Give your team the tools to stay vigilant about device security. XFA lets you send automated reminders and verification requests as needed. You can now:

1. Configure verification email reminders: When a user's device is discovered and not yet verified, they will receive an email with detailed information about the device, along with a request to verify their device.
2. Configure risk email reminders: When a user's device is found to be at risk according to the set policy, they will receive an email with details about the risks identified, as well as instructions on how to resolve the issues.

Get started in the XFA Dashboard and edit your awareness settings.

You can create and manage device security policies to enforce specific security rules for your organization’s devices.

You have the flexibility to customize these rules and add Enforcement integrations to ensure that devices comply with your organization’s security standards.

Get started in the XFA Dashboard and create your own policy.

You can now automatically approve the first device a user trusts in our Silent MFA flow. This will guarantee a seamless onboarding experience of new users.

Learn more about Silent MFA.

You can now link your Google Workspace or Microsoft Entra ID account to XFA to discover all your devices and ensure compliance. XFA reads authentication logs and derives the devices used by each user from these logs. This will lead to a full overview of all discovered devices without verified information.

Get started in the XFA Dashboard under Discovery.

You can export your devices to Vanta to provide device security proof automatically for your compliance needs.

Get started in the Vanta Dashboard under Integrations.

When using XFA as an extra factor to your identity provider, you don't use the security of a second factor.

Our new MFA feature can be easily enabled on an integrations through the XFA dashboard. Once it is enabled users will be asked to trust their device, a first device needs to be confirmed through an email link, a next device needs to be confirmed by an already enrolled device. Once devices are trusted, the user will not be asked for a second factor anymore, but the device will inherently act as a second factor.

XFA can be used as a factor through the BYO MFA functionality in OneLogin. This allows XFA to be seamlessly added to any application from within the OneLogin admin dashboard, given that it uses OneLogin as the identity provider.

When a user authenticates with OneLogin, as an additional factor after supplying a username & password, the user is redirected to XFA to verify that the device is compliant with the device security policy before authenticating the user. This assures that only devices that comply with the security policy are allowed access.

XFA can be used as a factor through the External Authentication Methods functionality in Microsoft EntraID. This allows XFA to be seamlessly added to any application from within the Microsoft EntraID admin dashboard, given that it uses EntraID as the identity provider.

When a user authenticates with EntraID, as an additional factor after supplying a username & password, the user is redirected to XFA to verify that the device is compliant with the device security policy before authenticating the user. This assures that only devices that comply with the security policy are allowed access.

When creating an account on the XFA dashboard, you can now use social login to sign up with your Microsoft, Google, or Apple account.

It's now possible to exclude a specific device type (mobile or desktop devices) from device verification. You can find this setting in the application policy.

This might be useful when you want to slowly onboard your devices or want to add XFA for a limited usecase to cover a blind spot.