Cyber attacks are inevitable. IAM industries have traditionally put up MFA with multiple sources as a defense against credential stuffing while phishing remains undefeated. FIDO proposes a local authentication strategy to bring in a similar level of security without attracting any friction, unlike others. It eliminates a lot of vulnerabilities associated with passwords & human behavior but still a few remaining. In this session, we will discuss FIDO’s attack surface, especially from an enterprise outlook & ways to boost immunity with insider tune-ups and behavior profiling from connected systems.