A Canadian maker of behaviour-based multi-factor authentication is updating its solution to make it more broadly available with enterprise systems.
Plurilock Security Solutions of Victoria said Tuesday the latest version of Adapt, which is now available, directly supports Security Assertion Markup Language (SAML) and OpenID Connect, two frameworks for the deployment of standards-based authentication.
Out-of-box deployment via SAML and OpenID Connect will enable Adapt to provide strong MFA without custom integration work in the vast majority of environments, the company said in a statement, including those relying on single sign-on (SSO) and identity federation technologies. It notes that the SSO providers currently offering simple web-based instructions for SAML or OpenID configuration include Okta Inc, Cisco Systems’ Duo, OneLogin, and Ping Identity.
“Adapt is now easily deployable across most industry-standard security stacks,” said company chief executive officer Ian Paterson.
With a lightweight agent — a small script included in JavaScript-compatible login workflows — Adapt uses behaviour-based identifiers such as keystroke patterns, time of day of login, mouse movements on desktop computers as well as geolocation, ambient light and posture on mobile devices to identify a user. No phones, fobs, codes or tokens are needed. The company says it can be used to protect login prompts, enterprise endpoints, Citrix sessions and SaaS applications.
Adapt made its debut in February 2019. Since then it has won funding for research projects from the United States Department of Homeland Security (DHS) and the Canadian Department of National Defence (DND) and Canadian Armed Forces. The DHS project has several vendors investigating machine-to-machine (M2M) anomaly detection technologies to enable future Internet of Things (IoT) authentication in certain federal networks. The DND project is looking at anomaly detection and machine learning to improve the defence department’s detection of and response to cyber-attacks.
The company’s other product is called Defend, which provides continuous authentication for endpoints and workstations.
In February, before the pandemic hit, Plurilock announced it had agreed to a reverse takeover with a company called Libby K Industries that is listed on the TSX Venture Exchange. That would allow Plurilock to go public. Last week Libby K said that deal has been postponed, but the companies are still negotiating terms of a definitive amalgamation agreement.