We’re excited to announce the launch of the Permiso Platform, the identity security platform that detects and protects against both human and non-human identity threats across your cloud and on-prem environments.

Threat Informed Posture Controls

Our latest threat informed, posture-based prevention features are driven by several years of threat research that have generated more than 1,500+ detection signals in our product. Those signals help security teams detect suspicious and malicious activity in their identity providers, cloud service providers and SaaS environments as users move across those authentication boundaries. They now fuel Permiso’s new threat-informed identity exposures capabilities - posture controls driven by detection signals developed after having responded to hundreds of breaches.

Identity and Security teams can leverage the exposures module in order to strengthen authorization controls, reduce excessive privileges, and remove zombie identities and accounts. This prevents the likelihood of identity compromise, and limits the blast radius of all human and non-human identities should they be compromised. This new platform capability also offers users access to identity attack paths - visualizations of different ways threat actors COULD compromise identities in order to move laterally and gain access to sensitive data. Understanding what controls fail or are often times exploited in breaches helps Permiso users minimize the likelihood of a breach in the first place.

What our Customers Say

What Our Customers Say

"Identity security needs to be addressed with a holistic approach that eliminates the potential for blind spots. Permiso monitors both human and non-human users to quickly identify those that are most likely to be compromised, and those that have already been compromised. Permiso gives us a central inventory of all of our identities and credentials, their vulnerabilities, and monitors them for suspicious and malicious behavior, allowing us to quickly and effectively respond to threats.”

Sebastian Goodwin

Chief Trust Officer, Autodesk

Universal Identity Graph

Last year Permiso launched our universal identity graph, a centralized hub to secure all human and non-human identities, wherever they may go in an environment. Many existing security posture management and threat detection solutions alert based on atomic events - specific actions performed in an environment that could potentially be suspicious or malicious. These may include activities such as resetting MFA, logging in from a different geographic location, or database snapshotting. Because each of these events often generate a lot of noise in an environment, many security teams drown in alerts that have no context of the activity that is actually taking place in their environment.

Permiso’s Universal Identity Graph follows all human (workforce, guest, vendor) and non-human identities (access keys, secrets, services accounts) wherever they go and tie the activity back to the identity that performed them, even when shared credentials are being used. This provides comprehensive identity security coverage by stitching all user activity across environments such as identity providers, IaaS, PaaS and SaaS environments.

Permiso’s Universal Identity Graph provides the same benefits from a posture perspective, by mapping out access and entitlements to key corporate assets. The UIG helps security teams easily understand the blast radius of their identities, which is critical to prioritizing remediation steps. It also helps convey the significance of these identity security controls through attack paths - a map of potential avenues a threat actor may be able to exploit weak posture controls in order to compromise an identity.

Non-Human and Human Identity Security Combined (Posture + Threat Detection)

At Permiso, we think all identities should be secured together and treated equally. Our goal is to break down the fragmented silos that exists and unify identity security by covering posture and runtime for all types of identities, both human and non-human identities, wherever they may live in your environment. Detecting suspicious and malicious activity requires context of how identities behave as they move across different authentication boundaries. Permiso protects and detects human and non-human identity threats in identity providers, cloud service providers, SaaS applications, and on premise environments. In order to build sessions of user activity to gain a detailed view of both posture and activity across those environments, we find it advantageous to understand not only non-human identity risk and behavior, but humans behind those non-human identities. Permiso’s Universal Identity Graph helps tie both human and non-human relationships and activity together, giving you the full picture of risk. Our platform helps you find inactive, overly permissive, or suspicious non-human identities, and identifies the humans who use or create them to drive efficient remediation workflows.