Affirmed Identity Blog
Research, insights, and practical guidance on continuous authentication, Zero Trust, and the future of identity security.
Security Beyond Passwordless Push, MFA, and Passkey (FIDO2)
Modern authentication mechanisms—passwordless push, MFA, and passkeys (FIDO2)—significantly improve initial access security, yet remain bounded to a moment in time and subject to bypass. This paper examines where authentication assurance fails, the risks of treating login as a completed event, and practical ways to extend identity assurance beyond authentication without replacing existing systems or rearchitecting applications.
Read More →
Achieving Zero Trust and CMMC Objectives Under Resource Constraints
This paper argues that the primary security and compliance benefits of Zero Trust Architecture (ZTA) and CMMC can be realized incrementally by resource-constrained organizations, without full architectural replacement, by focusing on identity assurance, continuous verification signals, and policy enforcement—rather than exhaustive tooling adoption.