Permiso Security, the identity-based detection and response platform for cloud infrastructures, helps provide visibility for who is using the environment and monitor all activity associated with those identities. The platform aims to shorten the OODA (Observe, Orient, Decide, Act) loop, while helping traditional on-premises security professionals transition over to cloud security. The company recently launched from stealth with $10 million in seed funding.
In this episode of TFiR LaunchPad, Swapnil Bhartiya sat down with Paul Nguyen and Jason Martin, Co-CEOs and Co-Founders of Permiso Security, to discuss how the company is taking a new approach with how identity is managed and tracked in cloud security. Nguyen says, “The next evolution that usually comes is when the attackers see the opportunity as really ripe targets to go attack and really get a good return on their investment in terms of their time, the attacks are to mount. And then at that point you need another class of products, which will be more around the detection and response side.”
Key takeaways from this video interview are:
- The current state of cloud security is predominantly focused on what is in the cloud environment, such as how it is configured and having visibility of all the assets. The next evolution will be more around detection and response.
- Permiso aims to help seasoned traditional security professionals, who have a wealth of on-premises security experience, transition over to cloud security. One of the ways the company is doing this is by breaking down the profile of activity and patterns in the cloud against Mir, a framework used widely by security professionals.
- One of the challenges of transitioning to cloud security is because a lot of traditional sets of data such as network data, host data, and threat intelligence, are abstracted out because of how AWS sets up their services. This translation issue is contributing to why there is a shortage of cloud security professionals.
- More emphasis is being placed on prevention; however, a full stack of prevention, detection responses is needed to effectively mitigate risk. Permiso’s product is multi-purpose providing visibility into the environment as well as detecting potential malicious activity.
- More security controls are being pushed on development teams into CI/CD. However, there can be a skill gap with developers not having the learning or experience to handle these security responsibilities effectively.
- Some of Permiso’s customers used to previously go to 20 different places and log sources that are disaggregated to try to understand what was happening. However, Permiso aims to shorten the OODA loop by bringing together meaningful information and presenting it so that it is easier to understand.
- Although the identity market is mainly focused on cloud identity entitlement management, Permiso predominantly focuses on the space where abuse and misuse of credentials by external threat actors can be detected.
- Although exposed secrets are the number one vector today, often they are not intentional and can be where developers accidentally expose keys and repos.
- Permiso is forming partnerships to help them get a comprehensive picture of what is happening in their environments. The company has been talking to Okta as it is part of the authentication chain, as well as companies such as Splunk and Snowflake.
- Permiso is looking to expand into other areas of either telemetry that we can build natively and collect natively or integrating with other partners, allowing them to get that visibility or expand the visibility of what they are seeing in those environments.
About Paul Nguyen: Prior to Permiso, Paul served as the SVP of Product Strategy and Product Management at FireEye via the acquisition of his prior start up, Invotas. Paul was one of the pioneers of the Security, Automation, Orchestration, and Response (SOAR) industry with Invotas. He brings 20+ years in the security industry with companies such as @stake, Neohapsis, Deloitte, and Symantec.
About Jason Martin: Jason was an Executive Vice President at FireEye where he has served in leadership roles in product management, R&D, engineering and cloud operations. Prior to FireEye, he was President and CEO of SecureDNA (acquired: FEYE) which provided innovative security products and solutions to enterprises and government agencies throughout the United States and Asia. Jason also served as Chairman of Authy.com (acquired: TWLO) and currently sits on the advisory board for OneMedNet and the Board of Directors for ShieldX. Jason has also co-authored several books covering various cyber security domains and is co-founder of the ShakaCon security conference.
About Permiso Security: Permiso brings the industry’s first identity-based detection and response solutions for cloud infrastructures. Customers trust Permiso to bring world-class detection and response capabilities for one of the most challenging areas of identifying compromised credentials, insider threat, and policy violations.
The summary of the show is written by Emily Nicholls.