FusionAuth, makers of the complete, developer-focused API-first identity and access management platform, today announced FusionAuth Advanced Threat Detection. This suite of features provides additional security for FusionAuth users, protecting their customers from cyber attacks that prey on identity-related themes. FusionAuth Advanced Threat Detection was created with developers in mind, giving them robust security features that are simple to implement into their apps and software right out of the box. The new offering also monitors user behavior to determine if users are who they say they are, further securing their identities.
According to the U.S. Federal Trade Commission (FTC) there were 1.4 million identity theft complaints filed with the organization, up from 650,000 the year prior; identity theft complaints accounted for nearly 30% of all complaints received by the FTC, up nearly 10% from 2019. With the impact of identity theft expected to continue to grow, it is important for organizations to take action to better protect customer data. FusionAuth’s tools, giving developers what they need to easily implement robust, sophisticated authentication and authorization when building software and services, are an important part of protecting their customer’s information.
“The world has changed and the way we protect customer identity has to change, too. We transfer money on our phones, play via gaming consoles, and see our doctor through telehealth appointments. These applications need to provide advanced protection at every layer to ensure the person behind that phone or computer is who they say they are,” said Brian Pontarelli, CEO of FusionAuth. “Our new Advanced Threat Detection gives developers a complete solution for protecting against malicious logins or account takeovers.”
FusionAuth’s Advanced Threat Detection includes:
- IP Access Control Lists: flexible rules to examine IP addresses and block malicious requests while allowing valid access;
- Rate Limiting: limits common requests (failed login, forgotten password, send email verification and more) to prevent user login spamming, credential stuffing, and bot access;
- Registration Locking by Domain: prevents emails from certain domains from being used to register accounts, which can prevent account spoofing;
- Expanded Webhook Events enables tracking important events around passwords, MFA, and login.
- Captcha: requires users to prove they are human to log in or register with support for Google ReCaptcha V2 and V3, hCaptcha and hCaptcha Enterprise;
- Impossible Travel Calculations: prevents insecure access from geographically distant login requests by calculating whether travel between login locations is physically possible.
These security enhancing features are all turn-key, with minimal configuration and no coding required.
FusionAuth also recently launched its Advanced Multi-Factor Authentication (MFA) offering, which gives developers more flexibility and choice in deploying authentication within their organizations, including factors such as multiple TOTP apps, phone numbers or email addresses, and step up authentication.
FusionAuth is a complete identity and access management platform designed and built by security and identity experts to save development teams time and resources. It installs in minutes and lets devs implement complex standards and powerful features including login, registration, SSO, MFA, emails, localization, reporting, and much more. FusionAuth has been battle-tested in high-volume industries from finance to gaming and deployed on servers around the globe. Learn more at fusionauth.io
P: +1 480 292 4640