RSA, the Security Division of EMC and Zscaler, a multi-tenant, globally-deployed infrastructure, have announced the development of a joint cloud-based solution to assert continuous trust in identities accessing any web application or cloud service.  

The solution is designed to help enable organizations to apply policy and control to identities even outside corporate networks, and simplify the challenge of managing user credentials associated with multiple cloud applications and web services.  The integration of risk-based authentication and identity federation from RSA's Cloud Trust Authority and RSA Adaptive Authentication solutions along with the inline web security capabilities of Zscaler's Cloud Security service would enable a ubiquitous service for continuous, risk-aware identification of users accessing the Internet.

The solution will include strong user authentication, identity federation, and dynamic risk assessment based on device identification, user behavioral profiling, and vulnerability detection.  The combined service being developed will be engineered to help organizations mitigate the risks of data theft, service abuse, and other threats that stem from insufficient authentication, stolen credentials or compromised user devices and accounts. By monitoring the behavior of authenticated users and environmental conditions, the developed service will create a dynamic risk profile that can be used by web applications to minimize the potential of access from compromised accounts, bots, and malware, while still ensuring a positive, simple user experience.