Permiso raises $10 million to strengthen its engineering team and expand its customer footprint


Permiso announced a $10 million seed funding round with participation from leading institutional investors and angel investors.

The round was led by Point72 Ventures and included Foundation Capital, Work-Bench, 11.2 Capital, Rain Capital, as well as numerous security industry leaders such as: Jason Chan, former VP of Security at information at Netflix; Talha Tariq, Head of Security at Hashicorp; Travis McPeak, Product Security Manager at Databricks; Tyler Shields, CMO at JupiterOne; and Brandon Dixon, founder of PassiveTotal. Additionally, Sebastian Goodwin, CISO at Nutanix; Alek Armani, CISO at, Julien Soriano, CISO at Box; Caleb Sima, CSO at Robinhood, and Tim Byrd, CISO at TIAA have joined Permiso in advisory roles.

Permiso investor and advisor Jason Chan, who led Netflix’s cybersecurity program for ten years, insists that cloud security must be identity-driven: “Identity is as close to a silver bullet as than in the cloud. If you get it wrong, you face significant risks and challenges in effectively securing your business,” Chan said.

Permiso Security brings the first of its kind in cloud identity detection and response for your public cloud infrastructure. While engineering and infrastructure teams aggressively adopt the public cloud, security teams are drowning under the millions of activities and changes made daily by human and machine identities.

At the speed of the cloud, the ability to identify suspicious or malicious behavior by these identities is nearly impossible. Permiso has pioneered a unique identity-based detection and response platform to profile and monitor the identities and credentials of humans and machines to detect malicious or anomalous behavior that could indicate compromised credentials, policy violations, or insider threats.

Today, customers are leveraging Permiso to gain visibility into their identity landscape to achieve these key results:

  • Mature their security programs in the cloud – As companies migrate to the cloud, identity practices shift from high levels of human access and evolve primarily towards machine access and automated changes. Companies use Permiso to measure their progress towards their identity and access management goals of secure access methods and minimized human access, as well as change management goals of reducing or eliminating induced change by the man.
  • Detect credential abuse – The myriad cloud credentials (passwords, access keys, certificates, key pairs) make it difficult to detect potential abuse by attackers or insiders. The ability to profile each identity and credential allows Permiso to detect anomalous and malicious abuse of any cloud access credential.
  • Investigate smarter and faster – With over 11,000 different privileges and event types, it’s impossible for security teams to remember and understand them all. Enterprises use Permiso to create a cohesive story and timeline using identity as narrator and translator in support of their incident response and investigations.

“Permiso opens up unique visibility into my cloud infrastructure environment that I don’t currently get from cloud security posture management (CSPM) or SIEM. The ability to measure the maturity of my governance program of identities helps me proactively identify the risks associated with insecure identity practices and detect threats in real time within my cloud infrastructure from these identities,” said Erik Bataller, vice president of information security for ACV Auctions, a current Permiso client.

The company is founded by co-CEOs Paul Nguyen and Jason Martin, technical director Stephen Demjanenko and vice president of engineering Phani Modali. Prior to founding Permiso, Nguyen was senior vice president of product strategy and product management, and Martin was executive vice president of global engineering and security products at FireEye.

They each joined FireEye separately through acquisitions of their previous companies, Invotas and Secure DNA. Demjanenko and Modali held senior engineering and product leadership positions at Meraki and FireEye, respectively.

“Permiso was founded with the goal of identifying the next evolution in cloud security,” Nguyen said. “After being in the security industry for 20 years, it’s a bit of deja vu again with cloud security. Today’s cloud security tools started like we did 20 years ago with solutions to gain visibility into what’s in my environment and ask myself, “Am I vulnerable?” We saw the next evolution with the advent of advanced persistent threats at the time and the emergence of detection and response solutions like FireEye, which is the opportunity we see for Permiso today in the public cloud. .

“We’ve conducted hundreds of customer interviews and worked with more than 10 co-development customers over the past year and find that when it comes to cloud infrastructure runtime security, most organizations collect data in their SIEM or a data lake; however, they can’t really understand quickly or in a way that answers the questions their security and cloud infrastructure teams have,” Martin explained.

With the $10 million round, Permiso intends to continue to grow its engineering team, expand its current customer base, and build partnerships.

“Permiso’s identity-based execution approach bridges the current gap in cloud security expertise by giving security teams greater visibility into user activity in the cloud. which results in better controls and more precise remediation of malicious activity,” said Noah Carr, Partner at Point72 Ventures. “We expect Permiso to become a critical part of the cloud security stack as organizations continue to adopt and rely on cloud infrastructure to run their businesses.”


About Author

Comments are closed.