Permiso Security has won the 2026 SC Award for Best Threat Detection Technology, announced on March 24 during
RSAC 2026 in San Francisco.

This marks the second consecutive year Permiso has been recognized at the SC Awards. In 2025, the company won Most Promising Early-Stage Startup. This year, the recognition moved from the company's promise to its product: the identity security platform that detects and responds to threats across human, non-human, and AI identities in cloud, SaaS, CI/CD, and on-premises environments.

The Best Threat Detection Technology category recognizes solutions that deliver detection and remediation capabilities across the full attack surface. This year's finalists included CrowdStrike, ExtraHop, Gurucul, and Oligo Security. The judging panel, composed of CISOs and cybersecurity practitioners, evaluates solutions based on real-world impact, innovation, and measurable outcomes for security teams.

Why Identity-First Threat Detection

The most damaging breaches over the past two years have not started with malware or network exploitation. They have started with stolen credentials, compromised service accounts, and hijacked identity sessions. Threat actors like LUCR-3 (Scattered Spider) proved that controlling an identity means controlling the environment. Traditional threat detection architectures built around endpoints and network traffic catch these attacks late, if they catch them at all. Permiso was built on a different premise: identity is the primary detection surface. Every detection starts with an identity, what it is, what it can access, what it is doing, and whether that behavior deviates from its established baseline.

This applies equally to workforce users, service accounts, API keys, OAuth tokens, IAM roles, and AI agents. Covering all three identity types in a single detection model matters because attackers do not stay in one lane. A breach that starts with a compromised human credential pivots to a service account for persistence, then uses an AI agent's execution role for lateral movement or data access. If detection only covers one identity type, the attacker disappears from view the moment they pivot..

What the judges evaluated

The Permiso platform's threat detection capabilities are built on two foundations.

The Universal Identity Graph unifies every identity type across cloud, SaaS, CI/CD, and on-premise environments into a single model. It maps not just who each identity is, but how identities connect to each other, what permissions they hold, and what they are doing at runtime. Human users, service accounts, API keys, OAuth tokens, IAM roles, and AI agents are all represented in one graph. This is the visibility layer that makes identity-first threat detection possible.

P0 Labs is Permiso's in-house threat research team. The team contributes over 1,500 detection signals tied to real-world adversary tactics, built from direct breach response experience and continuously updated as attack patterns evolve. P0 Labs has also released 13 open-source security tools to date, contributing research and detection capabilities back to the broader security community.

Together, these two foundations mean that Permiso does not retrofit identity context onto endpoint or network telemetry. Every detection starts with an identity: what it is, what it can access, what it is doing, and whether that behavior is consistent with its established baseline. Customers consistently point to the platform's ability to deliver visibility and detection that their existing security stack does not provide, cutting through alert noise from tools that were not built for identity-first detection.

Back-to-back SC Award wins

The trajectory over the past twelve months tells the story:

• 2025 SC Award: Most Promising Early-Stage Startup
• 2026 SC Award: Best Threat Detection Technology

Winning the threat detection category in 2026 reflects how quickly identity-based detection has moved from an emerging concept to an operational necessity. It also reflects a gap that existed before Permiso: organizations had endpoint detection, network detection, cloud detection, and SIEM correlation, but no purpose-built system that treated identity as the primary signal across all of those surfaces.

What's next

Awards are recognition of what has been built. The work continues. Identity-based attacks are not slowing down. Non-human identities now outnumber human ones by an order of magnitude in most enterprise environments, and AI agents are adding a third identity type that is growing faster than either. The attack surface is expanding, and the detection capabilities need to expand with it.

Permiso's roadmap reflects this. The platform continues to deepen its coverage across human, non-human, and AI identities, with new capabilities shipping regularly. If you are attending RSAC this week, reach out to see the platform in action. If not, visit permiso.io to learn more.

To the SC Awards judges and the CyberRisk Alliance team: thank you. To the security teams running Permiso in production every day: this award is a reflection of the problems you trusted us to solve. We do not take that lightly.

Read the full SC Award Permiso profile: 2026 SC Award winner Permiso Security — Best Threat Detection Technology