NEW Threat Research: When AI Gets Hijacked: Exploiting Hosted Models for Dark Roleplaying

[Krebs On Security] [Our Blog]
Illustration Cloud

Permiso Launches Universal Identity Graph to Help Organizations Secure All Identities Across All Environments

Permiso’s recent product launch provides a centralized hub to secure all human and non-human identities across both cloud and on-premise environments 

PALO ALTO, CA – September 19, 2024 -- Permiso, the leader in identity security, has announced the launch of their Universal Identity Graph to provide risk and threat visibility for all identities, in all environments. The Universal Identity Graph combines industry leading Identity Security Posture Management (ISPM) with Identity Threat Detection and Response (ITDR) to provide the most comprehensive identity security solution in the market today. 

“For most organizations, identity security is incredibly siloed. Identity providers focus on securing the identity infrastructure, a separate solution for IaaS or PaaS, and yet another solution for SaaS. Many times, organizations adopt one solution that focuses on identity posture to mitigate risk, and yet another solution that focuses on threat detection at runtime. While organizations benefit from securing these layers separately, it creates a massive blind spot across the authentication boundaries in an environment. We’ve seen how threat actors take advantage of those blind spots when orchestrating identity-based attacks. Permiso’s Universal Identity Graph helps organizations secure all their human identities and non-human identities across those environments in one centralized location,” said Permiso Co-founder and Co-CEO, Jason Martin.  

Permiso, whose team is composed of several former FireEye/Mandiant executives, has detected and responded to hundreds of breaches collectively. By living in the breach, the team has front line knowledge of threat actor’s TTPs and are able to understand where controls fail for security organizations. This experience has created more than 1,200 unique detections and more than 500 alert rules in their platform. 

"Permiso's platform provides us with a comprehensive view of our identity risk. With their new universal identity graph engine, we're able to mitigate high-risk identities in real time, giving us added peace of mind that our most valuable assets are protected,” said Eric Tan, CIO & Chief Security Officer at Flock Safety. “Permiso's solution has enhanced our ability to detect and respond to threats, making our organization more resilient to cyberattacks.”  

Many existing security posture management and threat detection solutions alert based on atomic events - specific actions performed in an environment that could potentially be suspicious or malicious. These may include activities such as resetting MFA, logging in from a different geographic location, or database snapshotting. Because each of these events often generate alerts in an environment, many security teams drown in alerts that have no context of the activity that is actually taking place in their environment. 

Permiso’s Universal Identity Graph follows all human (workforce, guest, vendor) and non-human identities (access keys, secrets, services accounts) wherever they go and tie the activity back to the identity that performed them, even when shared credentials are being used. By monitoring access patterns and behavioral anomalies as identities move across authentication boundaries, Permiso is able to track identities wherever they go and quickly detect identity-based threats in an environment. 

Permiso has experienced rapid growth over the last twelve months. After LUCR-3 (Scattered Spider) were able to breach the environments of several large organizations like MGM and Clorox, many teams turned to Permiso to provide the industry’s most comprehensive method to detecting identity-based attacks in both cloud and on-premise environments. The startup raised an $18.5M Series A in April 2024 and recently added some of the strip’s luxury resorts and casinos to their customer base. 

 ABOUT PERMISO 

Permiso is an identity security startup that protects, detects and responds to all human and non-human identity threats, across all environments. Permiso bridges the gap between siloed identity security tools by securing identities across the IdP, IaaS, PaaS and SaaS layers. Through a combination of ML-based behavioral-baselining and 1,000+ detection rules, Permiso enables security organizations to harden their identity security posture and detect suspicious and malicious activity in their environments more quickly than ever. 

 

Illustration Cloud

Related Articles

Permiso Named SC Awards Finalist In Two Categories

The identity security company has been named a finalist for both Most Promising Early Stage Startup and Best Threat Detection Technology categories

Permiso Launches Cloud Console Cartographer to Help Security Teams Make Sense of Console Activity in Cloud Logs

The open-source tool helps security teams easily transcribe log activity generated from events of AWS console sessions

Permiso Raises $18.5M Series A To Unify Threat Detection and Response In The Cloud

Permiso’s product offers a deep library of detection signals from known TTPs of modern threat actors and spans coverage across the cloud’s attack surface to detect threats in the cloud more quickly than ever

View more posts