Permiso Security News

Permiso, the pioneer in real-time identity security, has released a suite of three open-source tools that help security teams bolster their detection capabilities for a variety of different attacks. The P0 Labs team, the threat research arm of Permiso has launched a total of ten open-source tools to date, developed from their ongoing threat research and observations from real-world attacks. YetiHunter, CloudGrappler Earlier in 2024, Permiso launched YetiHunter, an open-source tool that detect...

Permiso, the pioneer in real-time identity security, released SkyScalpel, an open-source tool that helps both offensive and defensive security professionals understand how policies could be obfuscated by threat actors in order to go undetected in an environment. JSON-based policies in cloud environments, particularly in AWS, dictate what resources users and systems can access and the actions they can perform. However, these policies can be susceptible to obfuscation—a technique where bad...

Permiso, the pioneer in identity security, has announced the launch of their Universal Identity Graph to provide risk and threat visibility for all identities, in all environments. The Universal Identity Graph combines industry pioneering Identity Security Posture Management (ISPM) with Identity Threat Detection and Response (ITDR) to provide the most comprehensive identity security solution in the market. Identity infrastructure “For most organisations, identity security is incredibly...

After successfully detecting cloud identity-based attacks that bypassed existing security solutions and closing multiple six and seven-figure licence deals with Fortune 500 customers, Permiso has raised a $18.5m Series A led by Altimeter Capital with participation from Point72 Ventures. Permiso's unique library of detection signals feeds into their unified threat prevention, detection and response platform to provide organisations unprecedented visibility into their cloud environments. S...

Permiso, a Palo Alto-based identity threat detection and response startup, has announced the launch of CloudGrappler, an open-source tool designed to help security teams quickly detect threat actors in their Azure and AWS environments. The tool built off the foundation of Cado Security’s Cloudgrep project, offers enhanced detection capabilities culled from the tactics, techniques, and procedures (TTPs) of modern cloud threat actors like LUCR-3 (Scattered Spider).  Open-source tool...

Permiso, an identity threat detection and response startup, is offering complimentary, private threat briefings with the P0 Labs team on attacks against the identity provider (IdP) control plane, a common attack vector by multiple threat groups over the last few months.  Attacks against identity providers have been responsible for breaching environments in several high-profile attacks over the last months including MGM and Caesars back in September 2023.  Identity-first security stra...

Permiso, a cloud detection and response startup, is making good on its promise of finding evil in cloud environments by offering complimentary private threat briefings with the P0 Labs team on Scattered Spider, the threat actor group responsible for orchestrating multiple well-known campaigns against cloud environments, most recently targeting MGM and Caesars earlier this month. Snapshot solutions “An identity-first security strategy is paramount to defending against modern threat actors...

Permiso, a Palo Alto-based cloud detection and response startup that finds evil in cloud environments, has released the findings of its 2023 Cloud Detection and Response Survey that reveals an alarming paradox among cloud security professionals. While many respondents admitted to leveraging high-risk practices and behaviours in their cloud environments, they remain confident that their security tools and processes will protect their organisations against well-orchestrated attacks. That hi...

Rubrik, the Zero Trust Data Security™ Company, unveiled new user intelligence capabilities designed to empower organisations to become more proactive in the fight against ongoing cyber attacks. Rubrik aims to deliver cyber resilience across both the data and users, including new User Intelligence, so organisations can work to proactively prevent attacks from happening before they cause significant damage.  Addressing data security needs Data remains highly vulnerable to cyber incid...

Permiso.io, a Palo Alto-based startup that provides the first of its kind in cloud identity detection and response for cloud infrastructures, announces a $10 million seed funding round with participation from institutional investors and angels. The round was led by Point72 Ventures and included Foundation Capital, Work-Bench, 11.2 Capital, Rain Capital, as well as numerous security industry leaders such as: Jason Chan, former VP of Information Security at Netflix; Talha Tariq, Chief Security Of...