Advanced Threat Detection features protect FusionAuth Enterprise licensed systems from malicious behavior related to logins, registration, and user creation.
This threat detection feature allows admins to set per user rate limits for the following user actions.
FusionAuth will require a CAPTCHA in certain circumstances such as when a new device is seen for the first time. There are a variety of paid and free CAPTCHAs supported, including Google ReCaptcha and HCaptcha.
FusionAuth Advanced Threat Detection enables administrators to lock down an application or API key to a certain IP address or range of IP addresses by creating an IP access control list.
Request location data is used in a variety of ways to secure user accounts. All features are configurable by developers. Some location aware features include:
Geographic location of where the password reset request was made is displayed in Password reset email, allowing the recipient to determine if the request seems suspicious.
Calculate "impossible travel" to see if a user could realistically log in at different locations around the globe in a reasonable time frame.
When a login request occurs from an unexpected IP address, a user receives an email to notify them of a new login with an approximate location of the IP address.
For self service registration, administrators have the ability to block email domains using Advanced Threat Detection. There may be email addresses for which you want to block registration, like consumer gmail.com addresses if your application is aimed at business users.
There are a number of security related events that your SIEM or other analytics systems may want to ingest, such as when MFA has been disabled for a user or when a user has requested a password reset. Advanced Threat Detection webhooks can notify on 10 different suspicious or prohibited user actions, such as Duplicate IDs and Password Updates.
For a full list of Threat Webhooks, click here.
Chosen security events can trigger emails being sent to the user. Customized email templates contain security variables of choice, for situations such as duplicate ID creation, password resets, or MFA removal.
See full list here.
FusionAuth is a complete solution with no sacrifices. We got this. Go build something awesome.