February 15, 2026

Five-vector confidence scoring: how Verdikta evaluates every request

A single risk score is only useful if you can explain what produced it. Verdikta evaluates five distinct vectors—device, behavioral, geo, session, and anomaly—producing a composite confidence score with full explainability.

Traditional identity stacks often treat authentication as a gate you pass once. In practice, sessions drift: devices change networks, credentials leak, and attackers move laterally long after the first sign-in. Identity Armour treats every request as an opportunity to re-score risk and enforce the right outcome.

The Verdikta Confidence Engine evaluates five distinct vectors: device posture (OS version, patch level, encryption, endpoint health), behavioral analytics (access patterns, resource usage, session duration), geo-risk (VPN/Tor detection, impossible travel, anomalous locations), session integrity (token validity, hijacking detection), and anomaly detection (adaptive baseline deviations). Each vector produces an independent score, and per-tenant weight profiles determine how they combine into the composite confidence score.

This multi-vector approach means that a single compromised signal—like a stolen session token—does not automatically grant full access. The behavioral and anomaly vectors will flag the session even if the token itself is valid, because the attacker's behavior does not match the identity's learned baseline.

For operators, every score comes with explainable factors: which vectors contributed, what the baseline expected, and what was observed. This transparency turns risk scores from opaque numbers into actionable intelligence.

← All posts