ZeroTrust IAM delivers enterprise-grade Zero-Trust security without changing your users' login experience or rebuilding your identity infrastructure.
Captures eight distinct behavioural signals during login, building a rich multi-dimensional profile of each user's unique interaction style.
The ML engine uses the Isolation Forest algorithm — an unsupervised method requiring no labelled attack data. It learns what normal looks like for each user, then identifies statistical outliers indicating a potentially fraudulent session.
Algorithm: Isolation Forest
Type: Unsupervised Learning
Framework: scikit-learn
Training: Per-user baseline
Formally validated through structured testing, ZeroTrust IAM achieves a 90% accuracy rate in detecting anomalous login behaviour — significantly reducing false negatives while maintaining manageable false positive rates.
The ZeroTrust IAM Java plugin hooks directly into Keycloak's Service Provider Interface, intercepting the authentication flow transparently. No changes to your application code are required — it plugs into your existing identity infrastructure.
Anomaly detection happens during the authentication flow itself — not in a separate monitoring layer. Suspicious logins are blocked before access is ever granted, eliminating the dwell time window attackers exploit.
Enforces the principle of "never trust, always verify" at the identity layer — aligning with NIST SP 800-207 and NCSC Zero Trust guidance. Every session is treated as potentially hostile until behavioural proof is provided.
Even if an attacker has the correct username and password, their typing rhythm and mouse behaviour will deviate from the real user's baseline — triggering an automatic block.
ZeroTrust IAM uses only software-based behavioural signals captured in the browser. No fingerprint scanners. No facial recognition cameras. No friction for end users.
If you're already running Keycloak, ZeroTrust IAM deploys as a plugin. No rip-and-replace. No vendor lock-in. No re-architecting your identity infrastructure.
You don't need a catalogue of known attacks to train the model. The Isolation Forest learns normal behaviour per user and detects deviation automatically — from day one.
ZeroTrust IAM blocks anomalous sessions at the point of login, eliminating the prolonged dwell time that makes data breaches so expensive. Average breach identification drops from 194 days to milliseconds.
ZeroTrust IAM's continuous verification approach supports compliance with NIST SP 800-207, NCSC Zero Trust guidance, and identity-related requirements under frameworks like SOC 2, ISO 27001, and HIPAA.
ZeroTrust IAM is designed for enterprise organisations where identity security is business-critical.
Regulatory identity verification requirements & account takeover prevention
Protecting sensitive patient records under HIPAA & NHS frameworks
Where account takeover is a persistent and commercially damaging threat
Bodies operating under Zero-Trust mandates & sensitive data obligations
Large-scale Keycloak deployments requiring continuous identity verification
See ZeroTrust IAM's features in action with a live demo tailored to your organisation's security stack.