NEW YORK--(BUSINESS WIRE)--Beyond Identity, the leading provider of passwordless, phishing-resistant MFA, has announced the formal release of ‘Zero Trust Authentication’ (ZTA) as a subcategory of zero trust technology, together with the launch of the Worldwide Zero Trust Leadership series of events that will run throughout 2023. Bringing together industry-leading security technologies and integrators, Beyond Identity, Palo Alto Networks, CrowdStrike, Optiv, World Wide Technology, Guidepoint Security, BeyondTrust, Ping Identity and Climb Channel Solutions will enable organizations to move towards secure authentication designed to advance the zero trust strategies of global 5000 companies.
Zero Trust Authentication has been developed in response to the failure of traditional authentication methods – a problem exacerbated by the increasing number of cyberattacks. Adopting Zero Trust Authentication will allow organizations to overcome the limitations of passwords and legacy multi-factor authentication (MFA) and implement more robust security strategies. To achieve this, the Zero Trust Authentication approach includes components such as Beyond Identity's risk scoring and continuous authentication capabilities, which significantly enhance the level of protection offered.
"In working with leaders across the security ecosystem, it became apparent to us that the industry needs to formally bring identity and access management into the security fold to continuously deliver the highest level of security around users and devices,” said Tom Jermoluk, Chief Executive Officer and Co-Founder of Beyond Identity. “We are bringing together the leaders from the essential technology categories to ensure authentication decisions are risk-based and continuously informed with signals from the wealth of existing cybersecurity tooling. Through close technology collaboration and now go-to-market collaboration in this Zero Trust Leadership series, we are delivering strong authentication built for an ‘always on’ zero trust world coupled with practical advice and best practices so that enterprises can finally close identity and access management vulnerabilities.”
"Year after year, Identity and authentication vulnerabilities remain the single largest source of ransomware and security breaches, so something has to fundamentally change to close this vulnerability and enable organizations to meet the security mandates issued by the White House, NIST and CISA,” said Dr. Chase Cunningham, better known as a co-creator of the Zero Trust Extended framework and as Dr. Zero Trust. “The Zero Trust Authentication approach eliminates weak authentication factors and optimizes user and device access decisions with risk signals from a variety of installed cyber security tooling because Zero Trust is a team sport, and this enables organizations to effectively shut the door on the single largest initial attack vectors adversaries routinely rely on."
The Zero Trust Leadership Series kicks off with the ‘The Bridge to Zero Trust’ virtual event on March 15th, 2023, which will bring together zero trust industry leaders, including CISOs from leading organizations, technology providers, advisors and solution providers. Attendees will learn how to combine identity, authentication, network architecture, endpoint detection and response technologies to strengthen their cybersecurity efforts and gain practical insights and best practices that will enable Identity and Security teams to stay ahead of attackers and out of the headlines and advance their zero trust security efforts.
Among the organizations supporting Zero Trust Authentication are identity leaders Ping Identity and Beyond Trust, cybersecurity leaders Palo Alto Networks and CrowdStrike, security integrators World Wide Technology and Optiv, technology distributor Climb Channel Solutions, and industry associations including the Cloud Security Alliance and the FIDO (Fast Identity Online) Alliance.
“Delivering continuous verification of identity — user and devices — is essential to meeting the promise of zero trust,” said Jay Bretzmann, Research Vice President, Security Products at IDC. “Beyond Identity has taken the approach to utilize signals from security infrastructure in near real-time to raise the security standard and capitalize on existing security infrastructure investments in EDR and SASE tools.”
“Accelerating effective and leading cybersecurity programs requires a zero trust approach,” said Marcos Christodonte II, Global CISO of CDW. “The notion of Zero Trust Authentication represents a significant advancement in authentication security—coupling identity-centric and network-centric capabilities to provide a comprehensive, policy-driven approach that continuously safeguards data and systems amidst a tenacious cyber threat landscape.”
Zero Trust Authentication Requirements
Beyond Identity, together with zero trust leaders, has defined a set of practical requirements that any organization can use to measure their current identity practices and adopt to insulate their workforces and customers from everyday attacks. These include:
1. Passwordless – No use of passwords or other shared secrets, as these can easily be obtained from users, captured on networks, or hacked from databases.
2. Phishing resistant – No opportunity to obtain codes, magic links, or other authentication factors through phishing, adversary-in-the-middle, or other attacks.
3. Capable of validating user devices – Able to ensure that requesting devices are bound to a user and authorized to access information assets and applications.
4. Capable of assessing device security posture – Able to determine whether devices comply with security policies by checking that appropriate security setting are enabled, and security software is actively running.
5. Capable of analyzing many types of risk signals – Able to ingest and analyze data from endpoints and security and IT management tools.
6. Continuous risk assessment – Able to evaluate risk throughout a session rather than relying on one-time authentication.
7. Integrated with the security infrastructure – Integrating with a variety of tools in the security infrastructure to improve risk detection, accelerate responses to suspicious behaviors, and improve audit and compliance reporting.
Beyond Identity is the only solution addressing all key zero trust authentication requirements. Together with its partners, it is bringing this practical advice directly to customers and channel partners, starting with the virtual event, to major events like RSA and Black Hat, and key cities across North America and Europe over the balance of 2023. For the industry at large, it's delivering a category-defining book, titled Zero Trust Authentication, which details the specific capabilities, requirements, policies and best practices to materially advance zero trust.
About Beyond Identity
Beyond Identity is revolutionizing digital access for organizations looking to improve protection against cyber attacks and deliver the highest levels of security for their workforces, customers and developers. The company’s suite of passwordless, phishing-resistant, and Zero Trust Authentication solutions improves security and user experience. The platform delivers continuous risk-based authentication incorporating signals from the zero-trust ecosystem to ensure only valid users and secure devices gain or maintain access to critical resources. Companies like Snowflake, Unqork, and Roblox rely on Beyond Identity’s highly available cloud-native platform to thwart attacks and advance their zero-trust strategies. To learn more about Beyond Identity’s FIDO2-certified multi-factor authentication (MFA) solutions, visit beyondidentity.com and stay connected with us on Twitter, LinkedIn, and YouTube.