Auth0 has acquired Apility.io in part to gain access to an application programming interface (API) through which curated IP, email and domain reputation data will be fed into the Auth0 anomaly detection engine.
Delivered as a service, the Auth0 reputational data analytics engine will enable cybersecurity teams to more easily parse and normalizing blacklists from across the dark web. The data feeds being aggregated by Auth0 using the APIs developed by Apility.io will be known as Auth0 Signals.
Auth0 will also make available a community edition of the APIs developed by Apility.io to enable organizations to investigate specific IP addresses.
Company CTO Matias Woloski said relying on legacy firewalls to block suspicious traffic is no longer sufficient, given the rate at which malicious domains are being spun up on the dark web. Cybersecurity teams need to be able to rely on advanced analytics tools to identify malicious sites in near real-time, he said. The acquisition of Apility.io will make it possible for Auth0 to more easily streamline the data feeds required to provide cybersecurity teams with accurate intelligence that can be acted upon immediately.
That intelligence is critical because too often existing cybersecurity platforms wind up blocking legitimate traffic simply because the blacklisting capabilities of firewalls lack enough context to distinguish legitimate sources of traffic from malicious sites that closely mimic a legitimate source of traffic, noted Woloski. For example, many cybersecurity teams block high-velocity authentication requests above a certain threshold; however, cybercriminals can create scripts to make sure their botnets stay below that threshold.
The Auth0 analytics engine can process billions of logins per month that may be generated across more than 50,000 IP addresses a day to identify credential-stuffing attacks, said Woloski. Once the Auth0 engine identifies a potential malicious source of traffic, a challenge can be sent to verify the identity of the site.
Woloski said it is clear cybersecurity teams will increasingly need to rely on advanced analytics and machine learning algorithms to counter botnets that are leveraging automation to replicate malicious web sites rapidly. Cybercriminals are now part of highly organized syndicates that collectively generate trillions of dollars in annual revenue. Their ability to invest in next-generation technologies is on a par with web-scale companies such as Amazon or Google.
As cybersecurity evolves increasingly into a battle against bots, the expertise of human cybersecurity professionals will need to be augmented by relying more on various forms of artificial intelligence (AI). Ultimately, Woloski said the goal for Auth0 is to prove a single pane of glass through which cybersecurity teams can automatically remediate cybersecurity issues involving identity. The issue as far as cybersecurity teams are concerned is whether those investments will be able to keep pace with the rate at which cybercriminals are likely to make investments in AI of their own, as cybersecurity effectively has now become an AI arms race.
— Michael Vizard