Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //

Authentication

9/24/2019
11:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

OneLogin Introduces Vigilance AI & SmartFactor Authentication to Combat Emerging Cybersecurity Threats

San Francisco — September 19, 2019 — OneLogin, the leader in Unified Access Management, today announced Vigilance AI, the new artificial intelligence and machine learning (AI/ML) risk engine, and SmartFactor Authentication. Both next-generation identity capabilities empower enterprises to combat emerging cybersecurity threats and move beyond password-based authentication. For more information and to request early access to new functionality, visit the OneLogin release blog.

“There’s been a massive uptick in cyberattacks targeting credentials, including brute force and breach replay attacks. Cybercriminals use credentials obtained from one breach, often from a personal application, and apply them to corporate accounts,” said Venkat Sathyamurthy, Chief Product Officer at OneLogin. “Vigilance AI by OneLogin uses artificial intelligence and machine learning to power new threat prevention capabilities and allow our expanding enterprise customer base to protect against risk wherever users are without requiring any additional work, delivering automated protection at scale.”

In the past year, there has been a nearly twelve-fold increase in the number of cyberattacks leveraging artificial intelligence and machine learning capabilities. Security leaders are increasing the adoption of AI/ML technologies in their defense strategies to rely less on traditional text-based passwords. According to Gartner Vice President Analyst Ant Allan, “by 2022, Gartner predicts that 60% of large and global enterprises and 90% of midsize enterprises will implement passwordless methods in more than 50% of use cases - up from 5% in 2018.” OneLogin’s new capabilities empower customers to fight fire with fire and combat AI-powered threats with AI/ML technologies. 

Vigilance AI

Powered by artificial intelligence and machine learning, Vigilance AI ingests and analyzes large volumes of data from an array of sources to identify anomalies and communicate risk across OneLogin services for threat prevention. In addition to ingesting third-party threat intelligence feeds, Vigilance AI leverages User and Entity Behavior Analytics (UEBA) capabilities to build a profile of typical user behavior and subsequently identify and communicate anomalies in real-time for advanced threat defense. 

SmartFactor Authentication: Beyond Passwords 

Passwords remain the top risk for enterprises, as 80% of data breaches are caused by compromised, weak, and reused passwords, leading to a growing interest in authentication methodologies that do not depend on text-based passwords. SmartFactor Authentication delivers a context-aware authentication methodology based on AI/ML insights into user behavior to move beyond text-based passwords.

Adaptive Login Flows

The new OneLogin adaptive login flows functionality uses Vigilance AI to automatically restructure authentication flow based on risk. When anomalous or risky activity is detected, a user may be required to authenticate using factors other than text-based passwords, including MFA, certificates, and biometric data. This prevents cybercriminals from using brute spray or password replay tactics. OneLogin also empowers users to configure custom authentication flows and embrace the next-generation of authentication technology.

Compromised Credential Check and Password Blacklist

OneLogin compromised credential check functionality prevents users from using credentials that have been breached and posted on the dark web. OneLogin password blacklist prevents employees or customers from using common or insecure passwords schemes that are easily compromised.

Risk-Aware Access Powered by Vigilance AI

With risk-aware access and adaptive deny, OneLogin combats malicious activity by blocking any access to systems and applications when extreme risk is detected.

About OneLogin, Inc.

OneLogin, the leader in Unified Access Management, connects people with technology through a simple and secure login, empowering organizations to access the world™. The OneLogin Unified Access Management (UAM) platform is the key to unlocking the apps, devices, and data that drive productivity and facilitate collaboration. OneLogin serves businesses and partners across a multitude of industries, with over 2,500 customers worldwide. For more information visit www.onelogin.com.

Media Contact

Natalia Wodecki

[email protected]

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/21/2020
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
Meet the Computer Scientist Who Helped Push for Paper Ballots
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-25821
PUBLISHED: 2020-09-23
** UNSUPPORTED WHEN ASSIGNED ** peg-markdown 0.4.14 has a NULL pointer dereference in process_raw_blocks in markdown_lib.c. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2020-3130
PUBLISHED: 2020-09-23
A vulnerability in the web management interface of Cisco Unity Connection could allow an authenticated remote attacker to overwrite files on the underlying filesystem. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted HTTP re...
CVE-2020-3133
PUBLISHED: 2020-09-23
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper validation of incoming emails. An attacker could exploit t...
CVE-2020-3135
PUBLISHED: 2020-09-23
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (UCM) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based...
CVE-2020-3137
PUBLISHED: 2020-09-23
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability exists because th...