ManageEngine Strengthens Its Identity-First Security Offerings With Passwordless, Phishing-Resistant Authentication

  • ManageEngine combats ransomware attacks and identity theft with its latest launch of FIDO2 authentication in its on-premises identity security solution
  • The company also strengthens and protects network endpoints against unauthorized system actions by launching endpoint MFA in its cloud-native identity platform
  • Try FIDO2 authentication and endpoint MFA for free at and, respectively

AUSTIN, Texas--()--ManageEngine, a division of Zoho Corp. and a leading provider of enterprise IT management solutions, today cements its stance in identity-first security with the launch of passwordless, phishing-resistant FIDO2 authentication for enterprise applications in ADSelfService Plus, its on-premises identity security solution, and the launch of endpoint MFA for Windows machines and elevated system actions in Identity360, its cloud-native identity management platform.

Identity-First Security: A Significant Stride Towards Zero Trust

Attackers are ever striving to breach authentication mechanisms by stealing and misusing identities, predominantly via phishing attacks. Egress' 2024 Email Security Risk Report states that 79% of account takeover (ATO) attacks start with phishing. Unlike other cyberthreats, phishing directly targets unsuspecting end users who often become victims of the attack. Deploying phishing-resistant authentication barricades such attacks, propelling organizations towards an enhanced Zero Trust security environment.

"As the digital infrastructure of enterprises is expanding due to widespread adoption of cloud services and remote work, network attack surfaces are also correspondingly increasing. Security teams, knowing that this exponentially growing security perimeter cannot be protected effectively anymore with legacy network-based security controls, are shifting their focus to identity-first security, positioning identity as the primary control plane for cybersecurity. With identity as the new security perimeter, the effort to safeguard the entire network is now translated into carefully authenticating every identity requesting entry into the network," said Manikandan Thangaraj, vice president of ManageEngine.

Strong identity management is fundamental in achieving identity-first security, requiring a tactical reallocation of investments in identity and access management (IAM) strategies. "Identity-first security helps enterprises establish enhanced trust and control over their network. ManageEngine aims to fill the gaps of the legacy network-based security approach and, more importantly, help organizations align with the principles of Zero Trust through its solutions," Thangaraj said.

ManageEngine Attains New Milestones in Identity-First Security

Enterprises with a decentralized digital architecture must ensure that identity-first security measures are deployed throughout the entire distributed network, i.e., access to all the endpoints in the network must be protected with MFA. ManageEngine Identity360's MFA for endpoints secures end users' machines, servers, workstations and critical system actions performed using privileged user accounts.

Identity-first security does not end with securing all endpoints with MFA. It is vital to employ high-assurance MFA methods that are capable of resisting evolving cyberthreats. ManageEngine ADSelfService Plus' FIDO2 authentication boosts identity security by resisting phishing and replay attacks, while improving users' authentication experiences with passwordless methods. "FIDO2 authentication helps companies strengthen their grip on identity-first security. It is a secure, user-friendly and cost-effective authentication mechanism helping organizations resist phishing attacks and achieve regulatory compliance," Thangaraj said.

Alongside authentication, access provisioning is also important in ensuring that an organization's workforce has seamless access to necessary resources. ManageEngine, with its recent launch of just-in-time (JIT) user provisioning in ADSelfService Plus, automates user account creation across various enterprise applications, reducing the burdens of IT administrators and providing prompt, hassle-free access for end users.

ManageEngine's Identity-First Security Facilitates Regulatory Compliance

Implementing ManageEngine's phishing-resistant FIDO2 authentication and securing endpoints in the network with recognized MFA techniques make organizations compliant with regulatory standards such as the GDPR, the NIST Cybersecurity Framework, the PCI DSS, the CCPA and the PSD2. In addition to meeting regulatory requirements, the adoption of identity-first security enhances organizations' chances of securing cyber insurance in a fiercely competitive market.

About ManageEngine ADSelfService Plus

ADSelfService Plus is an identity security solution to ensure secure and seamless access to enterprise resources and establish a Zero Trust environment. With capabilities such as adaptive multi-factor authentication, single sign-on, self-service password management, a password policy enhancer, remote work enablement and workforce self-service, ADSelfService Plus provides your employees with secure, simple access to the resources they need. ADSelfService Plus helps keep identity-based threats out, fast-tracks application onboarding, improves password security, reduces help desk tickets and empowers remote workforces. For more information about ADSelfService Plus, visit

About ManageEngine Identity360

ManageEngine Identity360 is an identity platform that helps enterprises address workforce IAM challenges. Its powerful capabilities include a built-in Universal Directory, identity orchestration, SSO, MFA, role-based access control, access insights and more. It empowers admins to manage identities across directories and their access to enterprise applications from a secure, centralized console. With Identity360, not only can enterprises scale their businesses effortlessly, but they can also ensure compliance and identity-first security. For more information, please visit

About ManageEngine

ManageEngine is a division of Zoho Corporation that offers comprehensive on-premises and cloud-native IT and security operations management solutions for global organizations and managed service providers. Established and emerging enterprises—including nine of every 10 Fortune 100 organizations—rely on ManageEngine's real-time IT management tools to ensure the optimal performance of their IT infrastructure, including networks, servers, applications, endpoints and more. ManageEngine has 18 data centers, 20 offices and 200+ channel partners worldwide to help organizations tightly align their business to IT. For more information, please visit the company site, follow the company blog and get connected on LinkedIn, Facebook, Instagram and X (formerly Twitter).


Media Contact
Ahana Vissa

Release Summary

ManageEngine cements its stance in identity-first security with the launch of FIDO2 in ADSelfService Plus and endpoint MFA in Identity360.


Media Contact
Ahana Vissa