Permiso vs Splunk
Side-by-side comparison of AI visibility scores, market position, and capabilities
Davis CA universal identity security platform; raised $18M+; detects identity-based threats across cloud control planes and human and machine identities.
About
Permiso is a cloud identity security company founded in 2021 and headquartered in Davis, California. The company was founded by Paul Nguyen and Ian Ahl, former security leaders from FireEye, Mandiant, and Amazon, to address the rapid growth of identity-based attacks in cloud environments. As organizations moved workloads to the cloud, the cloud control plane — the APIs and IAM systems that manage cloud infrastructure — became a primary attack target. Attackers who compromise cloud credentials can provision malicious infrastructure, exfiltrate data, or pivot laterally across cloud accounts without triggering traditional network-based detection.\n\nPermiso raised $18 million in seed and Series A funding from investors including Base10 Partners, Work-Bench, and Okta Ventures. Its platform analyzes activity from cloud identity providers and control planes — AWS CloudTrail, Azure Activity Logs, GCP Audit Logs, Okta, and others — to build behavioral models for every human user and machine identity. When an identity behaves in an anomalous way, such as an IAM role making API calls it has never made or a user accessing services outside their normal patterns, Permiso generates an alert with full context about what happened and what resources were affected.\n\nPermiso's Universal Identity Graph correlates activity across multiple cloud environments and identity providers into a single timeline per identity, enabling analysts to trace attack chains across organizational boundaries. The platform is particularly valuable for detecting techniques used in sophisticated cloud attacks such as credential theft, IAM privilege escalation, persistence via new IAM roles, and lateral movement between cloud accounts. Permiso also provides a free cloud investigation tool called CloudGrappler used by threat intelligence researchers.
Data platform for security and observability acquired by Cisco for $28B in March 2024. Used by 90 of Fortune 100; 7,500+ enterprise customers globally; flagship SIEM and Splunk SOAR power enterprise security operations centers.
About
Splunk is a data platform for security and observability founded in 2003 in San Francisco, built on the idea that machine-generated data — logs, events, metrics, traces — contains the intelligence organizations need to detect threats, investigate incidents, and ensure digital systems stay available. The company's core technology indexes and searches massive volumes of machine data in real time, enabling security and IT operations teams to answer complex questions across their entire data estate without predefined schemas.\n\nSplunk's flagship product is its SIEM (Security Information and Event Management) platform, used by 90 of the Fortune 100 to detect and respond to security threats. Its broader portfolio includes Splunk Observability Cloud for infrastructure monitoring, Splunk SOAR for security orchestration and automated response, and Splunk IT Service Intelligence for IT operations. The platform's schema-on-read approach and SPL query language give analysts flexibility to investigate novel threats and operational issues that structured databases cannot accommodate.\n\nSplunk was acquired by Cisco for $28B in March 2024, one of the largest cybersecurity acquisitions in history, and has been integrated into Cisco's AI-driven security portfolio. The combination of Cisco's network telemetry and global customer relationships with Splunk's data analytics depth creates a powerful full-stack security and observability offering. Under Cisco, Splunk is adding AI-native features — including AI Assistant for SPL and automated threat detection — to maintain its leadership position as the SIEM market evolves toward AI-augmented security operations.
AI Visibility Head-to-Head
Key Details
Capabilities & Ecosystem
Capabilities
Integrations
Also Compare
Track AI Visibility in Real Time
Monitor how your brand performs across ChatGPT, Gemini, Perplexity, Claude, and Grok daily.