PZTA governs every access request and session via a centrally deployed and managed policy. It then augments these policies with built-in User and Entity Behavior Analytics (UEBA) where attributes for every session are monitored and assessed, and proprietary risk scoring algorithms can identify non-compliant, malicious, and anomalous activity - enabling expedited threat mitigation actions.