Identity is the connective tissue of modern IT environments. Every person, workload, service account, and API key relies on identity to access resources. The challenge is that adversaries have realized this too.

High-profile breaches over the past few years, from supply chain compromises to ransomware campaigns, often share a common thread: the misuse of identities. Attackers no longer “hack in” as much as they “log in,” using stolen or misconfigured credentials to bypass perimeter defenses and blend in with normal user activity.

Traditional tools like IAM, PAM, and MFA are critical but not sufficient. They help control access and enforce policies, but they weren’t built to detect when an attacker is already inside the system, using valid credentials for malicious purposes. That’s where Identity Thread Detection & Response (ITDR) comes in.

ITDR provides defenders with the visibility, detection, and response capabilities needed to spot identity-driven threats in real time. It’s the difference between catching an intruder at the door and realizing they’ve been walking the halls unnoticed for weeks.

Against this backdrop, we are proud to share that Permiso has been recognized in the newly released GigaOm Radar for Identity Threat Detection & Response (ITDR) as both a Challenger and a Fast Mover.

Why ITDR Matters MORE THAN EVER

Security teams have long invested in EDR, NDR, and SIEM solutions to detect and respond to threats compromised identities now represent the primary attack vector in modern breaches. The headlines tell the story. Ransomware groups, nation-state actors, and cybercriminals are no longer forcing their way into networks;  they are exploiting identity weaknesses as their primary entry point.

Once attackers gain access through an identity, they often go undetected for weeks or months because their activity blends in with legitimate user behavior. ITDR directly addresses this problem by:

• Detecting anomalies in identity behavior – spotting impossible travel, privilege misuse, or dormant accounts suddenly springing to life.
• Responding in real-time – containing identity-driven attacks before they spread across environments.
• Bridging the gaps between IAM and security operations – giving defenders visibility they never had before.

What GigaOm Radar Recognition Means

The GigaOm Radar is an independent industry report that evaluates vendors based on innovation, execution, and speed of movement within a specific technology category. In their latest Radar for ITDR, Permiso was recognized as a:

• Challenger – Acknowledging our ability to compete with established players by addressing key gaps in how organizations detect and respond to identity-driven threats. Permiso is not just following industry trends but challenging assumptions about how ITDR should work.
  
  
• Fast Mover – Highlighting the pace at which our capabilities are expanding to meet the realities of cloud-first, identity-driven security operations.

For us, this recognition validates what our customers already know: Permiso is pushing the boundaries of what ITDR can deliver.

Why Permiso Stood Out

In the ITDR Radar, GigaOm highlighted several aspects that make Permiso’s approach unique. These aren’t just product features - they represent a philosophy of giving defenders the upper hand against increasingly identity-focused adversaries.

Universal Identity Graph

At the heart of Permiso is the Universal Identity Graph, a living map that stitches together human,  non-human and AI identities across hybrid and cloud environments. Unlike static directories, this graph evolves as your environment changes, revealing hidden relationships, shadow accounts, and privilege creep. It’s not just visibility - it’s actionable context.

1,500+ Detection Signals

Permiso comes preloaded with over 1,500 detection signals fine-tuned to spot identity misuse, credential abuse, and lateral movement tactics. These detections go beyond simple rules. They incorporate behavioral analytics to differentiate between benign anomalies and genuine threats, helping analysts cut through the noise and focus on what matters.

Behavioral Analytics & Context-Driven Detection

Attackers thrive on blending in. Permiso counters this with analytics that understand normal patterns of behavior across users, workloads, and services. By combining activity baselines with contextual signals, Permiso makes it possible to quickly flag—and respond to—malicious behavior masquerading as legitimate use.

Integration-First Design

Security teams already invest heavily in SIEM, SOAR, and XDR platforms. Permiso doesn’t compete with these systems; it enhances them. With an integration-first design, Permiso fits seamlessly into existing workflows, adding deep identity context and threat detection without creating new silos or operational overhead.

Proactive Protection

Through its Identity Security Posture Management (ISPM) capabilities, Permiso helps customers identify potential areas of risk and plan remediation actions. This includes proactive in-product alerts, threat research updates, and direct support from the P0 Labs threat research team to help customers triage and address threats in real time.

Our focus has always been on giving defenders the upper hand against adversaries who are becoming more skilled at exploiting identity systems. This recognition is a clear signal that the industry sees ITDR as a cornerstone of modern defense and that Permiso is shaping the way forward.

How Permiso Sees ITDR

At Permiso, we believe ITDR can’t be reactive or piecemeal. It’s not a feature you tack onto existing tools - it’s the control plane for how enterprises detect, investigate, and respond to identity-driven threats.

Our approach rests on three pillars:

1. Discover

    

   Expose every human and non-human identity, shadow account, and hidden privilege across your environments. You can’t defend what you can’t see, and visibility is the foundation of ITDR.

2. Protect
   Harden those identities with risk-based guardrails and context-driven insights. This means not just alerting on misconfigurations but providing actionable recommendations that reduce risk at scale.

3. Defend
   Detect and respond to identity-driven threats as they unfold, with automated and analyst-friendly workflows. From credential misuse to privilege escalation attempts, Permiso ensures defenders are equipped to act in real time.

Powering all of this is the Universal Identity Graph - a constantly updated map of how identities interact with cloud, SaaS, and hybrid systems. Unlike point-in-time scans, this graph offers living context. It enables defenders not just to see activity but to understand intent.

This philosophy is why we often say: ITDR isn’t just about detection. it’s about giving defenders the context and control they need to stay ahead of adversaries.

Looking Ahead

The security industry is at an inflection point. Identity is no longer just part of security; it’s becoming the lens through which resilience is measured. As ITDR matures, it won’t be a “nice-to-have”, it will be the foundation of how enterprises defend against modern adversaries.

Being recognized as a Challenger and Fast Mover in the GigaOm ITDR Radar validates our vision, our pace of innovation, and most importantly, the trust our customers place in us. As attackers innovate, so will we. Our roadmap continues to expand detection depth across cloud providers, extend automation around remediation, and make it even easier for security teams to operationalize ITDR.

If you’d like to explore how Permiso can help your team strengthen its identity defenses, schedule a demo with our team or visit our solutions page.