Latest research, product updates and best practices on staying secure in the cloud | Permiso

Permiso Universal Identity Graph: Why Universal Identity Is Key to Solving Security Siloes

Written by John Filitz | Sep 19, 2024 12:00:00 PM

Permiso Security is excited to announce the release of the Universal Identity Graph, providing identity security risk visibility for all entity identities, including human and non-human, across all environments. 

Rise of cloud security siloes

Organizations are increasingly making use of cloud services for critical business functions. Today every critical services layer is cloud hosted, everything from your identity provider, password vaults, people and customer management, collaboration platforms to CI/CD platforms. In fact, Gartner predicts over 50% of enterprises will be leveraging industry cloud platforms to accelerate their business initiatives. This expansion of cloud services including Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS), has resulted in hundreds of security solutions being developed and deployed to solve specific security use cases in each of these layers. It has unfortunately also led to siloed security tools stitched together which are becoming less effective in detecting and responding to identity security threats that traverse multiple environments.

Alert fatigue

One unfortunate outcome of this siloed approach is that it generates a flood of low fidelity alerts that lack context and correlation. The flood of alerts that the typical organization faces explains why the typical organization is unable to triage 50% of alerts received in a day. It also sets the scene on why solution sprawl and alert fatigue dominate so much of the conversation today. These conversations almost always include discussions over the ROI and the need to consolidate the security stack.

It is also often within this vein that discussions on best-of-breed vs best-of-suite arise as cloud security platforms continue their expansion through acquisition, often with diminishing returns of security value to their customers as a result.

The pain is real

The growing sense of frustration among customers is valid. The low-fidelity, uncorrelated alert volumes that most solutions produce are leaving organizations vulnerable.

This pain is laid bare in the multiple security incidents the Permiso Security team have detected and responded to. Despite having all the well-known brands associated with the SIEMs, CSPMs, XDRs, CIEMS, DSPMs, and SSPMs, and MDRs in the market, most organizations are still unable to determine whether they have been compromised, let alone being able to quickly respond to a multi-environment identity breach.

By relying solely on siloed security solutions, organizations are left with a partial view of their identity attack surface.

One way of understanding whether your organization might be falling victim to this challenge is by asking yourself whether you can at any point in time determine who your top 10 riskiest identities, both human and non-human, are across all environments?

A better way is here

That is why Permiso Security was founded, to comprehensively deal with identity risks and threats across a fragmented ecosystem, with the focus on addressing the greatest threat vector, insecure human, and non-human identities. Through the Universal Identity Graph, Permiso tracks all-entity identities (human and non-human) and their relationships to other identities, credentials, and assets, across multiple environments (IdP -> IaaS -> PaaS -> SaaS).

The Universal Identity Graph is coupled with 1k+ detection rules, combined with ML behavior-based detections which detect anomalous activity as it arises, in-the-moment.

This unparalleled identity security capability provides a birds-eye view of your identity risk, dynamically, in real-time. Now organizations can detect threats like account takeover, credential compromise and insider threat, while reducing the identity attack surface through removing zombie identities and unnecessary privileges.

With Permiso’s Universal Identity Graph you can at any time determine who your top 10 riskiest identities are and proactively manage access and permissions for any environment, not just your IaaS or SaaS services layer.

Only with this unified approach can organizations shine a light on the siloes where threat actors such as LUCR-3 (aka Scattered Spider) hide in their attempt to compromise high value data such as source code.

With the Universal Identity Graph, Permiso can expose potential attack paths for highly privileged identities, while also triggering far fewer, but much higher-fidelity alerts that are tied back to the identity that is actioning them, even when shared credentials are used.

The net result: When an advanced identity attack is underway Permiso alerts to that threat in real time, drastically slashing the Mean Time to Detect and Mean Time to Respond, while keeping your data secure.

Permiso finally provides security leaders and practitioners with a better way to secure all identities consistently and comprehensively for all environments from a single console.

Reach out for a demo.

ABOUT PERMISO 

Permiso’s unified identity security solution bridges the gap between siloed cloud security tools by securing human and non-human identities across the IdP, IaaS, PaaS and SaaS layers. We enable security organizations to harden their identity security posture and detect and respond to malicious activity, which can include account takeover, credential compromise and insider threat aiming to compromise sensitive data.