Edge Guard
Protect your business at the edge of your customer identity stack
Next Identity Secure protects your customers, your service and your business at every layer of the customer identity stack. Edge Guard is a suite of modern security capabilities developed to offer protection at the gateway to your customer identity stack—before threat actors can reach customer data, or even impact service performance.
Web Application Firewall
All Next Identity traffic is protected by a global web application firewall (WAF) specifically tuned to detect and deflect threats to customer identities.
Rate Limiting
The Next Identity platform has a series of rate limiting controls in place to provide both throttling/burst capacity for events and protection across the landscape from noisy neighbors. The different rate limit configurations are outlined below.
| Rate Limit Type | Description |
|---|---|
| Global | The global API rate limit is set at the global level and accounts for the total requests that come through the platform for all tenants. |
| Organization | Organizations have specific identifiers that in turn have individual API rate limits. This represents the number of requests per minute that an organization can make. |
| Client | Each client id has a set of configurations and rules. The number of requests per minute is configured within the rule storage which is cached. Each request is checked against the rule set. If any of the rules are violated, such as a rate limit exceeded error, the API returns such a response. |
| IP Address | To prevent malicious behavior including DDoS attacks, Next Identity limits the number of requests that can originate from a single IP address. |
| Burst | Number of requests per 10 min |
| Login Attempts | Number of login attempts allowed during Login Attempts Threshold |
| Login Attempts Threshold | Time window for Login Attempts |
| Registration Attempts | Number of registration attempts per IP address per Register Attempts Threshold |
| Registration Attempts Threshold | Time window for Registration Attempts |
Security Ops
Next Reason's 24x7 team of operations engineers monitor signals, respond to performance and security alerts, and continuously tune your perimeter using realtime threat intelligence to inform automated and manual responses to detected customer identity threats.
Updated 2 months ago