Orchestration, passwordless tech, continuous authentication combined in next-generation Arculix platform Credit: Cybrain / Getty Images A new next-generation access and authentication platform powered by artificial intelligence was launched Wednesday by SecureAuth. The platform, Arculix, combines orchestration, passwordless technology and continuous authentication and can be deployed out of the box with any industry-standard identity provider as an end-to-end solution or as augmentation to an existing identity and access management (IAM) scheme.The days of granting blanket trust after initial authentication are over, says SecureAuth CEO Paul Trulove. “If, after initial authentication, you never authenticate again, a bad actor could potentially run rampant in your system,” he tells CSO. “That’s why organizations are moving away from passwords as a mechanism for authentication and creating an initial level of trust and moving further along the maturity curve around authentication so they just don’t evaluate the level of trust at the outset of a transaction. They continually evaluate risk signals observed during a session to determine if something has changed and whether they need to reauthenticate.”According to SecureAuth, Arculix is designed with both security and a good user experience in mind. The right user journey is delivered to the right user, it explains, through the use of flexible, adaptive policies, identity orchestration, and behavioral modeling. The platform’s behavioral modeling is driven by artificial intelligence and machine learning and combines desktop login, mobile, and SSO user experiences in a single, seamless, passwordless system with support for a large set of multi-factor authentication methods. identity and authentication systems need to be flexible “One of the things that we have to do as a vendor is build a very flexible system so we can accommodate lots of different ways that people want to implement identity and access management,” Trulove explains. Arculix’s orchestration feature was designed with that kind of flexibility in mind. It eliminates the need to write hundreds to thousands of identity and access rules. The risk engine can dynamically define a user’s risk, whether they be an employee, contractor, or machine.Arculix can be delivered to customers as a turnkey SaaS solution or installed on-premises by the customer. It allows organizations to: Deliver dynamic, frictionless authentication and SSO across applications, devices, and things throughout user activityAuthenticate users’ claimed identities for frictionless access using automated, risk-based behavioral models driven by an AI and machine-learning engineProtect logins with intelligent multi-factor authentication that intuitively allows access to apps and continues to evaluate access post-authorization via push notification or verification codes with offline accessContinuously inform users of risk on the mobile app after login based on device and browser fingerprint analysis and automatically performs step-up authentication when a threat is detectedManage all identities across customers, workforce and non-employees for a robust identity platform.“The world is moving toward a model of having strong security without sacrificing the user experience,” National Football League CISO Tomás Maldonado said in a statement. “There are strong trends towards enterprises and government agencies moving to passwordless authentication for workforce and customers.”“Even the large tech players recently announced a commitment to passwordless,” he added. “SecureAuth’s upcoming Arculix solution seems to have the right vision that goes beyond passwordless to adaptive, continuous authentication that’ll allow organizations a strong security posture while having a frictionless user experience.” Related content feature 8 critical lessons from the Change Healthcare ransomware catastrophe From fundamental security mistakes and strategic shortcuts, to emerging industry trends, Change Healthcare’s security meltdown provides ample fodder for thought on how not to be the next high-profile victim. By John Leyden Jun 12, 2024 11 mins Multi-factor Authentication CSO and CISO Ransomware opinion The pressure on CISOs is real: fixing the hiring process would help For CISOs facing a myriad of challenges in an ever-expanding threat environment, making the hiring process more realistic would bring some welcome relief. By Christopher Burgess Jun 12, 2024 6 mins CSO and CISO Human Resources IT Skills news IT downtime cuts enterprise profit by 9%, says study CIOs and CSOs would save large enterprises $200 million a year if they could eliminate downtime — and should budget more for dealing with ransomware, according to research by Splunk. By Shweta Sharma Jun 11, 2024 1 min Ransomware Security news CISOs may be too reliant on EDR/XDR defenses A global survey of cyberthreats highlighted how attackers are increasingly evading EDR and XDR systems to deliver their attacks. By Evan Schuman Jun 11, 2024 4 mins Advanced Persistent Threats Intrusion Detection Software Endpoint Protection PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe