Protecting Your Customers and Your BusinessIdentity Management and Behavioral AnalyticsEric LaBadie, Vice President, Customer Sucess

Guardian Analytics

Proven at Hundreds of Companies

Pioneered individual behavioral analytics to fundamentally change fraud prevention/security

Patented technology

25 million accounts protected

Trillions in assets protected

2 billion sessions protected

National and community banks

Leading Security Technology

"Guardian Analytics…has a proven and effective fraud detection risk-scoring engine."

"Guardian Analytics possesses one of the clearest visions for how to tackle fraud management.”

Partnered with ForgeRock

Increase protections of user accounts

Combine identity relationship management with analysis of user behavior

3

Our Challenge Today Criminals More Effective Than Ever At Targeting Users

Control email accounts Usernames/passwords Personal information Bank account information Spoof devices, location

Email Takeover

Phishing

Social Engineering

OnlineMalware

Breaches

© 2014 Guardian Analytics, Inc. Confidential

Cloud Apps

Bad News: Bad Actors Successfully Hide Behind Good Credentials

FinancialsData stores

Internal & External Bad Actors

Cloud apps

On-prem apps

Customer-facing web apps

Corporate Apps and Systems

Legitimate Credentials

Access

Controls

Compromised Employee

Compromised or malicious 3rd parties

Malicious Employee

Compromised Customer

Good News: Bad Behavior Always Stands OutUser behavior

Device/IPInformation

Authentication & MFA

Application Access

Administrative Activities

Day and Time

Access

ControlsLegitimate Credentials

Each user has a unique behavioral fingerprint

User behavior changes with malicious activity• Account takeover• Malicious insiders

Behavioral anomalies are completely detectable

Compromised Employee

Compromised 3rd parties

Malicious Employee

Compromised Customer

Guardian Analytics and OpenAM - Real-time Detection of Unauthorized Access or Misuse

Identity AccessManagement a

User CentricBehavioral Analytics

Compromised Employee

Compromised 3rd parties

Malicious Employee

Compromised Customer

• Country• City• State• Language• OS/Browser• Screen

Resolution• Plugins• Font List• Sign-On ID• Device Type• Provider• IP Type• Last Login• Login Times• Date/time• Encoding• Timezone

1. User attempts to login

2. OpenAM collects login data

3. Securely sends to GAHardened SSL

How Behavioral Analytics Works

Individual

Population-level

Behavioral Analytics

Identity AccessManagement a

User CentricBehavioral Analytics

• Country• City• State• Language• OS/Browser• Screen

Resolution• Plugins• Font List• Sign-On ID• Device Type• Provider• IP Type• Last Login• Login Times• Date/time• Encoding• Timezone

ReputationData

Behavioral Analytics Is access from an expected

machine configuration? Is this a potentially

compromised account? Is it a suspicious IP address? Is it a suspicious device? Is the user in a typical

location or following a typical travel pattern?

Is the application access at an expected time or frequency

Are profile or authorization changes unusual?

Individual

Population-level

Behavioral Analytics

ReputationData

Using Behavioral Analytics to Drive Risk-Based Authentication

Identity AccessManagement

4. GA evaluates risk posed by the user - No tuning or rules are required

5. Risk level returned to OpenAM

Hardened SSL

a

User CentricBehavioral Analytics

6. Low risk level – no intervention

7. High risk level triggers One Time Password

Benefit of Combined Solutions

Customers

Employees

3rd Parties(Vendors, partners,

contractors)

Manage and Control who users are and what they can do

Analyze that users are who they say they are and doing what they are supposed to do

Extend relationships and engagement (information, services, devices, etc.)

without increasing risk

Security Creates Trust & Confidence

Identity Relationship Management

Behavioral Analytics and Anomaly Detection

Real-time OpenAM-Guardian Analytics integrated solution

Demonstration

Thank You