Billions of Data Points Analyzed
Elevate’s user risk model analyzes billions of independent data points from across the organization and beyond. Factors such as worker susceptibility to real phishing, sensitive data handling, safe browsing, and password management, along with demographics and other characteristics, are continually aggregated and updated into detailed, transparent, high-confidence user risk metrics, according to Elevate.By integrating user risk data into IAM and identity governance administration (IGA) tools and processes, security teams now know the true risk characteristics of each worker attempting to access their systems. That includes an individual’s vulnerability to social engineering attacks.With this data in hand, defenders can automate customization of conditional access policies, Elevate said. For example, Elevate may determine that a particular engineer, with access to company source code, is being targeted by attackers with increased frequency and has recently visited an insecure website.Once Elevate identifies the individual as a “high risk engineer,” they are protected by specific IAM policies. These include forcing password-less multi-factor authentication, requiring a company-provided device, or limiting access to sensitive materials.Productivity and Protection Delivered
Commenting on its advanced offering, Elevate founder and CEO Robert Fly said.“With comprehensive user risk data informing the identity and access process, defenders have a simple, transparent, and effective method to apply personalized protections aligned to individual vulnerabilities. The ability to make better decisions, in real-time, at scale, during this critical stage of the kill chain is an absolute game changer in the fight against human-centered attacks.”