At SGNL, we’re always looking for ways to help organizations manage identity and access security with the speed and agility demanded by today’s environment. That’s why we’re excited to introduce Event Streams, the latest feature of our CAEP Hub. Built on the Shared Signals Framework (SSF) and Continuous Access Evaluation Profile (CAEP), this standards-based approach ensures seamless interoperability across your enterprise while delivering flexibility and power for identity remediation workflows.
Building on the success of the initial release of the CAEP Hub—which has been instrumental in helping organizations eliminate standing access, Event Streams tackles a key challenge: managing identity-related breaches. With more than 80% of organizations reporting breaches in the past year, the ability to react quickly and intelligently to identity issues is critical.
So, what makes Event Streams a game changer?
How Event Streams works
With Event Streams, SGNL moves beyond a reactive approach to security events. This feature enables organizations to implement a flexible, real-time, event-driven architecture. The CAEP Hub not only monitors signals across your business and identity systems but also takes immediate action based on those events.
Here’s how it works:
- Central role in the Identity Data Fabric: SGNL operates at the core of your identity infrastructure, processing security events as they happen—whether it’s a behavioral anomaly or a policy violation.
- Stateful and event-driven: The new Event Streams capability can capture both stateful changes (such as account deactivation) and event-driven signals, ensuring real-time updates across all connected systems.
- Automated remediation: Acting on security signals in real-time, SGNL triggers targeted and precise remedial actions automatically. These can range from terminating a session to sending alerts, preventing threats from escalating.
Key features of event streams
- Support for any Security Event Token (SET): Event Streams supports a growing list of event types, as well as any custom event you might create based on the SET standard (a type of JSON Web Token or JWT that underpins the Shared Signals Framework), giving you more ways to monitor and respond to identity-related incidents across your ecosystem.
- Customizable actions: Tailor rules to trigger specific actions based on different event types, allowing your security response to be highly targeted and efficient.
- Receiver for Shared Signals Events (CAEP and RISC): SGNL now receives, stores, and acts on CAEP and RISC events, integrating them with your existing identity graph and policies.
- Enterprise ready: Each part of your enterprise can configure Event Streams, and the resulting actions, in order to receive and coalesce events in the graph, sharing signal directly in the product
- Action framework ready: This feature enables SGNL to automatically initiate actions, such as session terminations or security team notifications, based on the events received.
And, as always, SGNL integrates seamlessly with your existing systems, ensuring your identity infrastructure remains cohesive and consistent.
How Event Streams improves your identity security
Event Streams delivers immediate advantages to enhance the security of your identity infrastructure:
- Policy augmentation: Use CAEP and RISC events to dynamically change the result of your policies. For instance, if a user is flagged during a security event, the system can instantly adjust their access, keeping your policies aligned with real-time risks.
- Event enrichment: Enrich incoming security events with relevant business context before transmitting them across your infrastructure. This ensures relevant business context is available to your enterprise systems.
- Event rebroadcasting: Simplify long-term management of your Enterprise CAEP infrastructure, by using the SGNL CAEP Hub to easily retransmit events across systems in your business, minimizing the number of 1:1 integrations and simplifying maintenance.
- Simplified event management: Event Streams centralizes event management, making it easier for your security teams to push and pull event data across your enterprise and partner systems. This ensures smooth coordination and efficient responses across your identity infrastructure.
Why focusing on event-driven security matters
Security incidents are inevitable—what matters is how quickly and effectively your organization can respond. Event Streams strengthens SGNL’s CAEP Hub by enabling real-time, identity-centric responses to security events, helping you stay proactive. The details:
- Support for any Security Event Token (SET): CAEP and RISC events are available as templates out of the box, with plans to expand to additional event types.
- Automated retention policies: With a maximum of 50 events per subject, CAEP Hub ensures that only the most relevant data is stored and acted upon.
- Strong security: Mandatory authentication or signing guarantees the integrity of all transmitted data.
As organizations adopt more complex multi-cloud environments and interconnected applications, having a responsive, event-driven security system is essential. Event Streams provides the tools you need to stay agile and secure while ensuring compliance.
We’re excited to launch Event Streams as part of our ongoing mission to eliminate standing access and bolster security across your identity landscape. To learn more about the CAEP Hub and how it strengthens your security, schedule a demo today.