Multi-factor authentication from Cisco's Duo protects your applications by using a second source of validation,
like a phone or token, to verify user identity before granting access. Duo is engineered to provide a simple,
streamlined login experience for every user and application, and as a cloud-based solution,
it integrates easily with your existing technology.
Track your Duo MFA data in Stratiam and surface insights alongside other data-sets.
Track the number of devices in your Duo setup.
Monitor this alongside total devices in your IT Infrastructure using Stratiam then cross-correlate these against other security protection signals, for example Cylance, Cybereason and Breach Aware.
This is the count of authentications in which the authentication has been skipped for a user in bypass mode.
This is the count of authentications completed using Duo Security's two-factor authentication service.
Denied Authenticaion relates to access being denied to users not enrolled in Duo. Users must be enrolled before attempting authentication,
by using one of the automatic enrollment options, bulk self-enrollment, or manual enrollment by a Duo administrator.
High Denied Authentication attempts can suggest a possible active attacks on your IT security and are so worth monitoring in Stratiam.
Recently, Duo observed a decline in overall ransomware attacks, an increase in malicious coinminers, and a marked evolution of popular threats like Emotet.
Overall Malware attacks rose by 10% as attackers continued to hone their tools, skills, and tactics to threaten Windows, macOS, and various IoT platforms.
Carefully monitor these, and others, within Stratiam to add value to your overall IT Security strategy.
Chart types are an enhancement beyond what would be available in the native Duo platform and are an example Stratiam value-added features. Actual platform visualisations may differ to what is demonstrated in the concepts below. All charts have linked drill-paths for further data-exploration.
Monitor authentications by type over time. Example shows ficticious data for the last 30 days.
Monitor volumes of inactive, active and total users by MFA authentications.
Explore threats in Cylance alongside their Active Directory setup. Then use the combined signals from both to cross-correlate and surface completely unique views.
Connecting to Duo via our API connector is easy, you simply need to request a trial, after which we'll help set you up with your API credentials, select visualisation types and relevant permissions to get started. If you have other data-services you are interested in connecting to, we'd recommend checking out our other data-connectors.