ForgeRock OpenAM and OpenIDM™ Suite
VeriClouds CredVerify™ is the only service designed for use with ForgeRock OpenAM and OpenIDM to detect, verify and prevent the use of weak or stolen credentials throughout the entire user lifecycle.
Simple, yet powerful
VeriClouds CredVerify authentication module checks leaked credential through VeriClouds CredVerify Cloud API. If a user login ID and credential combination is found to match to a login ID and credential discovered in previous data breaches, the module will fail the authentication otherwise it will pass the authentication.
Enabling VeriClouds CredVerify in your environment:
- Provides visibility into user-centric risk of privileged accounts
- Automates the transformation of insight and analysis into real-time policy enforcement and action
- Outsources the legal liabilities of handling stolen sensitive account data from the dark web
- Significantly minimizes the threat from the number one cause of data breaches - the weak or stolen password
Integrating and uniting privilege management with superior detective controls closes the loop. It unleashes the full power and potential of compromised credential verification “as-a-service.”
ForgeRock Integration Demo
Enhanced Protection for ForgeRock OpenAM and OpenIDM
- Automated detection and remediation of compromised credentials
- Minimize the risks/cost of credential stuffing attacks
- Align password policy with NIST SP 800-63B guidelines
- Easy to deploy – only a few lines of code
- Very low overhead with sub-second response times
Secure By Design
VeriClouds engages in "white hat security research" to prevent threat actors from gaining unauthorized access to customer accounts, and operates to promote security and safety for the true owner of the data or person entitled to the data. The VeriClouds solution uses its own patent-pending technology of encryption, hashing, and data masking to ensure privacy and compliance when handling potential PII and other sensitive data.
VeriClouds' unique and proprietary database offers these distinct advantages:
- All PII data are encrypted using AES-256
- Crypto for password comparisons are performed in an on-board HSM in our hardware appliance
- Data masking techniques are combined with data encryption to ensure we never reveal sensitive data
Whether your needs are compliance with GDPR, ISO, SOC2, or any other regulation, rest assured that VeriClouds' commitment to security by design and privacy preservation ensures the safety and protection of your sensitive data.