Solutions

Secfense IdP: Secure, Passwordless Authentication for Your Enterprise

secfense idp hero

Overview

Vector

Secfense IdP offers a seamless transition to passwordless authentication using SAML, without the need to overhaul your existing Identity and Access Management (IAM) systems. By acting as an Identity Dispatcher, Secfense ensures that you retain full control over user identities, while removing the vulnerabilities associated with passwords.

Key Benefits

For Business Leaders

defend 1

Reduced Risk of Breaches

Eliminate the risks associated with password theft 
and phishing attacks by adopting a passwordless 
approach using FIDO-compliant passkeys.

wallet icon

Cost-Effective Integration

Transform your existing authentication methods 
(e.g., for M365, Google, ServiceNow, VPNs) into 
a modern, secure solution with minimal changes.

Frame 691

Compliance-Friendly

Ensure that authentication processes are fully compliant with the latest security standards, reducing the complexity of regulatory audits.

For Technical Teams

Puzzle

Seamless IAM Integration

Secfense IdP integrates with your current IAM systems, 
such as Active Directory, ensuring user identities are verified within your secure environment.

upscale

Enhanced Security

By using asymmetric cryptography, Secfense eliminates 
the need to store or transmit passwords, significantly reducing potential attack vectors.

settings

Flexible Authentication Flow

Support for both SaaS applications and VPNs with customizable registration and authentication processes, making it adaptable to your specific needs.

How It Works

Registration Process

  • User Initiates LoginThe user navigates to the application or VPN 
and initiates the login process.
  • Redirection to Secfense IdPThe login request is redirected to Secfense IdP, 
where the user inputs their credentials.
  • Credential EncryptionThe credentials are encrypted and sent to the 
on-premises User Access Security Broker (UASB).
  • Verification and TrustThe UASB decrypts the credentials and verifies 
them against your IAM (e.g., Active Directory).
  • Passwordless RegistrationThe user is prompted to register a passkey, stored on 
their device, with the public key saved on Secfense IdP.
Warstwa 1

Passwordless Authentication

  • Login InitiationThe user navigates to the application or VPN.
  • User IdentificationIf using the same browser or device, the user 
is automatically identified.
  • Passkey VerificationThe user authenticates using their passkey.
  • Active User CheckSecfense IdP queries the UASB to confirm the user 
is still active and part of the appropriate security groups.
  • Access GrantedUpon successful verification, the user is granted access without using a password.
Warstwa 11

 Technical Architecture

TCP Long Polling for Secure Communication

Secfense IdP uses TCP long polling to maintain a persistent connection with the on-premises UASB. This setup ensures that all authentication and authorization requests are securely handled within your network, without opening new attack vectors.

Why Secfense IdP?

Secfense IdP simplifies the adoption of passwordless authentication, enhancing both security and user experience. By integrating seamlessly with your existing systems, it offers a secure, compliant, and cost-effective solution that scales with your business.

Get Started with Secfense IdP

Testimonials

We are faced with new challenges every day. We must always be one step ahead of the attackers and know what they are going to do before they do it. We are convinced that the User Access Security Broker will bring security to a new level, both for those working at the office and from home. For us, working with Secfense is an opportunity to exchange experience with developers who put great value on out-of-the-box thinking.

Krzysztof Słotwiński

Business Continuity and Computer Security Officer

BNP Paribas Bank Poland

As part of the pre-implementation analysis, we verified that users utilize a wide range of client platforms: desktop computers, laptops, tablets, smartphones, and traditional mobile phones. Each of these devices differs in technological advancement, features, and level of security. Because of this, and also due to the recommendation of the Polish Financial Supervision Authority (UKNF), we decided to introduce additional protection in the form of multi-factor authentication mechanisms based on FIDO. As a result, users of our applications can log in safely, avoiding common cyber threats such as phishing, account takeover, and theft of their own and their clients’ data.

Marcin Bobruk

CEO

Sandis

We are excited to partner with Secfense to enhance our user access security for our web apps. By integrating their User Access Security Broker, we ensure seamless and secure protection for our applications and systems, delivering superior security and convenience to our customers.

Charm Abeywardana

IT & Infrastructure

Visium Networks

Before investing in Secfense, we had the opportunity to talk to its existing clients. Their reactions were unanimous: wow, it’s so easy to use. We were particularly impressed by the fact that implementing their solution does not require the involvement of IT developers. It gives Secfense a huge advantage over the competition, and at the same time opens the door to potential customers who so far were afraid of changes related to the implementation of multi-factor authentication solutions.

Mateusz Bodio

Managing Director

RKKVC

Even when the network and infrastructure are secured enough, social engineering and passwords can be used to gain control of the system by attackers. Multifactor authentication is the current trend. Secfense addresses this and allows you to build zero trust security and upgrade your current systems to passwordless applications within minutes, solving this problem right away,” said Eduard Kučera, Partner at Presto Ventures and cybersecurity expert – former Director in hugely successful Czech multinational cyber security firm Avast.

Eduard Kučera

Partner

Presto Ventures

One of the biggest challenges the world is facing today is securing our identity online. That’s why we were so keen to have Secfense in our portfolio. They make it possible to introduce strong authentication in an automated way. Until now, organizations had to selectively protect applications because the deployment of new technology was very hard, or even impossible. With Secfense, the implementation of multi-factor authentication is no longer a problem, and all organizations can use the highest standards of authentication security.

Stanislav Ivanov

Founding Partner

Tera Ventures

Two-factor authentication is known to be one of the best ways to protect against phishing; however, its implementation has always been difficult. Secfense helped us solve that problem. With their security broker, we were able to introduce various 2FA methods on our web applications at once.

Dariusz Pitala

Head of IT

MPEC S.A.