If you're at Gartner Security & Risk Management Summit this week, stop by booth 570 to learn how Permiso detects and protects against human and non-human identity threats! Come meet Tobin Sears, Sanjeev Williams, Jared Elder and Paul Nguyen !

Last week I created Permiso Podcaster (automatic video podcast generator) and shared a sample. In this video I walk you through how I built it! - Pulls data from Permiso Security MCP - Claude 3.5 writes a 2-host script - ElevenLabs generates audio - Runway clips FFMPEG

You can't protect what you don't know. We're thrilled to announce the upcoming launch of Permiso Discover, a free identity inventory & visibility for human, non-human and AI. Starting today, you can join the waitlist to gain early access to this powerful platform that helps you

You can't blame a guy for trying :)

After yesterdays test on the Permiso Security MCP, I tried a bunch more basic prompt injection techniques by embedding names and tags in AWS resources with instructions. All available models in Cursor handled this super well. Though I have a bunch more ideas to try!

If you're heading to fwd:cloudsec in a few weeks, we are teaming up with our friends at Tamnoon to host Arcade & Apps. What's better than pizza and arcade games after a long day of conferencing? Space is limited, so reserve your spot by signing up! tamnoon.io/fwd-cloudsec-n…

The Google Threat Intelligence Group said that it’s now aware of “multiple” intrusions into the insurance industry in the U.S. that bear all the hallmarks of the Scattered Spider ransomware group. #cybersecurity #infosec #ITsecurity bit.ly/447yQgG

We're less than a week away from fwd:cloudsec ! Permiso will be out in full force. -Nathan Eades will be speaking on 'The False Sense of Security: Defense Becoming A Vulnerability' on Monday at 10:30AM lnkd.in/gVUNX8yU -We're teaming up with our friends at Tamnoon and

Just a few short days away from fwd:cloudsec! -Michael Newar, Andrew Kraut and Jared Elder will be at the booth. -Nathan Eades is taking the stage at 10:30AM on Monday. Come check out his talk: fwdcloudsec.org/conference/nor… -After a long day of conferencing, come hang out with our

As threat actors pursue LLMJacking more (as Permiso Security found), I’m curious when we’ll see them abusing customer service/customer facing apps. Stealing cloud credentials and using them is hard. Why not just jailbreak LLMs used in web apps for your nefarious purposes?

If you're headed to CAMP IT in Rosemont IL on Thursday, be sure to catch Brian Crockford, Milan Gavran and Austin Hall! Austin will be presenting 'Hiding in Plain Sight: Identity Risk and Threat Detection in a Borderless Enterprise.' campitconference.com/upcoming-on-si…

If you haven't yet, be sure to register for the CloudSecurityAlliance's Non-Human Identity Summit taking place tomorrow and Wednesday! 1aN0rmus will be discussing the important role human identities play in #NHI security. This virtual event is free and you can register here:

Check out Permiso P0 Labs’ latest research about AWS Managed Active Directory compliments of Bleon Proko! Turns out AD default settings inherited from on-prem AD can lead to a Resource-Based Constrained Delegation (RBCD) attack in its Cloud counterpart. permiso.io/blog/abusing-d…

Anyone got an AWS Active Directory environment they want to let me mess around in? 👀 permiso.io/blog/abusing-d…

Thanks to Marco Lancini for including Bleon Proko's recent blog post on how #AWS Managed Active Directory security vulnerabilities can lead to RBCD attacks in the latest edition of CloudSecList ! cloudseclist.com/issues/issue-2…

There is a 60% chance that my good friend Nathan would be excited about Taylor Swift 's "The Life of a Showgirl" announcement:

I don't know about you, but I'm feeling like my identities are scattered across 22 different cloud and SaaS environments 🎶

Scattered Spider keeps evolving their tactics, and most detection methods are missing the latest changes. Permiso Security's CTO Ian Ahl (1aN0rmus) is breaking down P0 Labs research on their latest TTPs on 8/28. Register: hero.permiso.io/tracking-scatt…

We're busy with quite a few events in the next several weeks, both virtual and in-person. We look forward to meeting new folks and seeing familiar faces! Paul Nguyen is taking the stage this Wednesday for the KPMG Private Enterprise Tech Innovator US Competition at 12pm ET.

ICYMI: Was just perusing the latest CrowdStrike 2025 Threat Hunting report (crowdstrike.com/en-us/resource…) and check this wild timeline for Scattered Spider - from account takeover to Entra ID bulk user export in <5 minutes 👀