Abstract: A system and method for mitigating security vulnerabilities of a computer network by detecting a management status of an endpoint computing device attempting to authenticate to one or more computing resources accessible via the computer network includes: detecting an authentication attempt by the endpoint computing device to the computer network; during the authentication attempt, collecting management status indicia from the endpoint computing device, wherein the management status indicia comprise data used to determine a management status of the endpoint computing device; using the management status indicia to identify the management status of the endpoint computing device and identifying the management status of the endpoint computing device; and controlling access to the computer network based on (a) whether the authentication attempt by the endpoint computing device is successful and (b) the identified management status of the endpoint computing device.

Abstract: A system and method for mitigating security vulnerabilities of a computer network by detecting a management status of an endpoint computing device attempting to authenticate to one or more computing resources accessible via the computer network includes: detecting an authentication attempt by the endpoint computing device to the computer network; during the authentication attempt, collecting management status indicia from the endpoint computing device, wherein the management status indicia comprise data used to determine a management status of the endpoint computing device; using the management status indicia to identify the management status of the endpoint computing device and identifying the management status of the endpoint computing device; and controlling access to the computer network based on (a) whether the authentication attempt by the endpoint computing device is successful and (b) the identified management status of the endpoint computing device.

Abstract: According to an embodiment, a system comprises one or more processors and one or more computer-readable non-transitory storage media comprising instructions that, when executed by the one or more processors, cause one or more components of the system to perform operations. The operations comprise determining that an endpoint device has requested to discover a location of a protected resource that is protected by a gateway, determining whether the endpoint device has provided a token that is valid, and permitting the endpoint device to discover the location of the protected resource based on determining that the endpoint device has provided the token that is valid. The token indicates that the endpoint device successfully completed a first multi-factor authentication procedure in connection with accessing an authentication enforcement resource.

Abstract: A method of completing a transaction that requires authorization by an authority agent includes registering an authority device as associated with the authority agent, receiving a transaction request from a service provider; pushing an authentication notification to the authenticating application of the authority device; displaying the authentication notification, including a prompt to supply agent verification data, on the authority device; collecting and verifying the agent verification data; in response to verification of the agent verification data, transmitting an authority agent response from the authority device to the authentication platform, and, at the authentication platform, authenticating the authority agent response; and in response to authenticating the authority agent response, transmitting a transaction confirmation from the authentication platform to the service provider.

Abstract: A system and method for mitigating security vulnerabilities of a computer network by detecting a management status of an endpoint computing device attempting to authenticate to one or more computing resources accessible via the computer network includes: detecting an authentication attempt by the endpoint computing device to the computer network; during the authentication attempt, collecting management status indicia from the endpoint computing device, wherein the management status indicia comprise data used to determine a management status of the endpoint computing device; using the management status indicia to identify the management status of the endpoint computing device and identifying the management status of the endpoint computing device; and controlling access to the computer network based on (a) whether the authentication attempt by the endpoint computing device is successful and (b) the identified management status of the endpoint computing device.

Abstract: A system and method for mitigating security vulnerabilities of a computer network by detecting a management status of an endpoint computing device attempting to authenticate to one or more computing resources accessible via the computer network includes: detecting an authentication attempt by the endpoint computing device to the computer network; during the authentication attempt, collecting management status indicia from the endpoint computing device, wherein the management status indicia comprise data used to determine a management status of the endpoint computing device; using the management status indicia to identify the management status of the endpoint computing device and identifying the management status of the endpoint computing device; and controlling access to the computer network based on (a) whether the authentication attempt by the endpoint computing device is successful and (b) the identified management status of the endpoint computing device.

Abstract: Systems and methods for securing web-based services of a subscriber include: identifying an access attempt by an agentless endpoint device to access web-based services of a subscriber; transmitting by the remote security service a security prompt to a third-party web browser operating on the agentless endpoint device; activating at the agentless endpoint device a non-agent security application hosted locally on the agentless endpoint device in response to the security prompt; obtaining by the non-agent security application device health data relating to one or more attributes of the agentless endpoint device; computing by the remote computer security service a health state of the agentless endpoint device based on the assessment of the device health data; and enforcing an access policy of the subscriber by denying or enabling access to the web-based services of the subscriber by the agentless endpoint device based on the computed health state.

