Mideye Shield

Block automated attacks before they reach your authentication system.

Risk-based scoring that stops credential stuffing, password spray, and brute force attacks. Collective intelligence from every deployment.

Contact Sales

The challenge

Block lists go stale

Attackers rotate through IPs faster than any feed can update

Manual rules don't scale

Managing block lists and firewall rules manually takes time and leads to mistakes

Attack data stays local

What you learn from an attack doesn't help anyone else — and vice versa

Shield's approach

Collaborative

Attack data from all Shield deployments feeds into a shared threat intelligence network. An IP flagged at one customer raises the score for everyone.

Adaptive

Scores adjust based on observed behaviour. Recent activity weighs more than old activity. The system learns from what's happening now, not last week.

Curated

No block lists to maintain. No rules to configure. Shield returns a risk score (0-100) on every request. Your system decides what to do with it.

Technical specifications

Collaborative IP-centric threat intelligence for authentication systems

Classification MITRE ATT&CK aligned
Scoring Cohort-relative with exponential decay
Output Risk score 0-100

The network effect

When one customer is attacked, everyone learns. Instantly.

Mideye Shield network effect - showing how threat intelligence is shared across all connected Mideye servers to protect customers

Day-one protection

Shield launches with a warm intelligence engine, drawing from aggregated, anonymized production data across multiple Nordic enterprises. No cold start. Immediate protection against real-world threats.

Integration

REST API

Query the fraud score for any IP with a simple HTTP call. Ingest authentication events to feed the network. Works with any language or platform.

GET /api/v2/ips/{ip_address}
POST /api/v2/ips/events
View API documentation →

RADIUS Backend

Integrates directly as a RADIUS backend module. No changes to existing authentication infrastructure. Inline protection for VPN, Wi-Fi, and network access.

RADIUS → Shield → Allow / Challenge / Block

Both options feed data back to the shared threat intelligence network.

Why authentication-specific?

Shield focuses on authentication and access flows — credential stuffing, password spray, brute force. Different tools serve different purposes.

"I have a WAF"

WAFs protect web traffic. Shield protects authentication flows specifically, detecting patterns in login attempts that WAFs aren't designed to catch.

"I use IP reputation lists"

IP reputation flags known bad actors. Shield detects novel attacks and shares intelligence in real-time, including attacks from previously unknown IPs.

"I have MFA"

MFA prevents successful account takeover but doesn't stop credential stuffing attempts. Shield blocks the attempts before they reach your authentication system.

"We don't see many attacks"

You might not know. Most authentication attacks are silent. Shield gives visibility into what's actually hitting your login endpoints.

Collaborative. Adaptive. Curated.

Supports threat intelligence sharing practices aligned with DORA Article 45 and NIS2 requirements.

Contact Sales