Plurilock DEFEND Platform
Plurilock DEFEND, a patented, behavioral-biometrics platform, uniquely identifies end users by comparing micro-patterns in a person’s keystroke or pointer behavior for identification every 3-5 seconds.
A working DEFEND deployment consists of:
DEFEND endpoint agents which are installed on employees' workstations and computers to gather input metadata surrounding keyboard and mouse movement.
DEFEND cloud service which receives input metadata from endpoint agents, analyzes this data to generate biometric profiles, compares current employee activity against what has been learned about their movement in the past, and returns decisions about whether employees are biometrically recognized or not.
DEFEND administration console which provides security teams and administrators with tools to manage DEFEND's configuration and behavior, and with a user interface to consume information about the decisions that DEFEND makes about employee identity.
DEFEND Architecture Details
DEFEND agents are lightweight Windows- or Mac OS-native applications that run in the background and consume a tiny percentage of resources. They do not directly transmit unmodified information about what is being typed or what is being done with the mouse. Agents communicate with the cloud service using encrypted websocket connections.
The DEFEND cloud service is a scalable, high-availability service running on Amazon's AWS platform and is designed to serve a large number of users in real time while making biometric decisions about the timing characteristics of their input. The cloud service leverages best practices for cloud platforms, including recommended current architecture and key management techniques. Plurilock staff do not have access to customers' DEFEND cloud service data or keys.
The DEFEND administration console is a browser-based SaaS application that runs security in current browser versions and supports TOTP MFA and directory integration for role-based administrator access management. It interfaces with the DEFEND cloud service over encrypted transport. Plurilock staff do not have access to customers' DEFEND administration consoles.
Table of Contents
- Front Matter
- Trademarks
- Copyrights
- License Conditions
- Disclaimer
- Contact
- Background
- Plurilock DEFEND Platform
- DEFEND Architecture Details
- First Login to the Admin Console
- Creating a Continuous Authentication Site
- Configuring Services
- Configuring Email Service
- Configuring Out-of-band (OOB) Notifications
- Configuring SMS Notifications
- Configuring Authy (Push Notifications)
- Configuring Health Notifications
- Configuring Identity Providers
- Configuring Webhooks
- Webhook Data Format
- Creating and Managing Administration Console Users
- Creating an Administrator Account
- Editing Your Own Admin Account
- Managing Administrator Roles and Permissions
- Continuous Authentication
- Overview
- Deploying Users
- Managing Continuous Authentication Behavior and Enforcement
- Creating and Configuring Groups
- Group Engine and Policy Settings — Application Rules
- Group Engine and Policy Settings — Biometrics
- Group Engine and Policy Settings — Enforcement
- Group Engine and Policy Settings — Data Deletion
- Moving Users Between Groups
- Managing User Biometric Profiles
- Monitoring Alerts
- Using Continuous Authentication Logs
- Understanding Risk Levels and Log Outcomes
- Automated Engine Training
- System Dashboard
- System Audit Logging and Appendices
- Checking the System Log
- APPENDIX 1: Configuring SMS Notification Service
- APPENDIX 2: Configuring Push Notification Service
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article