Home

Cloud Identity Is the New Attack Surface — and the Frankenstein of PAM, CIEM, IAM and IGA Is Not the Answer

via Business Wire

P0 Unveils Unified Identity Control Platform to Govern All Access to All Clouds

Identity is the new attack perimeter — and it’s breaking. A recent Cloud Security Alliance report revealed that 95% of organizations experienced a cloud-related breach in the past 18 months. Of those, 99% cited insecure identities as the root cause.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250429697520/en/

In today’s cloud-first world, the volume and velocity of identity-based threats—spanning users, machines, contractors, service accounts and other non-human identities—have outpaced the ability of legacy tools to keep up. IAM, PAM, IGA and CIEM tools each attempt to solve slices of the same problem — with different policies, fractured visibility and overlapping logic. The result? Confusion, complexity and blind spots.

“The cloud changed everything—identity tools didn’t. It’s time to rethink access, not just rebrand it,” said Shashwat Sehgal, CEO and co-founder of P0 Security.

In conjunction with RSA, P0 introduces the Unified Identity Control platform— a cloud-native solution to secure and govern every kind of access, from every kind of identity, across every cloud: AWS, Azure and GCP.

The Problem: Same Identities, Different Rules

Enterprises have spent years stitching together access tools: IAM for provisioning, PAM for credentials, IGA for compliance, and CIEM for visibility. Each was built in isolation — with different controls, different policies, and different assumptions. The result? Four systems trying to govern the same identities, each pointing in a slightly different direction.

Today’s cloud environments are powered by more than just users — they’re driven by scripts, containers, service accounts and workloads. Static roles, manual reviews, and siloed tools can’t keep up. PAM still depends on agents and proxies. IGA still lives in spreadsheets. CIEM still surfaces alerts without action.

Even newer tools are falling short. Several developer-focused PAM extensions are being quietly deprioritized - a sign that narrow tools can’t keep pace with broader cloud governance needs. And with Microsoft sunsetting Entra Permissions Management, the message is clear: identity systems built for the datacenter aren’t scaling to the cloud.

“Temporary access used to be slow, manual, and buried in IAM group sprawl,” said Johnny Chen, DevSecOps Engineer and InfoSec Manager at Finix. “With P0, we grant secure, fine-grained permissions in real time — through Slack or CLI — using workflows that match how our engineers actually work. It’s fast, flexible, and lets us move lean and stay compliant without the usual overhead.”

Introducing P0’s Unified Identity Control Platform

The future of cloud identity security won’t be stitched together from siloed tools. It will be unified — driven by real-time insights, automation and governance that scales with the cloud.

The P0 Unified Identity Control platform delivers four critical capabilities:

Inventory – see and track every identity across every cloud

Visibility is table stakes. P0 continuously discovers and maps every human and non-human identity — across AWS, Azure, GCP, hybrid, and Kubernetes environments. Our real-time identity graph links IDPs, credentials, IAM roles, policies, and actual cloud resource access. It doesn’t just list identities — it shows how access actually works, where it’s risky, and what to do about it.

Security posture – eliminate access risks in real time

P0 surfaces what matters most: stale credentials, overly broad roles, embedded secrets, and lateral movement paths. It calculates blast radius, prioritizes risk, and automatically initiates remediation — routing alerts and actions through integrations like JIRA, Slack, and Teams.

It also includes built-in secrets rotation for non-human identities, helping teams lock down machine access and reduce long-lived credentials across cloud environments.

Orchestration – automate and codify access

Access shouldn’t be a ticket. With P0, it’s automated, auditable, and ephemeral by design. Security teams can define policy once and let P0 handle just-in-time access to VMs, databases, Kubernetes clusters, S3 buckets, and more — triggered directly from Slack, CLI, GitHub or Microsoft Teams.

All access is governed, short-lived, and auto-expiring — aligned to least privilege by default. Just-in-time access is becoming the new standard for security, and P0 makes it frictionless for developers and safe for security.

Governance – enforce continuous, policy-driven control

Compliance shouldn’t slow teams down. P0 enforces continuous governance across all identities — human and non-human — with automated reviews, lifecycle workflows, and always-on audit trails. Policies span IAM, PAM, and IGA requirements, so teams can meet frameworks like SOC 2 and ISO 27001 without adding manual overhead.

What Makes P0 Different

  • Agentless, API-native architecture — no proxies, no jump boxes
  • Deep read/write cloud IAM integrations — not just alerts, but control
  • Unified identity graph — from Okta groups to S3 bucket access
  • Secure-by-design — permission boundaries and short-lived access by default
  • Built for all identities — users, service accounts, containers, and workloads

“This isn’t just another tool — it’s a reset button for access,” said Shashwat. “We’re solving the hardest challenges in cloud identity: fragmented policies, unmanaged machine access, and endless manual provisioning — all in one platform.”

Why It Matters

For security and platform teams struggling to manage sprawling cloud environments and fragmented tooling, P0 delivers a new path forward: clarity over chaos. Governance without friction. Security at the speed of code.

P0 is live, deployed in enterprise environments across financial services, healthcare, B2B SaaS/tech and cloud-native startups — with full deployments completed in under 60 days.

Learn More

To explore the Unified Identity Control Platform and book a demo, visit p0.dev

For Entra Permissions Management customers: Microsoft may be stepping away — but you don’t have to step backwards. P0 offers a fast-track migration program that helps you step off Entra and step up your cloud identity strategy — with your first 90 days free. Ready to step up? →

Contacts