惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
MyScale Blog
MyScale Blog
Jina AI
Jina AI
爱范儿
爱范儿
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
I
Intezer
The Cloudflare Blog
T
Threat Research - Cisco Blogs
G
Google Developers Blog
Stack Overflow Blog
Stack Overflow Blog
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
D
Docker
AI
AI
Scott Helme
Scott Helme
Attack and Defense Labs
Attack and Defense Labs
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
L
LangChain Blog
Recent Announcements
Recent Announcements
Security Latest
Security Latest
Hugging Face - Blog
Hugging Face - Blog
W
WeLiveSecurity
Last Week in AI
Last Week in AI
Security Archives - TechRepublic
Security Archives - TechRepublic
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
P
Proofpoint News Feed
S
Securelist
S
Security Affairs
Project Zero
Project Zero
博客园 - 叶小钗
Google DeepMind News
Google DeepMind News
T
Tor Project blog
A
About on SuperTechFans
V2EX - 技术
V2EX - 技术
宝玉的分享
宝玉的分享
T
Tenable Blog
博客园 - 聂微东
人人都是产品经理
人人都是产品经理
Simon Willison's Weblog
Simon Willison's Weblog
Forbes - Security
Forbes - Security
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
V
V2EX
AWS News Blog
AWS News Blog
The GitHub Blog
The GitHub Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
P
Privacy & Cybersecurity Law Blog
阮一峰的网络日志
阮一峰的网络日志
I
InfoQ
C
CXSECURITY Database RSS Feed - CXSecurity.com
H
Hacker News: Front Page
美团技术团队

The Duo Blog

Identity orchestration & cloud-native IAM: Time to rethink | Cisco Duo Active Directory security: how to stop modern threats | Cisco Duo Duo + PlainID: Dynamic Authorization Meets Enterprise Identity | Cisco Duo Salesforce The modern MFA toolkit: push, biometrics, and security keys | Cisco Duo Cisco Duo Identity Summit Preview | Cisco Duo Duo Brings Identity and Authorization Across AI Agent Gateways | Cisco Duo Passwordless for Microsoft 365 starts with federation Custom Admin Roles: Granular control for every Duo admin Token theft, vendor abuse, and the new identity threat surface How Duo Directory automates user lifecycle management Cisco Systems Named a Customers’ Choice in Gartner Peer Insights™ 2026 Voice of the Customer for Access Management Identity provider resilience: backup and split IdP approaches | Cisco Duo Agentic AI Security: Three Threats Your Team Should Know | Cisco Duo Secure client access at scale with Duo and Meraki | Cisco Duo IdP Concentration Risk: Why Single-IdP Dependency Puts You at Risk | Cisco Duo Endpoint Management as an Attack Vector: Lessons from Stryker | Cisco Duo Passwordless authentication without cookies: Duo Push updates Introducing Duo Agentic Identity Solving the double prompt: Better UX with AMR in Duo SSO Simplify compliance with MFA, device trust, and policies Cisco Systems Named a Customers’ Choice in Gartner® Peer Insights™ 2026 Voice of the Customer for User Authentication Why identity-led security matters for MSPs right now The Hitchhiker’s Guide to Shibboleth Launching Active Directory Defense: Strengthen On-Prem AD Security | Duo Security Industry specific IAM for MSPs Duo delivers: 99.99% uptime SLA for every customer Cisco Secures 125K user identities with Duo while advancing passwordless journey NIST AAL2/3 compliance with Duo Mobile Proximity Verification From protocol to practice: Secure the AI agent ecosystem with Duo How to secure the holidays & prep your 2026 IAM strategy Simplify MSP technician authentication with Duo Delegated Access Standing out in a crowded MSP market Securing for third-party risk with Duo for identity management Thwarting adversary-in-the-middle attacks with Proximity Verification OAuth 2.0's next chapter: Enabling the AI security revolution The dawn of a simpler, helpful policy experience
Continuous identity security explained | Cisco Duo
Anshul Kaushik · 2026-07-05 · via The Duo Blog

Product & Engineering

Continuous identity security: secure every account and session

Headshot of Anshul Kaushik

6 minute read

Why securing enterprise identity is harder today

Enterprise identity has changed a lot over the last few years.

Users are no longer sitting behind a single network perimeter, accessing a small set of applications from managed devices. Today, they work from anywhere. Applications sit across SaaS, private data centers, cloud platforms, and partner environments. Devices can be managed, unmanaged, personal, mobile, or sometimes simply unknown.

And then there are the identities.

Human and non-human identities (NHIs), such as service accounts, SaaS accounts, cloud identities, legacy accounts, and now even AI-driven workflows are adding to the mix. Identity sprawl has become one of the biggest challenges security teams are trying to solve.

