Capabilities / Domain
Security & Threat Protection
Protecting the customer, the system, and the brand from adversaries. This is distinct from authentication as a feature: encryption and key management, account-takeover and bot defense, threat intelligence, and the certifications that prove it. The blast radius of a CIAM breach is the entire customer base.
Core capabilities
- High-security data storage
- Encryption at rest, key management, and bring-your-own-key. Admin
- Encryption in transit
- TLS everywhere with modern ciphers. Admin
- Account takeover protection
- Detect and block credential stuffing, stolen credentials, and bots. Engage
- Bot & DoS protection
- Withstand denial-of-service and automated abuse. Admin
- SIEM integration
- Export normalized identity events to security analytics. Admin
- Compliance certifications
- Independently verified SOC 2, ISO 27001, and sector standards. Admin
- Password hardening
- Hashing, salting, denylists, and breach checks. Engage
What to ask a CIAM vendor
- How are credential stuffing, account takeover, and bot attacks detected and blocked?
- Does the platform support bring-your-own-key and export normalized events to your SIEM?
- Which independent certifications (SOC 2 Type 2, ISO 27001, sector-specific) are current?
See how platforms compare on these capabilities in the vendor directory, or browse the full capabilities taxonomy.