Abstract: A method of completing a transaction that requires authorization by an authority agent includes registering an authority device as associated with the authority agent, receiving a transaction request from a service provider; pushing an authentication notification to the authenticating application of the authority device; displaying the authentication notification, including a prompt to supply agent verification data, on the authority device; collecting and verifying the agent verification data; in response to verification of the agent verification data, transmitting an authority agent response from the authority device to the authentication platform, and, at the authentication platform, authenticating the authority agent response; and in response to authenticating the authority agent response, transmitting a transaction confirmation from the authentication platform to the service provider.

Abstract: A method of completing a transaction that requires authorization by an authority agent includes registering an authority device as associated with the authority agent, receiving a transaction request from a service provider; pushing an authentication notification to the authenticating application of the authority device; displaying the authentication notification, including a prompt to supply agent verification data, on the authority device; collecting and verifying the agent verification data; in response to verification of the agent verification data, transmitting an authority agent response from the authority device to the authentication platform, and, at the authentication platform, authenticating the authority agent response; and in response to authenticating the authority agent response, transmitting a transaction confirmation from the authentication platform to the service provider.

Abstract: A system and method for mitigating security vulnerabilities of a computer network by detecting a management status of an endpoint computing device attempting to authenticate to one or more computing resources accessible via the computer network includes: detecting an authentication attempt by the endpoint computing device to the computer network; during the authentication attempt, collecting management status indicia from the endpoint computing device, wherein the management status indicia comprise data used to determine a management status of the endpoint computing device; using the management status indicia to identify the management status of the endpoint computing device and identifying the management status of the endpoint computing device; and controlling access to the computer network based on (a) whether the authentication attempt by the endpoint computing device is successful and (b) the identified management status of the endpoint computing device.

Abstract: Systems and methods for securing web-based services of a subscriber include: identifying an access attempt by an agentless endpoint device to access web-based services of a subscriber; transmitting by the remote security service a security prompt to a third-party web browser operating on the agentless endpoint device; activating at the agentless endpoint device a non-agent security application hosted locally on the agentless endpoint device in response to the security prompt; obtaining by the non-agent security application device health data relating to one or more attributes of the agentless endpoint device; computing by the remote computer security service a health state of the agentless endpoint device based on the assessment of the device health data; and enforcing an access policy of the subscriber by denying or enabling access to the web-based services of the subscriber by the agentless endpoint device based on the computed health state.

Abstract: A system and method for mitigating security vulnerabilities of a computer network by detecting a management status of an endpoint computing device attempting to authenticate to one or more computing resources accessible via the computer network includes: detecting an authentication attempt by the endpoint computing device to the computer network; during the authentication attempt, collecting management status indicia from the endpoint computing device, wherein the management status indicia comprise data used to determine a management status of the endpoint computing device; using the management status indicia to identify the management status of the endpoint computing device and identifying the management status of the endpoint computing device; and controlling access to the computer network based on (a) whether the authentication attempt by the endpoint computing device is successful and (b) the identified management status of the endpoint computing device.

Abstract: A method of completing a transaction that requires authorization by an authority agent includes registering an authority device as associated with the authority agent, receiving a transaction request from a service provider; pushing an authentication notification to the authenticating application of the authority device; displaying the authentication notification, including a prompt to supply agent verification data, on the authority device; collecting and verifying the agent verification data; in response to verification of the agent verification data, transmitting an authority agent response from the authority device to the authentication platform, and, at the authentication platform, authenticating the authority agent response; and in response to authenticating the authority agent response, transmitting a transaction confirmation from the authentication platform to the service provider.

