PingOne Protect combines multiple internal and external risk factors to provide a single access point for calculating and retrieving risk scores. Use the user interface to create risk policies and configure the scores of various risk predictors into a single risk score. You can also view data and analytics on high-risk events and get in-depth insights on the authentication behavior of your users.

A screen capture of the PingOne Risk dashboard.

By implementing risk policies, you can control the authentication flow depending on the risk level. For example, you can force high-risk users to step up to stronger authentication or deny them access while providing a frictionless experience for trusted users.

PingOne Protect leverages the following predictors to learn user behavior and detect anomalies:

  • User and entity behavior analytics (user risk behavior and user-based risk behavior)
  • Velocity (user velocity and IP velocity)
  • Anonymous network detection
  • IP reputation
  • Geovelocity anomaly
  • User location anomaly
  • Device (new device and suspicious device)
  • Bot detection

The suspicious device and bot detection predictors are only available if you have a license for PingOne Protect. If you have a PingOne Risk license, contact your account team for more details.

For more information, see Introduction to predictors and the PingOne Protect Datasheet.