CPC H04L 63/1466 (2013.01) [H04L 12/4641 (2013.01); H04L 63/1416 (2013.01)] | 15 Claims |
1. A system for rapid incidence response to prevent propagation of ransomware in an enterprise network, comprising:
an endpoint device of the enterprise network having an extended enterprise browser;
the extended enterprise browser configured to receive a ransomware threat level from an IT/control plane indicative of an enterprise ransomware risk level posture;
the extended enterprise browser selecting a certificate for user authentication with an identity provider based on the ransomware threat level, wherein the extended enterprise browser selects from a plurality of different certificates, stored in a secure store of the endpoint device with one certificate for each different level of ransomware risk over a range of ransomware risk levels;
wherein in an authentication process with the identity provider the certificate selected by the extended enterprise browser determines whether access to SaaS applications and private enterprise application of the enterprise will be allowed, denied, or limited by the identity provider.
|