Abstract: A method of completing a transaction that requires authorization by an authority agent includes registering an authority device as associated with the authority agent, receiving a transaction request from a service provider; pushing an authentication notification to the authenticating application of the authority device; displaying the authentication notification, including a prompt to supply agent verification data, on the authority device; collecting and verifying the agent verification data; in response to verification of the agent verification data, transmitting an authority agent response from the authority device to the authentication platform, and, at the authentication platform, authenticating the authority agent response; and in response to authenticating the authority agent response, transmitting a transaction confirmation from the authentication platform to the service provider.

Abstract: A system and method for mitigating security vulnerabilities of a computer network by detecting a management status of an endpoint computing device attempting to authenticate to one or more computing resources accessible via the computer network includes: detecting an authentication attempt by the endpoint computing device to the computer network; during the authentication attempt, collecting management status indicia from the endpoint computing device, wherein the management status indicia comprise data used to determine a management status of the endpoint computing device; using the management status indicia to identify the management status of the endpoint computing device and identifying the management status of the endpoint computing device; and controlling access to the computer network based on (a) whether the authentication attempt by the endpoint computing device is successful and (b) the identified management status of the endpoint computing device.

Abstract: A system and method for mitigating security vulnerabilities of a computer network by detecting a management status of an endpoint computing device attempting to authenticate to one or more computing resources accessible via the computer network includes: detecting an authentication attempt by the endpoint computing device to the computer network; during the authentication attempt, collecting management status indicia from the endpoint computing device, wherein the management status indicia comprise data used to determine a management status of the endpoint computing device; using the management status indicia to identify the management status of the endpoint computing device and identifying the management status of the endpoint computing device; and controlling access to the computer network based on (a) whether the authentication attempt by the endpoint computing device is successful and (b) the identified management status of the endpoint computing device.

Abstract: A system and method for mitigating security vulnerabilities of a computer network by detecting a management status of an endpoint computing device attempting to authenticate to one or more computing resources accessible via the computer network includes: detecting an authentication attempt by the endpoint computing device to the computer network; during the authentication attempt, collecting management status indicia from the endpoint computing device, wherein the management status indicia comprise data used to determine a management status of the endpoint computing device; using the management status indicia to identify the management status of the endpoint computing device and identifying the management status of the endpoint computing device; and controlling access to the computer network based on (a) whether the authentication attempt by the endpoint computing device is successful and (b) the identified management status of the endpoint computing device.

Abstract: A method of completing a transaction that requires authorization by an authority agent includes registering an authority device as associated with the authority agent, receiving a transaction request from a service provider; pushing an authentication notification to the authenticating application of the authority device; displaying the authentication notification, including a prompt to supply agent verification data, on the authority device; collecting and verifying the agent verification data; in response to verification of the agent verification data, transmitting an authority agent response from the authority device to the authentication platform, and, at the authentication platform, authenticating the authority agent response; and in response to authenticating the authority agent response, transmitting a transaction confirmation from the authentication platform to the service provider.

Abstract: A method of completing a transaction that requires authorization by an authority agent includes registering an authority device as associated with the authority agent, receiving a transaction request from a service provider; pushing an authentication notification to the authenticating application of the authority device; displaying the authentication notification, including a prompt to supply agent verification data, on the authority device; collecting and verifying the agent verification data; in response to verification of the agent verification data, transmitting an authority agent response from the authority device to the authentication platform, and, at the authentication platform, authenticating the authority agent response; and in response to authenticating the authority agent response, transmitting a transaction confirmation from the authentication platform to the service provider.

Abstract: A method of completing a transaction that requires authorization by an authority agent includes registering an authority device as associated with the authority agent, receiving a transaction request from a service provider; pushing an authentication notification to the authenticating application of the authority device; displaying the authentication notification, including a prompt to supply agent verification data, on the authority device; collecting and verifying the agent verification data; in response to verification of the agent verification data, transmitting an authority agent response from the authority device to the authentication platform, and, at the authentication platform, authenticating the authority agent response; and in response to authenticating the authority agent response, transmitting a transaction confirmation from the authentication platform to the service provider.