Permiso brings FICO-style risk scores to human, machine and AI identities
Unified identity security platform provider Permiso Security Inc. today launched the Risk Score Engine, a model that assigns continuous, multidimensional risk scores to every human, machine and artificial intelligence identity across an organization’s environment.
The tool produces three outputs. Identity Risk Scores rank which identities carry the most risk, Session Scores flag activity that needs immediate investigation, and Organization Risk Scores roll everything into a single tenant-level metric that can be benchmarked against peers. Permiso likens the result to a FICO credit score for identity risk.
The pitch addresses a question Permiso argues most security teams still cannot answer: Across every environment, what is an organization’s overall identity risk and what is driving it? Getting there requires visibility into every identity type plus runtime data on what each identity is doing at any given moment. Most organizations have neither, the company says. Instead, they assign identities a fixed risk tier based on privilege level or lean on alerts that fire only after a detection.
Each identity gets a score from 0 to 100, built from three separate measures. One tracks behavior and flags when an identity does something out of character. A second estimates how likely the identity is to be compromised. The third weighs impact, meaning how much damage it could do if misused. Permiso says keeping the measures separate is the point. Two identities can land on the same composite score for very different reasons. The breakdown tells a team which one to chase first.









