We are proud to share that Permiso has been named the winner of Best Identity Threat Detection and Response (ITDR) Platform at the 2026 Cybersecurity Stars Awards, presented by The Hacker News.
The Cybersecurity Stars Awards are run by The Hacker News, the most widely read cybersecurity publication in the world, and winners are selected by an independent panel of judges drawn from across the industry. The recognition is based on contribution, innovation, and real impact, which makes it especially meaningful coming from a publication that reaches millions of security practitioners every month.
Here is how the awards panel described the win:
"We're pleased to recognize Permiso Security as the winner of the 2026 Cybersecurity Stars Award for Best Identity Threat Detection and Response Platform. Permiso built a platform that watches what identities actually do after they authenticate, across human users, service accounts, and AI agents in cloud and on-premises environments, filling a real gap that traditional security tools leave behind. Their work, informed by their own threat research team, reflects a genuine understanding of how modern attacks actually unfold."
We could not have framed it better ourselves. The judges landed on the exact idea Permiso was built around: most security tools lose visibility the moment an identity authenticates, and that blind spot is where modern attacks live.
Identity has become the primary way attackers get into modern environments and the primary way they stay hidden once inside. They are not breaking through the perimeter. They are arriving with credentials that belong to someone else, then moving through systems while looking like normal activity. Traditional controls like IAM, PAM, and MFA were built to manage access at the front door. They were never designed to notice when a valid identity is already inside and behaving like an attacker.
That is the gap ITDR exists to close, and it is the work this award recognizes. Permiso watches what identities actually do after they authenticate, builds a behavioral picture of what normal looks like, and flags the activity that does not fit. The result is the ability to catch a compromised but legitimate credential, which is exactly the scenario that defeats access-management tools.
A few things set Permiso's approach apart, and they map closely to what the judges highlighted.
It covers every identity, not just human users. Permiso secures human, non-human, and AI identities in a single platform. As service accounts, API keys, and AI agents come to outnumber human users, an ITDR approach that only watches human logins sees a shrinking fraction of the real attack surface. Permiso watches all of it.
It extends to AI agents. In 2026 we brought the same detect-and-respond model to AI agents, the fastest-growing and least-governed identity class in the enterprise. AI agents are not a new species to be managed by a separate tool. They authenticate, hold credentials, and act inside the same systems as everyone else, which makes them an identity problem. Permiso discovers agents across the environment, including the shadow agents nobody registered, attributes every action to a specific identity in real time, and detects anomalous agent behavior as it happens. The judges called out this coverage directly, because watching what an agent does after it authenticates is the same discipline that protects human and non-human identities, applied to the newest one.
It is grounded in real threat research. Permiso's detection is informed by P0 Labs, our threat research team, whose work on real-world identity and cloud attacks feeds directly into what the platform can detect. The judges specifically noted that our work is informed by our own research team, and that is not a coincidence. Detection built on how attackers actually behave is more reliable than detection built on static rules.
Underpinning all of it is the Universal Identity Graph, which connects human, non-human, and AI identities across cloud and hybrid environments and ties every action back to the identity behind it. When something does go wrong, that same graph lets an analyst see the full scope of a compromise, trace the path of lateral movement, and understand every identity involved, turning a scattered set of alerts into an investigation a team can actually follow.
What that adds up to in practice is detection that spans the full range of identity-based attacks: credential compromise, account takeover, privilege escalation, session hijacking, and insider misuse, across human users, service accounts, and AI agents alike. The platform ships with more than 1,500 detection signals, each one tied to real attacker behavior rather than a static rule, and that library keeps growing as P0 Labs uncovers new techniques in the wild. It is detection that improves as the threat landscape changes, which is the only kind that keeps pace with attackers who are constantly changing their own playbooks.
This award caps a strong run of recognition for Permiso in 2026. Earlier this year we won the SC Award for Best Threat Detection Technology, and Permiso was named to the Cloud Security Alliance's Agentic AI Security Innovator Market Map across three categories. Being named Best ITDR Platform by The Hacker News adds an independent, practitioner-facing voice to that recognition. It reinforces something we believe deeply: identity is now the center of security, and the teams that can see and control what their identities are doing are the ones who stay ahead of attackers.
Recognition like this belongs to a lot of people. To the engineering and research teams who build and sharpen the platform every day, to P0 Labs for the research that makes our detection what it is, and most of all to the customers who trust Permiso to defend their identities, thank you. This award reflects your confidence as much as our work.
The attack surface is going to keep expanding, especially as AI agents enter every enterprise. We will keep building so that no matter what kind of identity is involved, you can see what it is doing and act when something is wrong.
If you would like to see how Permiso approaches identity threat detection and response, schedule a demo with our team or explore our ITDR solution.