Permiso raises $18m Series A to unify threat detection and response in the cloud

Permiso raises $18m Series A to unify threat detection and response in the cloud

Published: 05-04-2024 06:57:00 | By: Pie Kamau | hits: 1740 | Tags:

After successfully detecting cloud identity-based attacks that bypassed existing security solutions and closing multiple six and seven figure license deals with Fortune 500 customers, threat detection startup Permiso, has raised a $18.5 million Series A led by Altimeter Capital with participation from Point72 Ventures. Permiso's unique library of detection signals feeds into their unified threat prevention, detection and response platform to provide organizations unprecedented visibility into their cloud environments.  

Sebastian Goodwin, Chief Trust Officer, Autodesk: ''Permiso has proven to be indispensable to the way we manage and secure identities across multiple cloud environments. The ability to correlate runtime behavior with static risk analysis across our identity providers, cloud service providers, SaaS applications and CI/CD pipelines enables my team to quickly detect suspicious activity in our environment, supporting my team’s mission to protect customer data and provide resilient cloud service to our customers.''

After MGM and Caesars were targeted by LUCR-3 (Scattered Spider) last September, multiple casino groups turned to Permiso’s platform to help defend all layers of their cloud attack surface. In several other instances, Permiso was brought in to help victim organizations that were previously targeted connect the dots of activity in their environment that incumbent, enterprise systems couldn’t provide.  

Erik Kriessmann, Partner, Altimeter: ''We were initially captivated with the impressive commercial traction and love from customers. These customers made it clear that Permiso had rapidly become as critical a pillar in their cloud security stack as Wiz, CrowdStrike, and Palo Alto Networks. Jason and Paul's clarity of vision in anticipating this market need, intimately understanding why other cloud security technologies can't adequately detect identity-based threats at scale, and the completeness of their approach for providing technology to fill those gaps is what gave us conviction to invest.''

Permiso creates a composite, ‘meta’ identity to unify the disparate human and non-human identities within an enterprise and synthesize their runtime activity across the cloud’s attack surface. By providing multi-plane coverage across the layers of cloud environments, Permiso constructs user sessions from disparate runtime events that provides security teams the answer to the question ‘what happened in my environment, and should I be concerned?’  

Ian Ahl, SVP, P0 labs, Permiso: ''We don’t think in product acronyms when figuring out what detections to build - we observe threat actors in the cloud and follow them wherever they go to build detections in our product that find threat actors quickly and help our customers sleep better at night.''

Tracking threat actor activity across authentication boundaries poses serious challenges for security teams. By tracking all entities that are configured to access an environment, whether through federation, role assumption, access tokens, or direct login – Permiso’s run-time graph and activity analysis engine creates high fidelity alerts with immediate attribution and context.  

Jason Martin, Co-founder and Co-CEO, Permiso: ''Over the course of many of their campaigns, threat actor groups have demonstrated how they are able to target the identity provider and move seamlessly from the IDP to cloud hosting providers, and into SaaS and CI/CD environments. By correlating runtime activity across boundaries with static, posture-based information, Permiso can not only help organizations find evil across their cloud environments more quickly than ever, but also use our run-time graph data to make better decisions around control improvements needed to secure their human and non-human identities.''

After delivering for customers and significantly increasing revenue since their seed round, Permiso will use this Series A to rapidly increase integrations and introduce new product capabilities to their customers and the market.  

Permiso emerged from stealth mode in 2022 and was named as one of the SINET16 Innovators. This prestigious award recognizes the 16 most innovative and compelling cybersecurity companies from around the world. Prior to this, they raised a $10m seed funding round from Point72 Ventures, Foundation Capital, 11.2 Capital, WorkBench Capital, and prominent angel investors from the security commu