惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

TaoSecurity Blog
TaoSecurity Blog
L
LINUX DO - 最新话题
Help Net Security
Help Net Security
N
News | PayPal Newsroom
www.infosecurity-magazine.com
www.infosecurity-magazine.com
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
The Last Watchdog
The Last Watchdog
S
Security @ Cisco Blogs
W
WeLiveSecurity
C
CXSECURITY Database RSS Feed - CXSecurity.com
Webroot Blog
Webroot Blog
T
Troy Hunt's Blog
V
Vulnerabilities – Threatpost
Google Online Security Blog
Google Online Security Blog
N
News and Events Feed by Topic
T
Threat Research - Cisco Blogs
Security Archives - TechRepublic
Security Archives - TechRepublic
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
T
Tor Project blog
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
D
Darknet – Hacking Tools, Hacker News & Cyber Security
PCI Perspectives
PCI Perspectives
Google DeepMind News
Google DeepMind News
T
Tailwind CSS Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Apple Machine Learning Research
Apple Machine Learning Research
IT之家
IT之家
S
SegmentFault 最新的问题
J
Java Code Geeks
P
Privacy & Cybersecurity Law Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
博客园 - 【当耐特】
博客园_首页
H
Hacker News: Front Page
T
Threatpost
Jina AI
Jina AI
博客园 - Franky
月光博客
月光博客
L
LINUX DO - 热门话题
The Cloudflare Blog
H
Heimdal Security Blog
博客园 - 司徒正美
酷 壳 – CoolShell
酷 壳 – CoolShell
Cloudbric
Cloudbric
雷峰网
雷峰网
Hugging Face - Blog
Hugging Face - Blog
S
Secure Thoughts
T
Tenable Blog
I
Intezer
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻

The Duo Blog

Active Directory security: how to stop modern threats | Cisco Duo Duo + PlainID: Dynamic Authorization Meets Enterprise Identity | Cisco Duo Salesforce The modern MFA toolkit: push, biometrics, and security keys | Cisco Duo Cisco Duo Identity Summit Preview | Cisco Duo Duo Brings Identity and Authorization Across AI Agent Gateways | Cisco Duo Passwordless for Microsoft 365 starts with federation Custom Admin Roles: Granular control for every Duo admin Token theft, vendor abuse, and the new identity threat surface How Duo Directory automates user lifecycle management Cisco Systems Named a Customers’ Choice in Gartner Peer Insights™ 2026 Voice of the Customer for Access Management Identity provider resilience: backup and split IdP approaches | Cisco Duo Agentic AI Security: Three Threats Your Team Should Know | Cisco Duo Secure client access at scale with Duo and Meraki | Cisco Duo IdP Concentration Risk: Why Single-IdP Dependency Puts You at Risk | Cisco Duo Endpoint Management as an Attack Vector: Lessons from Stryker | Cisco Duo Passwordless authentication without cookies: Duo Push updates Introducing Duo Agentic Identity Solving the double prompt: Better UX with AMR in Duo SSO Simplify compliance with MFA, device trust, and policies Cisco Systems Named a Customers’ Choice in Gartner® Peer Insights™ 2026 Voice of the Customer for User Authentication Why identity-led security matters for MSPs right now The Hitchhiker’s Guide to Shibboleth Launching Active Directory Defense: Strengthen On-Prem AD Security | Duo Security Industry specific IAM for MSPs Duo delivers: 99.99% uptime SLA for every customer
Continuous identity security explained | Cisco Duo
Anshul Kaushik · 2026-07-05 · via The Duo Blog

Product & Engineering

Continuous identity security: secure every account and session

Headshot of Anshul Kaushik

6 minute read

Why securing enterprise identity is harder today

Enterprise identity has changed a lot over the last few years.

Users are no longer sitting behind a single network perimeter, accessing a small set of applications from managed devices. Today, they work from anywhere. Applications sit across SaaS, private data centers, cloud platforms, and partner environments. Devices can be managed, unmanaged, personal, mobile, or sometimes simply unknown.

And then there are the identities.

Human and non-human identities (NHIs), such as service accounts, SaaS accounts, cloud identities, legacy accounts, and now even AI-driven workflows are adding to the mix. Identity sprawl has become one of the biggest challenges security teams are trying to solve.

Attackers have noticed this shift too. They are not always trying to force their way in through exposed infrastructure. Increasingly, they are logging in with valid credentials, abusing excessive privileges, hijacking sessions, and blending into everyday user activity.

That means identity can no longer be treated as a one-time login check.

We need to know which accounts exist, how they are being used, what sessions are active, and whether the level of trust should change as risk changes.

In simple terms, we need to secure every account and every session. Three identity security challenges teams face

When we talk to customers about identity security, three (3) challenges usually come up.

Fragmented identity visibility: Most organizations have more than one identity source. There may be Microsoft Entra ID, Active Directory, SaaS directories, cloud accounts, privileged accounts, service accounts, and third-party identities. Each system has its own view of users, permissions, activity, and risk. The security team is often left trying to piece it all together manually and understand overall identity posture along with this.

Inconsistent access enforcement: Organizations usually have security controls in place, but they do not always work as one system. MFA may sit in one place. Device posture may be checked somewhere else. SaaS access, private app access, and network access may all follow separate policy models. That makes it hard to apply zero trust consistently across users, devices, applications, and environments.

Static decisions in a dynamic world: A user may pass MFA in the morning and get access. But what happens if the account starts behaving unusually later in the day? What if the device posture or device location changes? What if the session becomes risky? What if an account has more privileges than it should?

Identity risk is not static. So, security cannot afford to be static either.

This is where zero trust needs to evolve from a one-time authentication decision into a continuous, per-session context-aware model.

Identity becomes the new control plane.

The solution: how Cisco enables continuous identity security

Cisco brings a platform approach to identity security by connecting identity visibility, access enforcement, network control, and threat response through Cisco Security Cloud.

At the center of this approach is Cisco Identity Intelligence, which helps organizations understand identity activity, discover risky accounts, identify excessive privileges, and close the gap between authentication and access.

But visibility on its own is only half the job. The real value comes when identity intelligence can drive action.

  • Cisco Duo helps verify trusted users and trusted devices with strong MFA, device trust, posture checks, and risk-based access.

  • Cisco Secure Access extends identity-aware enforcement across SaaS, internet, and private applications, helping users reach the applications they need without giving them broad access to everything behind the network.

  • Cisco ISE brings identity deeper into the network, supporting identity-based access for campus, branch, wireless, wired, VPN, and segmentation use cases.

  • Splunk helps bring identity signals together with broader security telemetry, giving teams better context to detect, investigate, and respond faster across the environment.

Together, these capabilities help organizations move away from static access decisions and toward continuous identity security.

Not just: did the user log in?

But: is this account trusted, is this device healthy, is this session behaving normally, and should this access continue?

Continuous identity security example: finance user login

Let’s make this real.

Imagine a finance user accessing a sensitive application.

In a traditional model, the decision may be fairly simple. The user belongs to the Finance group. MFA is complete. Access is allowed.

That is useful, but it does not tell the whole story.

With Cisco, the decision can include much richer context.

  1. Duo verifies the user and checks whether the device is trusted and healthy.

  2. Cisco Identity Intelligence looks at the account itself. Is this identity behaving normally? Does it have excessive privileges? Has it shown unusual access patterns? Is there a signal that should change the access decision?

  3. Cisco Secure Access applies the right policy at the application level. If the user, device, and session look trusted, the experience stays simple. If something looks risky, access can be challenged, limited, or blocked.

  4. Splunk can correlate that identity activity with other security signals from across the environment. This helps the security team understand whether the event is isolated or part of a larger attack path.

That is the balance customers are looking for: tighter control when risk is high, and a smoother experience when trust is strong.

Why a connected identity platform beats point solutions

Cisco’s approach is different because identity is not treated as a standalone control.

Identity connects to access.
Identity connects to the network.
Identity connects to threat response.
And identity connects to the broader security operations workflow through Splunk.

Every account needs visibility. Every session needs context. Every access decision needs risk awareness. And every control point needs to work together.

This matters even more as organization adopt more SaaS, more cloud, more remote access, more third-party users, and more AI-driven workflows. The number of identities will keep growing. The number of sessions will keep increasing. And attackers will keep looking for the weakest identity path within the ever-growing attack surface.

The answer is not to add yet another disconnected identity tool and create more work for already stretched security teams. The answer is a connected security platform that can see identity risk early, enforce the right access policies, extend control into the network, and help teams respond to incidents faster.

Organizations should assess where identity visibility gaps, inconsistent access policies, and unmanaged risks exist across their environment, and explore how Cisco and its partners can help build a connected zero trust architecture that protects every account and every session. Learn more about our zero trust solution.