Permiso.io, a Palo Alto-based startup that provides the first of its kind in cloud identity detection and response for cloud infrastructures, announces a $10 million seed funding round with participation from institutional investors and angels.
The round was led by Point72 Ventures and included Foundation Capital, Work-Bench, 11.2 Capital, Rain Capital, as well as numerous security industry leaders such as: Jason Chan, former VP of Information Security at Netflix; Talha Tariq, Chief Security Officer at Hashicorp; Travis McPeak, Head of Product Security at Databricks; Tyler Shields, CMO at JupiterOne; and Brandon Dixon, Founder of PassiveTotal. Additionally, Sebastian Goodwin, CISO at Nutanix; Alek Armani, CISO at Sentry.io, Julien Soriano, CISO at Box; Caleb Sima, CSO at Robinhood, and Tim Byrd, CISO at TIAA have joined Permiso in advisory roles.
Adopting public cloud
Permiso Investor and Advisor Jason Chan, who led Netflix’s cyber security program for ten years, is emphatic that cloud security needs to be focused on identities: “Identity is as close to a silver bullet as it gets in the cloud. If you get it wrong, you face significant risks and challenges in securing your enterprise effectively,” said Chan.
Permiso Security brings the first of its kind in cloud identity detection
Permiso Security brings the first of its kind in cloud identity detection and response for your public cloud infrastructure. With engineering and infrastructure teams aggressively adopting public cloud, security teams are drowning under the millions of activities and changes made daily by human and machine identities. At cloud speed, the ability to identify suspicious or malicious behaviors by those identities is nearly impossible.
Identity-based detection
Permiso pioneered a unique identity-based detection and response platform to profile and monitor human and machine identities and credentials for malicious or anomalous behaviors that could indicate compromised credentials, policy violations, or insider threats. Customers today leverage Permiso to gain visibility into their identity landscape to achieve these key outcomes:
- Mature their cloud security programs – As enterprises move to cloud, identity practices move from high levels of human access and change toward primarily machine access and automated changes. Enterprises utilise Permiso to help measure their progress towards their identity and access management objectives of secure access methods and minimised human access as well as change management objectives around reducing or eliminating human driven change.
Cloud access credential
- Detect Credential Abuse – The myriad of cloud credentials (passwords, access keys, certificates, key pairs) creates complexity in detecting potential abuse by attackers or insiders. The ability to profile each identity and credential allows Permiso to detect anomalous and malicious abuse of any cloud access credential.
- Investigate Smarter and Faster – With over 11,000 different privileges and event types, it is impossible for security teams to remember and understand all of them. Enterprises utilise Permiso to create a cohesive story and timeline using the identity as the narrator and translator in support of their incident response and investigations.
Cloud infrastructure environment
Permiso unlocks unique visibility into my cloud infrastructure environment"
“Permiso unlocks unique visibility into my cloud infrastructure environment that I currently don’t get from a Cloud Security Posture Management (CSPM) or SIEM. The ability to measure the maturity of my identity governance program helps me proactively identify risks from insecure identity practices and detect real-time threats within my cloud infrastructure from those identities,” said Erik Bataller, VP of Information Security for ACV Auctions, a current Permiso customer.
The company is founded by Co-CEOs Paul Nguyen and Jason Martin, CTO Stephen Demjanenko, and VP of Engineering Phani Modali. Prior to founding Permiso, Nguyen was SVP of Product Strategy and Product Management, and Martin was the EVP of Global Engineering and Security Products at FireEye.
Product leadership roles
They each joined FireEye separately via acquisitions of their previous companies, Invotas and Secure DNA. Demjanenko and Modali held senior engineering and product leadership roles at Meraki and FireEye respectively.
Permiso was founded with the goal of identifying the next evolution of cloud security"
"Permiso was founded with the goal of identifying the next evolution of cloud security," said Nguyen. "After being in the security industry for 20 years, it’s a bit of déjà vu again with cloud security. Cloud security tools today started the way we did 20 years ago with solutions to gain visibility into what’s in my environment and asking, ‘am I vulnerable?’”
Infrastructure runtime security
“We saw the next evolution with the advent of Advanced Persistent Threats back then and the emergence of detection and response solutions like FireEye which is the opportunity we see for Permiso today in public cloud.”
“We’ve done hundreds of customer interviews and worked with over 10 co-development customers over the last year and we find that when it comes to cloud infrastructure runtime security, most organisations are collecting data in their SIEM or a data lake; however, they can’t really make sense of it rapidly or in a manner that answers the questions their cloud security and infrastructure teams have,” explained Martin.
Cloud security expertise
With the $10 million seed round, Permiso intends to continue scaling its engineering team
With the $10 million seed round, Permiso intends to continue scaling its engineering team, expanding its current customer footprint, and building partnerships.
“Permiso’s identity-based runtime approach bridges the current cloud security expertise gap by providing security teams with greater visibility into user activity in the cloud, resulting in better controls and more accurate remediation of malicious activity,” said Noah Carr, Partner at Point72 Ventures.
“We expect Permiso to become a critical piece of the cloud security stack as organisations continue to adopt and rely on cloud infrastructure to run their businesses.”
