Organizations with stringent security requirements need the ability to enforce periodic validation to ensure continuous trust verification of user identities. Prisma® Access Agent already delivers continuous trust verification today by seamlessly validating the user in the background without disrupting the end-user experience. Augmenting this capability, Prisma Access Agent now enables you to configure how frequently users are prompted to re-authenticate, with customizable intervals ranging from 10 hours to 30 days. You can set customizable warning timers to notify users before re-authentication is required, preventing unexpected disconnections and workflow disruption. The feature introduces a re-authentication frequency setting that controls user refresh token lifetime globally across your deployment. The gateway session timeout setting has been renamed for clarity and notification preferences are now managed at the global level.

For Dynamic Privilege Access-enabled Prisma Access Agents, you can enforce stricter security enforcement by enabling aggressive authentication, which forces immediate re-authentication when users connect or extend gateway sessions.