Skip to main content

Use cases

🧪 Use Cases

GuardianKey Auth Security can be applied in various contexts to strengthen authentication, detect malicious access, and meet compliance requirements—all with low friction for users and without changing legacy system code.

Below are typical examples of how the solution can be applied.

🛡️ 1. Prevention of Brute Force and Credential Stuffing Attacks

Scenario:
Internet-exposed systems are subject to automated password guessing (brute force) or attacks using leaked credentials.

Solution with GuardianKey:

  • Detects IPs with automated or suspicious behavior
  • Gradually increases risk with each attempt
  • Blocks access based on risk policy
  • Reduces false positives by learning from legitimate user behavior

🧠 2. Access Outside User’s Normal Behavior Pattern

Scenario:
An employee who usually logs in from Brazil during business hours tries to log in at night, using a different browser and an anonymous IP.

Solution with GuardianKey:

  • High risk score due to multiple contextual deviations
  • System can notify the user and temporarily block access
  • If the user confirms the access was legitimate, the model learns from it

🔒 3. Security Enhancement for Legacy Systems Without MFA Support

Scenario:
Older systems without multi-factor authentication (2FA) support, such as PHP applications, ASP systems, or closed solutions.

Solution with GuardianKey:

  • Simple integration via SDK or REST API
  • No structural changes to the original system
  • Adds an adaptive behavioral risk layer without requiring a token

📬 4. Notifications and Audit Trail

Scenario:
Organizations need to notify users about suspicious access and maintain evidence for compliance (e.g., LGPD).

Solution with GuardianKey:

  • Email or webhook notifications for each suspicious event
  • Detailed logs with geolocation, ASN, OS, browser, and history
  • Secure, indexed event storage with filters in the dashboard

🏛️ 5. Integration with Public Systems and Critical Environments

Scenario:
Public agencies, universities, or financial institutions needing to protect sensitive portals.

Solution with GuardianKey:

  • Reduces risk of automated attacks without impacting end users
  • Supports administrative notifications and group-based policies
  • Extensions for Moodle, WordPress, RoundCube, Keycloak/RH-SSO, etc.

✅ 6. Regulatory Compliance

Scenario:
Organizations required to implement security measures in line with standards such as LGPD, ISO 27001, or ITGC.

Solution with GuardianKey:

  • Complete access logs with metadata
  • Risk and behavior visibility per user
  • Preventive actions and evidence for audits