I have a question about the response to the incident announced by Circle ci, and I would appreciate it if someone with knowledge could help me.
In the release it says "we have added additional step-up authentication steps and controls.”
I was wondering how Circle CI detect when a session that has been authenticated by SSO has been stolen, and what is the basis for detecting when additional authentication is required.
What are the specific measures?