Attackers have noticed this shift too. They are not always trying to force their way in through exposed infrastructure. Increasingly, they are logging in with valid credentials, abusing excessive privileges, hijacking sessions, and blending into everyday user activity.

That means identity can no longer be treated as a one-time login check.

We need to know which accounts exist, how they are being used, what sessions are active, and whether the level of trust should change as risk changes.

In simple terms, we need to secure every account and every session. Three identity security challenges teams face

When we talk to customers about identity security, three (3) challenges usually come up.

Fragmented identity visibility: Most organizations have more than one identity source. There may be Microsoft Entra ID, Active Directory, SaaS directories, cloud accounts, privileged accounts, service accounts, and third-party identities. Each system has its own view of users, permissions, activity, and risk. The security team is often left trying to piece it all together manually and understand overall identity posture along with this.

Inconsistent access enforcement: Organizations usually have security controls in place, but they do not always work as one system. MFA may sit in one place. Device posture may be checked somewhere else. SaaS access, private app access, and network access may all follow separate policy models. That makes it hard to apply zero trust consistently across users, devices, applications, and environments.

Static decisions in a dynamic world: A user may pass MFA in the morning and get access. But what happens if the account starts behaving unusually later in the day? What if the device posture or device location changes? What if the session becomes risky? What if an account has more privileges than it should?

Identity risk is not static. So, security cannot afford to be static either.

This is where zero trust needs to evolve from a one-time authentication decision into a continuous, per-session context-aware model.

Identity becomes the new control plane.

The solution: how Cisco enables continuous identity security

Cisco brings a platform approach to identity security by connecting identity visibility, access enforcement, network control, and threat response through Cisco Security Cloud.

At the center of this approach is Cisco Identity Intelligence, which helps organizations understand identity activity, discover risky accounts, identify excessive privileges, and close the gap between authentication and access.

But visibility on its own is only half the job. The real value comes when identity intelligence can drive action.

  • Cisco Duo helps verify trusted users and trusted devices with strong MFA, device trust, posture checks, and risk-based access.

  • Cisco Secure Access extends identity-aware enforcement across SaaS, internet, and private applications, helping users reach the applications they need without giving them broad access to everything behind the network.

  • Cisco ISE brings identity deeper into the network, supporting identity-based access for campus, branch, wireless, wired, VPN, and segmentation use cases.

  • Splunk helps bring identity signals together with broader security telemetry, giving teams better context to detect, investigate, and respond faster across the environment.

Together, these capabilities help organizations move away from static access decisions and toward continuous identity security.

Not just: did the user log in?

But: is this account trusted, is this device healthy, is this session behaving normally, and should this access continue?

Continuous identity security example: finance user login

Let’s make this real.

Imagine a finance user accessing a sensitive application.

In a traditional model, the decision may be fairly simple. The user belongs to the Finance group. MFA is complete. Access is allowed.

That is useful, but it does not tell the whole story.

With Cisco, the decision can include much richer context.

  1. Duo verifies the user and checks whether the device is trusted and healthy.

  2. Cisco Identity Intelligence looks at the account itself. Is this identity behaving normally? Does it have excessive privileges? Has it shown unusual access patterns? Is there a signal that should change the access decision?

  3. Cisco Secure Access applies the right policy at the application level. If the user, device, and session look trusted, the experience stays simple. If something looks risky, access can be challenged, limited, or blocked.

  4. Splunk can correlate that identity activity with other security signals from across the environment. This helps the security team understand whether the event is isolated or part of a larger attack path.

That is the balance customers are looking for: tighter control when risk is high, and a smoother experience when trust is strong.

Why a connected identity platform beats point solutions

Cisco’s approach is different because identity is not treated as a standalone control.

Identity connects to access.
Identity connects to the network.
Identity connects to threat response.
And identity connects to the broader security operations workflow through Splunk.

Every account needs visibility. Every session needs context. Every access decision needs risk awareness. And every control point needs to work together.

This matters even more as organization adopt more SaaS, more cloud, more remote access, more third-party users, and more AI-driven workflows. The number of identities will keep growing. The number of sessions will keep increasing. And attackers will keep looking for the weakest identity path within the ever-growing attack surface.

The answer is not to add yet another disconnected identity tool and create more work for already stretched security teams. The answer is a connected security platform that can see identity risk early, enforce the right access policies, extend control into the network, and help teams respond to incidents faster.

Organizations should assess where identity visibility gaps, inconsistent access policies, and unmanaged risks exist across their environment, and explore how Cisco and its partners can help build a connected zero trust architecture that protects every account and every session. Learn more about our zero trust solution.