Permiso, a leader in real-time identity security, has announced a major enhancement to its platform, now offering comprehensive security for AI identities. The update covers AI users, AI builders, and AI agents, providing organizations with a unified platform to protect all digital identities against cyber threats.
The enhanced Permiso solution is distinctive in the market as it integrates AI security into its core identity framework, offering the same level of coverage that has made the platform the industry benchmark for human, non-human, and vendor identities. Unlike traditional approaches that rely solely on static configuration tracking, Permiso focuses on runtime intelligence to monitor actual AI activity. This approach reveals how AI is being used in real-time, offering insights that static tracking alone cannot provide.
“Your AI security posture is only as strong as your overall identity security program,” said Jason Martin, Permiso co-CEO and co-founder. “Identity is central to any robust security strategy and crucial for safely operationalizing AI. Each identity carries its own risk, yet all must be authenticated and authorized to access critical systems and data. As organizations deploy hundreds or thousands of AI agents, having a single platform to inventory them, assess identity risks, and monitor activity in real-time is essential to eliminate blind spots and prevent identity-driven threats.”
Cyber Technology Insights : The National Cyber Security Agency (NCSA) – State of Qatar Partners with ISASecure
The platform’s new AI-focused capabilities provide detailed visibility into AI usage, enabling security teams to understand not just who has access, but exactly how AI is being utilized—covering specific AI services and activities. This visibility is vital for identifying vulnerabilities, mitigating risk, and defending against potential attacks.
“AI isn’t a separate silo—it’s an identity challenge,” explained Permiso CTO Ian Ahl. “Our platform identifies every AI identity, whether human or non-human. We track static exposures and monitor live activity so organizations can safely adopt AI without increasing their attack surface.”
Permiso classifies AI identities into three categories:
- AI Users: Employees and stakeholders interacting with AI services like ChatGPT, Microsoft Copilot, Claude, and similar platforms.
- AI Builders: Developers or teams creating, modifying, or deploying AI models and applications.
- AI Agents: Autonomous AI systems operating within enterprise environments.
“As AI initiatives scale, companies realize that identity security is critical for protecting AI users, builders, and agents. Applying established identity security principles, such as runtime monitoring and static tracking, to AI identities addresses a major gap in enterprise security,” noted Todd Thiemann, principal analyst at Enterprise Strategy Group.
Cyber Technology Insights : OX Launches VibeSec to Prevent Vibe Code Vulnerabilities From Ever Being Generated
Key AI identity security features in Permiso include:
- Shadow AI Detection: Identifying unauthorized employee use of personal AI accounts, which can increase organizational risk.
- Federated Authentication Alerts: Notifying teams of unauthorized AI service access.
- Permission Analysis for AI Agents: Identifying agents with excessive permissions, some of which are up to 90% unused, mirroring patterns seen in other identity types.
- Sensitive Data Oversight: Detecting sharing of sensitive information with external AI models, whether initiated by humans or autonomous AI agents.
“Organizations must view AI through the lens of identity. Whether it’s an employee, developer, or AI agent, security boils down to who has access, what they can do, and how those actions are monitored,” said Terrick Taylor, Security Operations Manager at YAGEO Group.
Cyber Technology Insights : Hack The Box Launches Threat Range to Advance Security Operations Teams’ Readiness
To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com
