CSSO IAM

Découvrez la fonction IAM la plus sécurisée au monde

Microservice Fingerprinting on the Application Level

Our CSSO IAM adds a novel and necessary layer to secure user authentication by deploying agents/eBPF on top of your web application (see Fig. 1). Those agents track the user's behavior on the app and send it to our risk engine where ML algorithms will determine whether the user exhibits normal or abnormal behavior. Eventually, the IdP will indicate authentication decisions based on these observations (see Fig. 2).

Since we measure the user's behavior continuously throughout the whole logged-in session, we will be able to find out when the person using the app changes. Thus, adversaries won't be able to take over authenticated sessions by stealing the SSO session token.
Also, as we collect metrics only from the server-side (see Fig. 2), our technology is not spoofable, which sets us apart from the mentioned state-of-the-art IAM solutions.

Smart Micro-Segmentation

On top, we improve the Zero Trust-Approach of Micro-Segmentation. MS aims to break the attack surface for lateral movement esp. in case of ransomware attacks down to minimal access rights, on the flip side, users have to keep lots of credentials and will regularly be restricted to access crucial parts of their app environment due to false positive alarms. Our solution will restrict access only to security-critical parts while maintaining day-to-day operations.