RISK-BASED AUTHENTICATION

Silverfort delivers an adaptive risk-based authentication solution across all corporate users, devices, systems and environments, from a unified platform. Thanks to it’s agentless and proxyless architecture, Silverfort monitors and analyzes more data than any other risk-based authentication solution. Enabled by Silverfort’s AI-based Risk Engine, it delivers holistic adaptive authentication with unparalleled accuracy.

Adaptive risk-based authentication policies enable organizations to maximize security and prevent attacks while reducing disruptions to the workforce.

Silverfort’s AI-driven risk engine combines three core components:

• Behavior-Based Anomaly Detection –Silverfort monitors all authentication activity across the organization and builds a rich behavioral profile of each user (both human users and service accounts) and device. It continuously uses this data to train and calibrate advanced machine learning algorithms and detects deviations from normal activity.
• Recognition of Known Threat Patterns – Silverfort analyzes all user and device access activities in search of known malicious attack patterns, including brute force attacks, lateral movement and more.
• Step-Up Authentication In Response to External Risk Indicators: Silverfort can respond to threat alerts received from 3rd party security solutions (including customer SIEM) by instantly stepping up the authentication requirements. It also returns feedback to reduce the amount of false-positive alerts.

The risk score is used by Silverfort’s adaptive policies to determine the level of authentication required for each access request — granting access, requiring an additional authentication factor or blocking access as needed. In addition, Silverfort calculates an overall risk score per user, device and resource, to help security teams respond to threats and implement recommended authentication policies.

The Three Components of Silverfort’s Risk Engine:

Detect and Block a Wide Range of Identity-Related Threats

Monitoring all authentication activities in one centralized platform allows Silverfort to analyze more data than any other authentication solution — typically hundreds of access requests per user per day. While mainstream adaptive authentication solutions can apply only simple contextual rules based on location, device and time, Silverfort’s holistic coverage provides enough data to leverage actual AI-driven risk engine. This provides far more accurate risk scores that enable Silverfort to enforce effective adaptive policies to maximize security while minimizing disruptions to the workforce.

For an example of how Silverfort leverages AI for risk analysis, see Silverfort’s blog:
Detecting and Predicting Malicious Access in Enterprise Networks Using the Louvain Community Detection Algorithm