Dynamic risk assessment continuously evaluates risk in real time based on current context — user location, device health, behavior patterns — adjusting access decisions accordingly.
Zero trust implements dynamic risk assessment: initial login may be allowed, but unusual subsequent behavior triggers step-up authentication or session termination. Microsoft Continuous Access Evaluation (CAE) re-evaluates token validity in near real-time.