The Microsoft Incident Response Orchestrator powered by AI

Lock down your SOC remediation actions with strict two-factor authentication.

Q: What is the AAL2 assurance standard?

The AAL (Authenticator Assurance Level) is defined by NIST. AAL1 requires a simple proof (password), while AAL2 requires a second physical factor (TOTP or hardware key).

Q: Why require a TOTP code before isolating a machine?

Network isolation via Intune instantly cuts off a station's network. For this critical action, a double punctual factor guarantees the absolute legitimacy of the SOC analyst.

Q: What happens in demo mode (sandbox)?

The system generates a simulation QR code to allow you to test AAL2 elevation flows without linking to a production application.

The platform that orchestrates your security must not turn against you. Akuity SOC incorporates multi-factor verification (MFA/TOTP) requiring an AAL2 assurance level before any critical remediation action.

Démarrer mon essai de 14 jours Planifier la démonstration

Partenaire Pure Player Microsoft depuis 1990 • NIS 2 Conformité Cyber • Munich, Bavière (Allemagne)

Operational asymmetry

Why is the classic MFA of SOC tools a dead end?

Sans Akuity SOC

Avec Akuity SOC

Blind trust

Unlimited initial login: Once logged in, the analyst has absolute and constant privileges without further control.

AAL2 validation to token: Each remediation action requires an elevation of privileges validated by MFA.

Bypassable MFA

Obsolete methods(SMS or simple push) sensitive to SIM swapping or notification fatigue.

standardized TOTP: Cryptographic temporary codes via Microsoft or Google Authenticator.

API vulnerability

Direct unfiltered calls: An attacker bypassing the front-end can send direct instructions.

Strict Middleware Blocking: Physical rejection of any API request not having the AAL2 level.

Enhanced security

How Akuity SOC secures your operations

The AAL2 Level Requirement

Classic connection = AAL1 (insufficient). If a user attempts network isolation, themiddleware intercepts the calland requires TOTP validation to raise the token to AAL2.

Standardized TOTP Enrollment

Enrollment QR Code scan with standardTime-Based One-Time Password. Absolute compatibility with Microsoft Authenticator, Google Authenticator and Authy.

Traceability of MFA Events

All steps (activation, validation, deactivation) write to the SOC 2 audit logs immutably. AlertsMFA_ENABLEDare generated continuously.

Attack scenario

Attempted exploitation by session theft

The Initial Session Flight

AAL1 access

An attacker steals an analyst's password through Phishing and accesses the dashboard under the identity AAL1.

Intrusion blocked at source

Middleware Verification

The hacker tries to send a client password reset command. The middleware instantly validates the JWT.

Rejection of the order

Rejection & Alert

The session does not have the required AAL2 level. The attacker is redirected to the TOTP screen. The attack fails, your data remains waterproof.

Operations Resources

Dig deeper into SOC operational security

Security & MFA

AAL1 vs AAL2 Assurance Standard: A password is no longer enough in SOC

Protecting the access of your SOC team requires absolute security. Learn the difference between AAL1 and AAL2 (MFA) insurance standards.

Read article

Security & MFA

SOC security: Why choose TOTP over SMS (MFA)

Double authentication via SMS is vulnerable to SIM Swapping and Phishing. Find out why your SOC should use TOTP (AAL2) applications.

Read article

Security & MFA

Middleware and API Security: Block unauthenticated remediation

Securing the web interface (Frontend) of a SOAR is not enough. Learn how Akuity's Next.js Middleware blocks API requests without MFA AAL2 sessions.

Read article

FAQ

Frequently asked questions about the MFA AAL2

What is the AAL2 assurance standard?

Why require a TOTP code before isolating a machine?

What happens in demo mode (sandbox)?