About Autonomous Access
ForgeRock Autonomous Access is a new add-on service to ForgeRock Identity Cloud.
Autonomous Access is an AI-powered threat detection solution to prevent account takeover and fraud at the identity perimeter. It leverages artificial intelligence (AI) and machine learning (ML) techniques to analyze threat signals and anomalous behavior patterns. Autonomous Access speeds and simplifies access decisions, letting your organization block threats and deliver personalized journeys that enhance the digital experience of legitimate users.
ForgeRock deploys Autonomous Access within the private tenants (dev, staging, and production) of new and existing ForgeRock Identity Cloud customers who have signed up for this service. Your customers' data and any personally identifiable information are never accessible outside of the tenant.
The following new features are available:
New Activity dashboard: The new dashboard shows risky access activity, and lets users drill in and investigate across time, risk reason, and risk score.Figure 1: Autonomous Access Activity dashboard
New Nodes: Autonomous Access provides three pre-built journey (tree) nodes and a template. No custom coding or connectors are required to implement these journeys. With the addition of these three pre-built nodes, you can take full advantage of the 100+ ForgeRock® Access Management nodes to trigger actionable outcomes when high risk scores are discovered.
Risk scores are a combination of anomalous behavior and discovered threats. You can determine what outcomes to take for certain risk score ranges. For example, when Autonomous Access returns lower risk scores (for example, 0–20), you can configure Autonomous Access to allow a user to pass without further multi-factor authentication. For higher risk scores (for example, 80–100), you can configure Autonomous Access to flag these events for escalation, such as step-up authentication, multi-factor authentication, block, review, inform user, or other actions.
ForgeRock’s user and entity behavior analytics (UEBA) signal is complementary, meaning that it can be used with other signals.
The following nodes are available:
Autonomous Access signal node: Assesses risk based on anomalous user behavior, credential stuffing, suspicious IPs, automated user agents (bots), impossible travellers, and brute force attacks using AI/ML analytics. The result is a risk score from 0 (no risk) to 100 (high risk).
Autonomous Access decision node: Maps the risk score to a high, medium, low or unknown branch of a journey to direct the user experience.
Autonomous Access results node: Sends data back to Autonomous Access for the dashboards and model learning.Figure 2: Autonomous Access nodes