Prevents Abuse of Valid Credentials
Attackers can obtain valid credential sets via phishing, social engineering, and other methods. They then use the credentials to access and take over the accounts.
This is the most difficult form of ATO to prevent, because it does not rely on security holes, malicious inputs, brute-force tactics, or other hostile activity. The attacker simply logs into the application, as the actual user would do. Nevertheless, Reblaze can detect and block even this form of ATO.
Reblaze goes beyond traditional approaches to security, and adds a number of additional layers of analysis. It uses UEBA and Machine Learning to build fine-grained biometric behavioral profiles for all legitimate users and customers. The platform learns and understands users’ characteristics, and how they interact with the sites, applications, and APIs that it protects. Reblaze uses multivariate analysis to distinguish legitimate users from threat actors, and makes decisions not only according to the traffic source, but also according to each user’s identity, behavior, and intent.
A threat actor attempting an ATO will have, unavoidably, a number of different characteristics compared to the actual user. Reblaze detects these differences immediately. Furthermore, every attacker must, at some point, deviate from legitimate user behavior. When a hostile actor attempts to abuse an account, Reblaze blocks the traffic source, preventing further access.