Security platform provider Permiso Security has launched its Risk Score Engine, a novel model that continuously assigns multidimensional risk scores to every identity type — human, machine, and artificial intelligence — helping organizations quantify their overall identity risk and prioritize security efforts more effectively.
- Provides continuous risk scores for all identity types including AI agents
- Combines posture data, behavioral anomalies, and impact potential for granular risk assessment
- Enables dynamic session scoring and organization-wide risk benchmarking
What happened
Permiso Security Inc. announced the launch of its Risk Score Engine, a new capability within its unified identity security platform designed to assign continuous, multidimensional risk scores to all types of identities inside an organization. This includes human users, machine accounts such as API keys and service accounts, and increasingly prevalent AI agents.
The Risk Score Engine produces three outputs: Identity Risk Scores highlight the riskiest identities, Session Scores assess ongoing activities needing immediate attention, and Organization Risk Scores aggregate overall identity risk into a single tenant-level measure that can be benchmarked against peers.
Why it matters
Many enterprises struggle to accurately measure identity risk due to limited visibility and reliance on static risk tiers or reactive alerting systems. Permiso’s engine addresses this gap by continuously correlating static posture data with live behavioral signals, offering a real-time, FICO-style risk score that helps security operations identify and prioritize threats proactively.
The solution’s distinctive approach separates behavior, likelihood of compromise, and impact into different measures, enabling teams to understand and prioritize risk more effectively. It also supports scoring of AI identities, which represent a fast-growing but undergoverned category in modern enterprise environments.
What to watch next
The adoption of continuous, multidimensional identity risk scoring could influence how security teams scale their identity governance and threat detection efforts, especially as nonhuman and AI identities multiply in complexity and number. Observing how organizations integrate and respond to the Risk Score Engine’s insights will be key.
Future developments could include tighter integrations with existing identity providers and security information platforms, enhancements in session-level threat triage, and evolving benchmarks that reflect emerging identity risk patterns across industries and regions.