Permiso, the pioneer in identity security, has announced the launch of their Universal Identity Graph to provide risk and threat visibility for all identities, in all environments.
The Universal Identity Graph combines industry pioneering Identity Security Posture Management (ISPM) with Identity Threat Detection and Response (ITDR) to provide the most comprehensive identity security solution in the market.
Identity infrastructure
“For most organisations, identity security is incredibly siloed. Identity providers focus on securing the identity infrastructure, a separate solution is adopted to manage IaaS or PaaS, and yet another solution for SaaS. Many times, organisations adopt one solution that focuses on identity posture to mitigate risk, and yet another solution that focuses on threat detection at runtime."
"While organisations benefit from securing these layers separately, it creates a massive blind spot across the authentication boundaries in an environment. We’ve seen how threat actors take advantage of those blind spots when orchestrating identity-based attacks. Permiso’s Universal Identity Graph helps organisations secure all of their human identities and non-human identities across those environments in one centralised location,” said Permiso Co-founder and Co-CEO, Jason Martin.
Front line knowledge
Experience has created more than 1,200 unique detections and more than 500 alert rules in their platform
Permiso, whose team is composed of several former FireEye/Mandiant executives, has detected and responded to hundreds of breaches collectively.
By living in the breach, the team has front line knowledge of threat actor’s TTPs and are able to understand where controls fail for security organisations. This experience has created more than 1,200 unique detections and more than 500 alert rules in their platform.
Permiso's solution
"Permiso's platform provides us with a comprehensive view of our identity risk. With their new Universal Identity Graph engine, we're able to mitigate high-risk identities in real-time, giving us added peace of mind that our most valuable assets are protected,” said Eric Tan, CIO & Chief Security Officer at Flock Safety.
“Permiso's solution has enhanced our ability to detect and respond to threats, making our organisation more resilient to cyberattacks.”
Threat detection solutions
Many existing security posture management and threat detection solutions alert based on atomic events - specific actions performed in an environment that could potentially be suspicious or malicious.
These may include activities such as resetting MFA, logging in from a different geographic location, or database snapshotting. Because each of these events often generate alerts in an environment, many security teams drown in alerts that have no context of the activity that is actually taking place in their environment.
Identity-based threats
Permiso can track identities wherever they go and quickly see identity-based threats in a domain
Permiso’s Universal Identity Graph follows all human (workforce, guest, vendor) and non-human identities (access keys, secrets, services accounts) wherever they go and tie the activity back to the identity that performed them, even when shared credentials are being used.
By monitoring access patterns and behavioural anomalies as identities move across authentication boundaries, Permiso is able to track identities wherever they go and quickly detect identity-based threats in an environment.
Cloud and on-premise environments
Permiso has experienced rapid growth over the last twelve months. After LUCR-3 (Scattered Spider) was able to breach the environments of several large organisations like MGM and Clorox, many teams turned to Permiso to provide the industry’s most comprehensive method to detecting identity-based attacks in both cloud and on-premise environments.
The startup raised a dollar 18.5M Series A in April 2024 and recently added some of the strip’s luxury resorts and casinos to their customer base.