Automation and AI are the headliners for ForgeRock’s new IAM platform, which aims to simplify an increasingly complex identity and security landscape. Credit: CIS Identity and access management (IAM) vendor ForgeRock said Tuesday that it’s set to start rolling out its new Identity Governance offering—a cloud-based security and governance product designed to provide one-stop shopping for organizations looking to solve access management issues.There are three main components to ForgeRock’s newest IAM product, according to the company. The first, comprising access certifications, provides AI-generated recommendations to decision-makers on whether to grant access to a given system to users or applications. The second component, which deals with access requests, offers automated application access and an automated, always-on self-service portal. Finally, Identity Governance provides a “segregation of duties” feature that is designed to aid in compliance with regulatory requirements.The system runs on ForgeRock’s own Google Cloud instance, which means that no hardware or even cloud workloads run on the user’s own systems—the entire platform operates remotely.“This means you get the horsepower to process millions of permissions per minute without worrying about a noisy cloud neighbor obstructing your workload,” the company said in a blog post. The idea is to address problems in security, onboarding, and the vast increase in the complexity of the application environment driven in part by hybrid workers. Trying to handle every low-level service request and onboarding task manually is simply not an option for many companies. Automating them, then, and providing a unifying framework for several different parts of the identity and security governance equation, is an attempt to dramatically lessen the workload for IT security teams.“Technologies that help IT teams govern application and data access at scale have become increasingly important to enterprise security strategies,” said Google Cloud director of product management Irina Farooq, in ForgeRock’s announcement. The AI/machine-learning part of the ForgeRock Identity Governance platform can even go above and beyond making simple recommendations, according to the company– automatically paring down excessive permissions granted to particular accounts, and flagging potential issues for immediate attention from IT staff. It’s a product of the company’s earlier investments into AI technology, ForgeRock’s blog post noted, and an outgrowth of its Autonomous Access product, which applies automated decision-making to (as the name suggests) identity access requests, and which was released in May of this year.ForgeRock said that the access certifications component of the platform will be the first available, as of “the beginning of 2023.” Related content brandpost Shifting security left: DevSecOps meets virtualization By Anthony Ricco, CMO of Corellium. 01 Jul 2023 4 mins Security news analysis Attackers add hacked servers to commercial proxy networks for profit Proxyjacking allows attackers to sell unknowing victims' unused network bandwidth. By Lucian Constantin 30 Jun 2023 4 mins Cybercrime news Command-and-control framework PhonyC2 attributed to Iran’s Muddywater group PhonyC2 was used to exploit the log4j vulnerability in the Israeli software SysAid, the attack against Israel’s Technion institute, and the ongoing attack against the PaperCut print management software. By Apurva Venkat 30 Jun 2023 4 mins Advanced Persistent Threats Cyberattacks Vulnerabilities news First state-sponsored cyberattack against UK government revealed two decades later Rare insight marks the 20th anniversary of a state-backed malware attack on a UK government department. By Michael Hill 30 Jun 2023 3 mins Cyberattacks Government Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe