Jorge Patrinicola, Author at Making Security Accessible to All

Continuous Access Evaluation in Action: Inside CAEP and SSF

September 12, 2025 by Jorge Patrinicola

Continuous Access Evaluation in Action: Inside CAEP and SSF Event-based security that adapts as fast as threats emerge TL;DR Continuous Access Evaluation (CAE) enables real-time session enforcement in identity systems. The technical backbone is the Continuous Access Evaluation Profile (CAEP), which standardizes event types, and the Shared Signals Framework (SSF), which provides the transport for … Read more

Continuous Access Evaluation (CAE): Why “always verify” mustn’t wait an hour

September 3, 2025September 2, 2025 by Jorge Patrinicola

Continuous Access Evaluation (CAE): Why “always verify” mustn’t wait an hour Real-time security demands real-time verification TL;DR Static token lifetimes create hour‑long blind spots. Continuous Access Evaluation or CAE for short, closes that window by revoking or re‑checking access immediately when risk or context changes—without peppering legitimate users with needless prompts. Think smoke detector, not … Read more

MFA Isn’t Enough—Make It Phishing‑Proof

September 3, 2025August 26, 2025 by Jorge Patrinicola

MFA Isn’t Enough—Make It Phishing‑Proof Attackers evolved. Your MFA must, too. The Playbook: Make MFA Phishing-Resistant Turn Push into Proof Combine with Conditional Access Go Passwordless (FIDO2 / Authenticator) Harden the Gaps MFA Method Strengths Method Phishing Resistance Notes SMS / Email OTP Very Low SIM swap & phishing risk Voice Call OTP Very Low … Read more