Beyond Identity for the Workforce

Passwordless MFA
Starting at $4 / User / Month

Advanced FIDO Passwordless, Phishing-Resistant and Frictionless MFA

Zero Trust Authentication
Starting at $7 / User / Month

Extend FIDO MFA with Continuous Risk-Based Authentication

Featured Capabilities Passwordless MFA Zero Trust Authentication
Passwordless Authentication - FIDO Certified
Secure, passkey-based (public-private) key authentication.
check check
Phishing-Resistant MFA - FIDO Certified
Secure, frictionless, and always-on MFA that uses zero phishable factors. FIDO passkeys + biometrics with no second device required for secure authentication.
check check
SSO, PIM/PAM Integrations
Simplified deployment. Out of the box integration with all major single sign-on platforms (Microsoft, Okta, Ping, Forgerock, Google, AWS, CyberArk, and Shibboleth) and PIM/PAM solutions via standard identity protocols (OIDC, SAML, OAuth, and SCIM).
check check
Desktop Login
Secure, integrated passkey-based login to Windows 10 and WIndows 11 desktops. Pin and biometrics-based login to the Windows desktop backed by a TPM.
check check
Immutable Audit Logs
Complete record for simplified audits, proof of compliance, and incident investigations. Your data lake contains detailed authentication and continuous adaptive trust transaction records. Every log entry is digitally signed during to provide an immutable record of every activity.
check check
Device Trust - Robust Security Posture Checks
Ensure only authorized endpoints that comply with company policies are allowed access. Beyond Identity authenticator natively collects dozens of device security posture checks on both company issued and BYOD/contractor endpoints without requiring an MDM. Create additional administrator-defined checks for a complete evaluation of endpoints.
  check
User Behavior Checks
Ensure users are logging in from authorized locations and check for impossible travel with geolocation.
  check
Third Party Zero Trust Integrations
Enforce comprehensive zero trust policies by augmenting Beyond Identity’s native device and user behavior risk signals. Beyond Identity provides out-of-the-box integrations with MDM, EDR/XDR so that risk policy decisions are made with data collected in real-time.
  check
Zero Trust Policy Engine
A robust, easy to configure policy engine that assesses risk signals natively collected by Beyond Identity, plus signals from our zero trust alliance partners, to ensure complete zero-trust access to apps and network resources.
  check
Continuous Authentication
Continuous, post-authentication policy checks using fresh/real-time risk signals to ensure device security posture, user behavior, and third party risk signals remain within policy. Never trust, and continuously verify!
  check
Beyond Identity Features: Passwordless MFA Zero Trust Authentication
Passwordless, Phishing-Resistant MFA
Omnichannel Authentication
Download or deploy the Beyond Identity Authenticator on multiple devices. Users gain consistent, omnichannel, frictionless login experience, reduced lockouts, and no password resets. Available on Windows, Mac, Android, IOS/IpadOS, Unix.
check check
Frictionless Single-Device Authentication
Frictionless, always-on MFA. Combine device biometrics with cryptographic passkeys, all from a single device, for the fastest most streamlined authentication available. No need for users to locate a second device or a fob for secure logins.
check check
Shared Device/Kiosk Support
Login to web apps on shared devices or kiosks. User authentication via QR code and their mobile device.
check check
Desktop Login
Secure, integrated passkey-based login to Windows 10 and WIndows 11 desktops. Pin and biometric-based login to the Windows desktop backed by a TPM.
check check
End User Self Sign-up and Recovery
Manage My Devices
End users can add, suspend, remove devices. Admins can control these actions with policies.
check check
View My Authentication History
View authentication transactions and add/suspend/remove device history.
check check
Device Security Posture Checks
Natively Collected Device Risk Signals
Check dozens of device settings and security controls including: OS Version, firewall status, disk encryption status, jailbroken or rooted device, and more.
  check
Customized Checks
Build custom checks including the presence or absence of files, registry keys, and running processes for comprehensive security and compliance.
  check
Managed, Unmanaged, BYOD & Contractor Device Support
Device security posture checks work across company issued/managed devices or BYOD/contractor devices without the need for an MDM.
  check
Include MDM-based Device Risk Signals
Ability to include risk signals from third party MDM/EUM solutions (Jamf, Microsoft Intune, VMWare Workspace ONE).
  check
Beyond Identity Zero Trust Policy Engine Features
Policy Builder
Intuitive, policy builder UI to create custom policies based on your organization's risk tolerance and compliance requirements.
  check
Multiple Policy Actions
Allow, deny, allow with additional verification (operating system biometric check/step-up authentication).
  check
Policy Test Mode
Policy "monitor" mode enables administrator ability to test the effect of new or revised policies before enforcing allow or deny actions.
  check
Policy Version Control
Publish new policies and maintain a complete record of previously published policies.
  check
Complete Policy Execution Visibility
Complete visibility into how policies were evaluated and what specific actions were triggered for every authentication/continuous authentication transaction. Exceptionally easy to audit policy activities and troubleshoot issues.
  check
Continuous Risk-Policy Enforcement
Enforce policies at the time of authentication and continuously thereafter. Things change and our continuous assessment retrieves fresh, real-time signals to ensure you remain secure throughout the entire session.
  check
Session and Device Termination
Integrations with EDR and ZTNA systems enable you to quarantine a device or terminate a network session. Stop attackers in their tracks before they have time to move laterally in your network.
  check
Dashboarding and Analytics Features
Authentication and Device Overview
Dashboard displaying user authentication and device adds by geo, time, type of platform (OS).
check check
Daily Enrollment and Activity Summary
Deployment snapshot and activity trends for identities and passkeys.
check check
Advanced Analytics (Early Access Only)
Daily activity report, fleet composition report, risk analysis report.
  check
Support (25% addition to seat price)
Premium Support
Remote 24 x 7 x 365 support and deployment services.
check check
Additional Services ($2,500/day) 
Onsite Services
Onsite services are available at an additional cost of $2,500 per day plus reasonable travel & meal costs.
check check

Small Market Bundle

$10K / year
Includes deployment support and premium support.

Secure Developer Bundle

Zero Trust Authentication + Secure Dev Ops
$9 / user / month

Talk to sales