Permiso’s platform provides a one-stop shop to reduce exposure risk and monitor identities for suspicious and malicious activity vs. the many fragmented, single point solutions in the market today.
Permiso couples threat-informed risk posture controls to help teams identify those identities that are most likely to be compromised with best in-class threat detection to detect identity compromise as it happens. The single solution not only inventories all identities and monitors their risk posture, but also detects any suspicious and malicious behavior of those identities. This enables enterprises to consolidate their investments in identity security that covers more of the applications and services in their environment.
As part of the platform, Permiso’s Universal Identity Graph enables security teams to create a graph relationship of all credentials and identities across their environments to gain a complete view of who’s accessing what and whether the behavior is normal or suspicious.
“Identity security is no longer just about securing credentials; it’s about understanding the full scope of human and non-human interactions within an organization,” said Jason Martin, Permiso Co-founder and Co-CEO. “With the launch of our new platform, we are setting a new standard for how enterprises protect their most valuable assets.”
The importance of securing human and non-human identities – the primary credentials to access any system – has never been more critical. According to Permiso’s State of Identity Security Survey Report 2024 nearly half of organizations (45%) remain concerned or extremely concerned about their current tools being able to detect and protect against identity security threats and 45% reported an identity security incident in the last year.
Also Read: Sentra Again Named Leader in GigaOm Radar for DSPM
“Identity security needs to be addressed with a holistic approach that eliminates the potential for blind spots. Permiso monitors both human and non-human users to quickly identify those that are most likely to be compromised, and those that have already been compromised,” said Autodesk Chief Trust Officer Sebastian Goodwin. “Permiso gives us a central inventory of all of our identities and credentials, their vulnerabilities, and monitors them for suspicious and malicious behavior, allowing us to quickly and effectively respond to threats.”
Permiso’s new identity security platform builds upon its existing Identity Threat Detection and Response (ITDR) capabilities, which provide coverage across identity providers, IaaS, PaaS, and SaaS applications. Permiso has developed more than 1,500 detection signals across these environments, fueled by its expertise in tracking threat actor groups such as LUCR-3 (Scattered Spider), a group known for compromising human identities and non-human identities to gain access to sensitive data. Permiso has added several Las Vegas luxury resorts and casinos as customers in the wake of campaigns orchestrated against hospitality groups in recent years.
The steps that Permiso is taking to secure human and non-human identities come amidst the backdrop of the increasing adoption of agentic AI, which will no doubt add new and expanded identity risk threats. Last October, cybersecurity journalist Brian Krebs broke a story based on Permiso’s research, uncovering how threat actors were leveraging non-human identities, such as access tokens, to hijack AI infrastructure and host their own large language model (LLM) applications. Permiso’s P0 Labs team has identified numerous campaigns leveraging NHIs, including resource hijacking, password spraying, and credential stuffing attacks.
Source: Businesswire