Highlight

  • The firm is the latest one to join the league of other cloud security startups that have surface since the pandemic hit the world.
  • The platform will now reach general availability in connection with Permiso’s exit from stealth.

Cloud infrastructure identity detection and response firm Permiso announced that it has emerged from stealth (in a confidential state) with a seed funding of USD 10 million. The California-based startup said that its platform is “one of its kind” as it identifies and tracks human, machine, vendor and service provider identities in IaaS and PaaS infrastructures.

Its product is unique because it provides visibility into identities in cloud infrastructure at runtime along with profiling of behaviors. Ultimately, it facilitates better detection and improved response to security issues in the cloud. The platform will now reach general availability in connection with Permiso’s exit from stealth.

The firm is the latest one to join the league of other cloud security startups that have surface since the pandemic hit the world. The pandemic has also led to many organizations rushing to digitize their operations to make work from home a success. The Palo Alto-based company has made a late entry into a market that is already crowded. However, founders Paul Nguyen and Jason Martin believe that their detection responses product is ready for the next wave of cloud security.

The current seed round funding of USD 10 million announced by the firm includes a small angel round that was raised previously. This round of funding was led by Point72 Ventures. Other backers included Foundation Capital, Work-Bench, 11.2 Capital, and Rain Capital. It will use the current funds to expand its team and expand its current customer footprint.

In present times, it has increasingly become difficult for organizations to manage and secure digital identities. Matters have become more complex with the move to the cloud — cloud security skills face supply shortage and steep learning curves for many cybersecurity professionals. A recent study commissioned by One Identity found that nearly all organizations (95%) report challenges in digital identity management.

The platform monitors cloud identities — both human and machine identities — and profiles the identities to determine anomalous or potentially malicious behaviors. These behaviors may well be a sign of issues such as a compromise of credentials, a policy violation, or an insider threat.

Permiso provides organizations with visibility for identities in their cloud infrastructure to provide real insights into who is in the environment and track their activity. The startup claims that this allows for easy and systematic attribution of access, activity and changes occurring in monitored environments. This also helps organizations spot malicious or anomalous behaviors that could indicate compromised credentials, policy violations or insider threats.

Expert view

“We realized that an identity-based approach to detection and response for public cloud was foundational since the majority of breaches today stem from identity-related issues,” Nguyen said. “Our customers consistently brought up the complexity of identity and access management in the cloud and the susceptibility to making mistakes that would inadvertently lead to breaches.”

“Permiso saw this as a unique opportunity to use identity as the center of the narrative, versus today’s approach, which is very asset-centric,” Nguyen said.

The startup is “currently focused on creating an elegant product experience that provides the appropriate and properly curated information to an analyst when they need it” on a set of signals, Nguyen said.

“Building exceptional products means first creating an experience that allows for rapid conviction by a human and then codifying that process computationally and leveraging AI and ML where appropriate,” Nguyen said. “We see too many companies that focus more on their models and forget about the users of their product. We believe that by focusing on the user and using AI and ML in the right way, we will supercharge our customers cloud detection and response capabilities.”