This course shows students how to deploy, configure, and administer PingOne Protect. Through a combination of guided instruction and hands-on exercises, students work in a live environment to learn how to implement risk-based policies, integrate with PingOne DaVinci (DaVinci), and monitor threats using real-time dashboards. Students are provided with a functional PingOne Protect environment where they learn how to configure risk predictors and policies, orchestrate risk-based multi-factor authentication (MFA) experiences, and reduce MFA fatigue while maintaining strong security controls. The course also guides students through preventing Account Takeover (ATO) and New Account Fraud (NAF) by correlating risk signals, tuning policies, and applying best practices to optimize fraud detection and minimize false positives.

Target Audiences

The target audiences for this course include:

• Ping Identity Administrators
• Security Administrators
• System Architects
• System Developers
• Visual Data Analysts
• Data Scientists
• Business Analysts

Objectives

Upon completion of this course, you should be able to:

• Learn how to deploy PingOne Protect
• Analyze risk signals and adjust MFA requirements using DaVinci orchestration flows to balance security and user experience
• Identify complex fraud patterns and implement risk-based policies to proactively mitigate ATO and NAF across your environments

Prerequisites

The following are the prerequisites for successfully completing this course:

• Completion of the following courses available at: https://training.pingidentity.com/on-demand/category/PING
  • Introduction to PingOne Protect
  • Introduction to PingOne DaVinci
  • Introduction to PingOne MFA

Duration

3 days

Course Contents

Chapter 1: Deploying PingOne Protect

Learn how to deploy PingOne Protect.

Lesson 1: Introducing PingOne Protect

Describe the core features of PingOne Protect and how it fits within the PingOne Identity Platform (Identity Platform):

• Identify PingOne Protect
• Analyze scenarios
• Set up the Ping Identity environment

Lesson 2: Reviewing Architecture and Components

Get an overall understanding of how PingOne Protect integrates with DaVinci, define its core operational components (predictors and risk policies), and examine the architecture connecting these elements:

• Define risk predictors
• Administrate risk predictors
• Configure risk policies
• Create risk policies

Lesson 3: Integrating and Monitoring Threat Protection

Learn about the PingOne Protect connector and how to use the Threat Protection Dashboard:

• Integrate PingOne Protect with DaVinci
• Monitor risk with the Threat Protection Dashboard

Chapter 2: Optimizing MFA for Risk and Experience

Analyze risk signals and adjust MFA requirements using DaVinci orchestration flows to balance security and user experience.

Lesson 1: Understanding Risk-Based MFA

Learn how risk-based MFA differs from traditional static MFA and how to configure your environment to support MFA:

• Contrast traditional and risk-based MFA
• Configure the environment post-MFA setup

Lesson 2: Implementing MFA Scenarios

Configure MFA for PingOne Protect and execute DaVinci workflows to observe and troubleshoot different risk-based login scenarios:

• Initiate a new user account interaction
• Log in as a High-Risk user
• Log in as a Medium-Risk user
• Log in as a Low-Risk user

Lesson 3: Reducing MFA Fatigue

Learn about techniques and configurations that minimize unnecessary MFA prompts without compromising security:

• Understand MFA fatigue
• Mitigate MFA fatigue
• Test risk-based authentication flows

Chapter 3: Preventing Account Takeover and New Account Fraud

Identify complex fraud patterns and implement risk-based policies to proactively mitigate ATO and NAF across your environments.

Lesson 1: Understanding the Fraud Cycle

Analyze fraud stages, map indicators to risk signals, and configure the Protect Synthesizer (ProtectSynth) to implement ATO and NAF risk policies that disrupt fraudulent activity:

• Define the fraud cycle
• Disrupt the fraud cycle using PingOne Protect
• Illustrate fraud cycle scenarios
• Create ATO and NAF risk policies
• Install and configure ProtectSynth

Lesson 2: Configuring Risk Policies to Prevent ATO

Correlate PingOne Protect predictors with risk signals, simulate user events, and optimize risk policies to maximize detection accuracy while minimizing false positives and negatives:

• Correlate ATO risk patterns with predictors
• Deploy composite predictors to minimise false negatives
• Mitigate ATO risk using composite predictors

Lesson 3: Configuring Risk Policies to Prevent NAF

Configure and validate a NAF risk policy in PingOne Protect, by correlating risk predictors and detecting coordinated fraud patterns.:

• Correlate and detect NAF risk patterns
• Configure and validate the NAF risk policy

Lesson 4: Optimizing Risk Policies for ATO and NAF

Learn how to apply ATO and NAF prevention best practices and tune corresponding risk policies to optimize fraud detection effectively, while minimizing false positives and any operational impact:

• Describe best practices to prevent ATO and NAF
• Implement best practices to prevent ATO and NAF
• Tune the ATO risk policy
• Tune the NAF risk policy