Concept: California’s technology startup Permiso has rolled out an identity-based detection and response platform for public cloud infrastructure. The platform focuses on providing visibility into identities in cloud infrastructure at runtime along with profiling behaviors. It can enable improved detection and response for security issues in the cloud.
Nature of Disruption: The platform works by monitoring cloud identities including both human and machine identities and profiling the identities to detect anomalous and potentially malicious behaviors. These behaviors can point to issues including a compromise of credentials, a policy violation, or an insider threat. The startup claims that the new platform can be used to measure progress towards identity and access management goals, detect credential abuse, and perform faster and more intelligent investigations. It builds an identity graph to understand all the identities that are in the environment, how the identities relate to each other, and the permissions and permission boundaries associated with them. The identities include human user identities, machine identities, third-party vendors that operate within the cloud environment, and identities of the cloud service providers. It scans the identity graph for permission vulnerabilities that would allow a compromised identity to increase its access or extend its behavior beyond its known and allowed access. The platform also builds a run-time graph that enables the users to know what activities the identities are performing. With the two graphs, the platform enables the users to see the identities in the cloud platform, their activities, and the extent of their permissions.
Outlook: The majority of present days security breaches in the cloud platform stem from identity-related issues. Identities within cloud infrastructures have multiplied rapidly driven by both cloud migration and business transformation. Organizations are finding it difficult to monitor the activities of the identities in the cloud platform. Permiso claims that its identity-based cloud security solution can help to detect and mitigate the risk posed by doubtful identities in the cloud platform. The startup claims that its identity-based cloud security solution is the first of its kind for public cloud infrastructures. In January 2021, the startup raised $10M in a seed funding round led by Point72 Ventures with participation from Foundation Capital and Work-Bench. It aims to use the funding to expand its engineering and research and development teams.