Humifortis

The Missing Link Between
Detection and Enforcement.

Stop relying on slow SIEMs and siloed Auth providers. Humifortis is the universal, real-time risk middleware that protects your Users, API Keys, and Devices instantly.

Try Now View Architecture Download
GET /risk/u-83bd9f 
{
  "entity_id": "u-83bd9f",
  "entity_type": "user",
  "risk_score": 72,
  "risk_level": "HIGH",
  "confidence": 0.83,
  "last_update": "2025-12-13T09:45:00Z",
  "expires_at": "2025-12-13T10:15:00Z",
  "contributing_factors": [
    "impossible_travel",
    "failed_login_attempts",
    "admin_endpoint_access"
  ]
}

Watch Our Presentation

Learn more about Humifortis and how it transforms security infrastructure

Humifortis Presentation

Click to watch on YouTube

Note: This video may require authentication or may not be publicly embeddable. Click above to view on YouTube.

Experience Real-Time Risk Scoring

Watch how incremental events update risk scores in milliseconds.

This is live. It updates in real time. It shows how risk changes over time.

Loading component...

For hands-on experimentation with custom attack scenarios, visit our interactive try now.

  • Risk score = how risky things look right now
  • + number = risk goes up
  • − number = risk goes down

Why Choose Humifortis?

Real-time protection without the complexity

⚡ Millisecond Response

Query risk scores in under 10ms. No batch processing delays.

🔗 Universal Integration

Works with any system via REST API. No vendor lock-in.

🛡ī¸ Privacy-First

Minimal data retention. No logs, no PII, no compliance headaches.

📈 Transparent Scoring

Auditable algorithms. Configure rules, understand results.

Why Security is Broken

Your infrastructure is fragmented. Your risk context shouldn't be.

đŸĸ Too Slow

SIEMs and Data Lakes work in batches. By the time they detect a threat, the data is already exfiltrated. We operate in milliseconds.

🔒 Siloed Context

Okta doesn't talk to your WAF. Your API Gateway doesn't know about User behavior. Humifortis connects them all.

đŸ“Ļ Black Boxes

Proprietary "Adaptive Auth" is expensive and opaque. Humifortis is transparent, configurable, and vendor-agnostic.

The "Boring" Architecture
That Saves You.

We don't sell AI magic. We sell robust engineering.

  • Incremental Calculation: O(1) complexity. No heavy queries.
  • Temporal Decay: Risk rots over time. A failed login 3 days ago matters less than one 5 minutes ago.
  • Universal Interface: A simple JSON API consumable by Cloudflare, Nginx, Kong, or your Backend.
Humifortis Architecture Diagram

Built on Honest Principles

No False Promises

We don't claim to stop all attacks. We provide a tool to make better decisions in real-time.

Transparent by Design

Every risk calculation is auditable. No black-box ML. You configure the rules, you understand the output.

Built to Last

Boring technology that works. Redis, simple math, standard protocols. No hype, just engineering.

Designed to Integrate With Your Stack

Standard REST API. Works with any system that can make HTTP calls.

🌐 Edge Protection

Query risk score before routing requests (Cloudflare Workers, Nginx).

🔐 Adaptive Authentication

Trigger MFA or block login based on user risk (Keycloak, Auth0).

⚡ API Rate Limiting

Dynamically adjust limits per API key risk level (Kong, custom gateways).

FAQ — Critical Design Questions

Technical answers to questions that determine credibility, safety, and adoption.

What problem does Humifortis actually solve?

+

Humifortis provides an incremental, reusable risk state that bridges the gap between detection systems (WAF logs, auth events, SIEM alerts) and enforcement points (API gateways, authentication providers). It does not replace detection or analytics — it maintains a real-time risk context that your existing tools can query and act upon in milliseconds, eliminating the fragmentation and latency inherent in batch-processing architectures.

Does Humifortis store logs, events, or personal data?

+

No. Humifortis operates on minimal persistence by design. It stores only aggregate risk scores and metadata (entity ID, timestamp, contributing signal types) — not raw logs or event payloads. All data is ephemeral with configurable TTLs (typically 15-30 minutes). No PII is retained. The architecture follows privacy-by-design principles: the less we store, the less can leak.

How is the risk score calculated and updated?

+

Risk calculation is incremental and O(1). Each incoming event applies a weighted delta to the current score based on a configurable signal table (e.g., +15 for failed login, +30 for impossible travel). Scores decay exponentially over time using a temporal function — recent events weigh more heavily than old ones. No heavy aggregations or database scans. Updates complete in under 10ms. The algorithm is transparent, deterministic, and auditable.

How does Humifortis integrate with existing tools like Cloudflare or Keycloak?

+

Humifortis exports a risk signal via a simple REST API (GET /risk/{entity_id}). It does not enforce policies or make blocking decisions — that remains your infrastructure's job. Cloudflare Workers query the API before routing. Keycloak plugins check risk before issuing tokens. Kong middleware adjusts rate limits dynamically. Integration is deliberate: ~10 lines of code, ~10 minutes to deploy. We provide SDKs and reference implementations for common platforms.

What happens if Humifortis is unavailable or removed?

+

The system is designed to fail open / fail safe. Humifortis operates in the observability path, not the critical path. If the service is unreachable, integrations fall back to default behavior (no blocking, standard rate limits, normal auth flow). You retain full control of fallback logic in your enforcement layer. Removing Humifortis requires no schema migrations or data cleanup — simply stop querying the API. Your infrastructure continues operating unchanged.