APM executes per-session policies when a client attempts to connect to the
enterprise. After a session starts, a
runs each time the client makes an HTTP or HTTPS request. Because of
this behavior, a per-request policy is particularly useful in the context of a Secure Web Gateway or Zero
Trust scenario, where the client requires re-verification on every request, or changes based on gating criteria.