Insecure traffic

Forward Secrecy (FS) is used within TLS connections, ensuring that even if encryption keys are compromised in the future, past communications remain secure and cannot be decrypted retrospectively.

API communications are secured with OAuth 2.0 and OpenID Connect (OIDC) protocols. Using short-duration, encrypted tokens for API access, rather than static credentials ensures inbound and outbound API traffic is authenticated and secure. For more information refer to OpenID Connect/OAuth 2 APIs and OpenID Connect/OAuth 2.

Web Application Firewalls (WAF) are used to protect PingOne infrastructure by filtering and blocking unauthorized inbound traffic.

Intrusion Detection and Prevention Systems (IDPS) are used to monitor both inbound and outbound traffic for unusual or suspicious activity. The IDPS detects and blocks threats, such as unauthorized access attempts, malicious traffic patterns, or attempts to exfiltrate data.

Ensure clients connecting to PingOne are using TLS 1.3 (in preference to TLS 1.2). For more information refer to TLS and cipher suite requirements.

Use the Webhooks feature in PingOne to forward activity logs to your own Security Information and Event Management (SIEM) solution. This will provide greater flexibility, and more options when establishing your own system of monitoring and alerting for anomalous or malicious behavior. For more information refer to Subscriptions (webhooks).

Integrate a Web Application Firewall (WAF) to protect against malicious inbound traffic to your applications, such as injection attacks or bots attempting to compromise the system. WAFs inspect traffic and block requests that match known attack patterns, ensuring that only legitimate traffic is allowed through.

Implement an Intrusion Detection and Prevention Systems (IDPS) to monitor traffic to your applications for unusual patterns that may indicate an ongoing attack or data exfiltration attempt.