ForgeRock Autonomous Access is designed to eliminate account takeovers and prevent fraud in real-time, using a combination of AI and advanced pattern recognition. ForgeRock, a global identity and access management company, has introduced ForgeRock Autonomous Access, a new application that uses AI to prevent identity-based cyberattacks and fraud. The application monitors login requests in real-time to block malicious attempts and add authentication steps for anomalous behavior, while streamlining access for authorized users.“We believe that modern AI-driven solutions have the ability to protect organizations and their customers and employees from damaging and costly cyberattacks and fraud,” says Peter Barker, chief product officer at ForgeRock. “Our approach is to use AI to stop bad actors at a massive scale and reduce the risk of account takeovers.” ForgeRock Autonomous Access is a SaaS solution embedded into the ForgeRock Identity Cloud, a comprehensive identity and access management (IAM) platform, and will be available in June, according to Barker. Autonomous Access is supported by a proprietary combination of algorithms powered by AI, machine learning — a subset of AI where, for example, predictions and threat assessment become more precise as a system ingests more data — and advanced pattern matching.“ForgeRock Autonomous Access enhances the vendor’s existing and intuitive workflow design tools to enable intelligent orchestration of risk-based and low-friction identity security that easily adapts to meet each organization’s unique requirements,” says Steve Brasen, research director at consulting firm Enterprise Management Associates. AI models trained to detect anomalous behaviorThe application uses multiple AI models to detect anomalous behavior, including UEBA (user behavioral analytics) for regular users, and other models for first-time and infrequent users. Additionally, it uses machine learning to analyze data fed back from each login session, indicating whether anomalous activity turned out to be a known user or a failed login attempt.On top of this, the application will use pattern matching heuristics to stop known threats by preventing bot attacks, credential stuffing, suspicious IP, and other forms of cyberattacks.“ForgeRock’s continued investment in AI across its platform helps customers with what they need — the ability to make intelligent decisions quickly and with confidence,” says Martin Kuppinger, founder and principal analyst at KuppingerCole. “Antifraud capabilities are important and need to complement existing services that customers use. Autonomous Access is a complementary solution that comes fully integrated with ForgeRock’s user journey orchestration.” No-code interface streamlines processes for adminsForgeRock Autonomous Access aims at eliminating costly deployment and integration of disparate point solutions. It’s also designed to enable IT admins to create any number of personalized user access journeys with a drag-and-drop, no-code interface.This feature allows for IT admins to design tailored experiences for every login attempt based on the level of risk. For instance, known users with low-risk scores can be allowed options like passwordless authentication, while those with anomalous behavior can be prompted with added authentication or blocked and sent on different journeys for further analysis and remediation.“Smarter protection through AI empowers IT admins to make intelligent decisions more quickly, and with a higher degree of confidence, which leads to lower deployment costs and easier integration,” adds Barker. Related content news Kroll cyber threat landscape report: AI assists attackers AI is simplifying all sorts of tasks — and not always for the better: cybercriminals, too, are adopting it. By Lynn Greiner May 24, 2024 4 mins Threat and Vulnerability Management Cybercrime Vulnerabilities news analysis Windows Recall — a ‘privacy nightmare’? The Windows AI feature announced by Microsoft this week quickly drew criticism for recording regular screenshots of a user’s screen; one security expert compared it to keylogging software. By Matthew Finnegan May 24, 2024 1 min Privacy feature What is spear phishing? Examples, tactics, and techniques Spear phishing is a targeted email attack purporting to be from a trusted sender. Learn how to recognize—and defeat—this type of phishing attack. By Josh Fruhlinger May 24, 2024 14 mins Phishing Cyberattacks Fraud news analysis Emerging ransomware groups on the rise: Who they are, how they operate New and developing ransomware gangs move to fill the void left by the shutdown and law enforcement disruption of big players, with differing tactics and targets. By Lucian Constantin May 24, 2024 6 mins Ransomware Cybercrime PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe