ForgeRock Autonomous Identity Brings More AI-Driven Automation to Governance, Administration

ForgeRock Autonomous Identity's latest update aims to eliminate the need to manually set and mange access permissions. The result is an automated, proactive way to reduce risks from assigning user roles.

Tags: access, AI/ML, ForgeRock, governance, IGA, permissions,

ForgeRock is updating its AI-driven identity governance and administration platform to automate user access and simplify the task of achieving 'zero trust' for the enterprise. 


The latest update to ForgeRock Autonomous Identity features improvements to automation, AI/ML and data analysis. Working together they aim to eliminate the need to manually set and mange access permissions. The result is an automated, proactive way to reduce risks from assigning user roles.


ForgeRock's latest solution adds AI/ML to reduce enterprise risk by "discovering role-based access patterns across the entire organization" as well as recommending optimized role structures, according to Peter Barker, ForgeRock's chief product officer.


"ForgeRock Autonomous Identity has always been about helping IT and security teams work smarter," Barker said in a statement.


With ForgeRock's latest release of Autonomous Identity, the company is introducing "new role management capabilities that tackle tedious, manual access and governance processes using AI and ML," Barker said. These AI/ML advantages let companies better control and organize their data, helping create more "optimized roles" to more efficiently manage and govern access, he said.


In specific, ForgeRock's recommendations ensure users have the appropriate level of access they need for their role while reducing an organization's security risk. Because ForgeRock can identify, collect and analyze such data, firms can customize their own risk criteria (derived from their actual data) – and do so without the need for frequent and laborious data analysis, Barker added.


ForgeRock's use of AI/ML in its identity platform also lets users meet Zero Trust and CARTA (The Continuous Adaptive Risk and Trust Assessment) requirements, Thanks to efficient ways to discover role access patterns across the entire enterprise, users can

  • Analyze massive amounts of data, and spot anomalous behavior
  • Visualize low-, medium-, and high-risk confidence scores across the enterprise
  • Continuously identify and remediate based on least privileged access principles
  • Automatically revoke stale user access rights based on recommended remediations

The ForgeRock release comes at Gartner suggests that users of Identity, Governance and Administration (IGA) technology will benefit from increasing AI/ML and automation.


An  excerpt from Gartner's research report "Modern Approaches to Identity Governance and Administration Role Modelingresearch report advised

"[T]he process of updating IGA policies and roles should be automated using machine learning and advanced analytics, so that it leverages additional inputs, such as actual usage, to mitigate over-entitlement and role proliferation." 

How ForgeRock Leverage AI/ML To Identify 'Blind Spots' and Mitigate Risks

ForgeRock's Autonomous Identity uses AI/ML in several ways, including collecting and analyzing identity data to more quickly identify what ForgeRock calls "access blind spots."  

As a result, ForgeRock IGA provides users with deeper insight into a wide array of user access risks.


Among ForgeRock's notable features and benefits are:   


Rapid Insights into Enterprise-Wide Risk: Security and risk teams gain enterprise-wide contextually awareness of an organization's risk posture because they can now more quickly understand who has access to what.


Better Operational Efficiencies:  Teams can eliminate manual provisioning of new employee access and replace those with ForgeRock IGA's auto-provisioning processes based on high-confidence risk scores. Further, automated access request approvals reduce help-desk calls and tickets.  


Accelerate Role Optimization: Legacy role-based access control (RBAC) relies on manual input and requires constant maintenance. ForgeRock accelerates role optimization by discovering and analyzing role access patterns. Users can optimize models with a better understanding of access roles (low-, medium-, and high-confidence roles and entitlements).


An executive at Accenture, a ForgeRock customer and partner, shared his perspective on the improvements.


"We know firsthand how essential IGA is to keeping enterprises safe from cyber threats," said Rex Thexton, Accenture's Managing Director, Global Applied Cybersecurity Services Lead. "ForgeRock Autonomous Identity's AI-driven analytics allow us to quickly and accurately prevent over-provisioning account access to our more than half a million employees with a much higher degree of confidence."


ForgeRock's latest updates also let users "proactively identify risks," Thexton added.