible passwords.

    • Automated user agents. Automated User Agents is a threat where an automated bot searches for vulnerabilities using the User-Agent string.

  • Pre-built Identity Cloud nodes. Autonomous Access provides three pre-built nodes to integrate within a customer’s Identity Cloud journeys. No custom coding and connectors are required for these nodes. Use these pre-built Autonomous Access nodes together with ForgeRock® Access Management’s current 100+ available nodes. For dev tenants, you can also use a debug node to troubleshoot and test your Autonomous Access journeys. The Autonomous Access signal is complementary, not exclusive; you can use other signals offered by ForgeRock’s Intelligent Access nodes.

  • Out-of-the-Box journey. Identity Cloud provides an out-of-the-box journey with Autonomous Access nodes. You can use this out-of-the-box journey as a template for specific use cases and requirements. Identity Cloud Analytics dashboard also reports successful or failed Autonomous Access journeys.

  • AI/ML model and training management. Autonomous Access’s dashboard lets authorized users make adjustments to the AI/ML-generated models for improved learning and to the AI/ML pipelines with configurable threshold values.

  • What’s on the roadmap:

    • API suite. The API endpoints are not public in this release. All configurations are made in the UI. An exposed API suite is on the roadmap.

    • Third-Party Signals. Integration with third-party signals is under discussion for a future release.

Copyright © 2010-2023 ForgeRock, all rights reserved.