The speed of artificial intelligence adoption is unprecedented. From automating code generation to powering customer service, AI is no longer a strategic option but a business imperative. Yet, with this rapid integration comes a new, expansive attack surface that traditional security solutions were never designed to manage. Organizations are struggling with a lack of visibility, a surge in new attack vectors, and a profound sense of urgency to secure their AI ecosystems.

Today, we’re proud to announce that Permiso has expanded its industry-leading identity security platform to include comprehensive AI security capabilities. Building on our proven framework for discovering, protecting, and defending against identity threats, our new features deliver complete visibility and security for all AI identities including the users, builders, and autonomous agents that are defining the future of business. This release represents a significant step forward, providing organizations with a unified, identity-centric approach to securing their AI-driven future.

Here's a fundamental truth that shapes our approach: AI identities are never fully independent of human ones. Even the most autonomous AI agents are provisioned through human credentials. When developers grant AI systems access using their own accounts, any compromise of an AI agent can cascade into a compromise of its human sponsor. For attackers, every AI identity is simply another entry point to the human-driven enterprise. Effective protection must address the entire identity chain: humans using AI, humans building AI, and AI agents operating on their behalf.

"Your AI security posture will be shaped by your overall security program," explains Jason Martin, Permiso co-CEO and co-founder. "Identity security is a core pillar of any strong program and essential to securely operationalizing AI. Soon, enterprises will run hundreds or thousands of AI agents, making it vital to inventory them, assess identity risks, and track real-time activity to spot suspicious behavior. Companies don't want separate systems for each identity type - they need a single platform that provides full coverage and eliminates blind spots against identity-driven threats."

A Unified View of AI Identity

The security of AI is not a separate problem from the security of the rest of your enterprise; it is an extension of identity security. Every single interaction with an AI model, whether by an employee, a developer, or an autonomous system, is an identity-driven event. Permiso’s solution rejects the fragmented approach of using multiple, siloed tools to secure each part of the AI landscape. Instead, we provide one platform to manage all AI-related identities holistically, bringing order and control to the chaos.

We categorize these identities into three distinct groups to ensure every part of the AI ecosystem is covered:

• AI Users: This is the most expansive group, encompassing your employees who leverage AI services like ChatGPT, Microsoft Copilot, or other AI platforms to perform their jobs. Their usage introduces risks ranging from sensitive data leakage to the violation of company policy.
• AI Builders: This group includes the developers, data scientists, and engineers responsible for creating, modifying, and deploying your AI models and applications. They have privileged access to the core intellectual property of your AI systems, making their identities a critical target.
• AI Agents: This is a critical and rapidly growing class of autonomous AI systems that operate independently within your environment. These are non-human identities that require the same level of security and management as human ones.

As our CTO, Ian Ahl, explains, "AI isn't a new silo; it's an identity problem. Permiso finds every AI identity, human and non-human. We map static exposures and use runtime detection on live activity so you can adopt AI without widening the attack surface."

Runtime Intelligence Reveals the Hidden Attack Surface

Static security approaches that only track licensing and configuration data miss the vast majority of real-world AI activity. They can tell you who has a license, but they can't tell you how that license is being used, or what other AI services are being accessed without one. Permiso leverages runtime intelligence to discover actual AI usage patterns, providing a complete picture that static information simply cannot. Our research shows that static data captures only 20% of the actual AI activity in enterprise environments. This 80% gap is a massive, unmonitored attack surface waiting to be exploited.

Through deep integrations with leading endpoint security solutions and SaaS logging platforms, Permiso's new AI security capabilities can identify and reveal this hidden activity, including:

• Shadow AI usage: The platform can identify employees using personal, unmonitored accounts on public AI services, a common source of sensitive data leakage.
• Unauthorized AI service access: It can detect instances where employees attempt to bypass corporate security policies by accessing unsanctioned AI services via federated authentication.
• Over-permissioned AI agents: The system reveals AI agents operating with excessive, unused permissions that create a significant opportunity for attackers.
• Sensitive data sharing: Our DLP (Data Loss Prevention) integrations allow the platform to flag and prevent the sharing of sensitive documents and proprietary data with external AI models.

This runtime visibility provides security teams with the context they need to make informed decisions and respond to threats in real time. It shifts the security paradigm from a guessing game to a data-driven, actionable strategy.

The Proven Permiso Framework, Now for AI

Our new AI security features apply Permiso’s established three-pillar security framework to the AI identity ecosystem. This framework provides a clear and actionable path to control, ensuring every identity is secured throughout its lifecycle.

Discover: Complete Visibility and Attribution

The first step in securing anything is knowing what you have. Our platform provides a complete inventory of all AI identities in your environment, but we go far beyond a simple list. We provide detailed attribution showing exactly how each identity earned its classification, backed by session-level evidence and runtime data. This means you can see not just that a developer is using a particular AI model, but also which project they were working on, what data they accessed, and what actions they took. This level of granular visibility is the foundation for effective security and provides a robust forensic trail for any incident investigation.

Protect: Enforcing Least Privilege at Scale

Once an identity is discovered, it must be protected. A major vulnerability in the AI infrastructure is over-permissioning, a practice that grants identities more access than they actually need. This creates an inviting attack surface. Permiso analyzes your AI infrastructure and agents for key security issues, including over-permissioning, weak authentication controls, and configuration vulnerabilities. Our research has identified AI agents operating with up to 90% unused permissions. This insight allows security teams to enforce the principle of least privilege, revoking unused access rights without disrupting the development workflow. This proactive protection shrinks your attack surface dramatically.

Defend: Behavioral Anomaly Detection

Even with a strong "Protect" posture, compromised identities or insider threats can still pose a risk. Our behavioral anomaly detection continuously monitors the runtime behavior of every AI identity. It establishes a baseline of normal activity and immediately triggers alerts when an AI agent or a user operates outside their intended scope. For example, if a developer’s account, which normally works on a specific project, suddenly starts trying to exfiltrate an entire dataset, the system will flag the behavior. This capability is fully integrated with frameworks like MITRE ATLAS for AI-specific threat detection, giving your team the intelligence they need to respond swiftly and effectively.

Real-World Impact and Industry Leadership

Early implementations of our new AI security features have already delivered significant insights. We have helped organizations gain a clear understanding of their true AI adoption by measuring actual usage against licensed usage. For instance, in a recent deployment, we helped a customer identify several employees sharing sensitive financial documents with external AI models through a critical DLP integration. The platform's unique badge system provides granular visibility, allowing security teams to understand not just who has AI access, but how they’re using it—from the specific services they access to the activities they perform.

Permiso’s holistic approach to AI security - encompassing human AI users, AI builders, and AI agents - differentiates us from emerging vendors who focus solely on non-human identity (NHI) management. Many AI agents today, like GitHub Copilot, actually run using human identities rather than traditional non-human identities. 

Availability

Permiso's new AI security capabilities are available today, integrating seamlessly with existing deployments and requiring no additional infrastructure. Organizations can immediately begin discovering AI identities, analyzing risks, and implementing controls without disrupting operations.

To see how Permiso can help secure human, non-human, and AI identities, explore our solution or request a demo at hello@permiso.io