Sonrai Dig maps relationships between identities and data inside public clouds
Sonrai Security announced the Governance Automation Engine for Sonrai Dig, re-inventing how customers ensure security in AWS, Azure, Google Cloud and Kubernetes by automatically eliminating identity risks and reducing unwanted access to data.
This enables enterprise companies to achieve and maintain least privilege, enforce separation of duties, eliminate complex identity risks and lock down critical data. Workflow and role-based swimlanes route alerts and recommend actions to cloud, security, audit or DevOps teams, or deploy remediation bots to address security issues.
The new Governance Automation Engine helps enterprises address critical pain points including security breaches caused by identity policy misconfiguration and data risks that go beyond S3 buckets. It extends to include databases like Amazon RDS, DynamoDB, CosmosDB and many others, addressing disconnects among cloud, security, audit and DevOps teams with widely disparate cloud security toolsets.
“The acceleration of migrations from on-prem datacenters to the cloud presents an entirely new set of challenges for global enterprises that cannot be fully addressed by the security approaches of the past,” said Richard Stiennon, chief research analyst, IT-Harvest. “Security for public clouds must center on effective governance and security of three critical control points – identities, data and platform – to understand, monitor and minimize risk. Effective solutions will be those that go well beyond simply presenting dashboards of cloud provider tools and bring entirely new identity and data analytics to the mix.”
Cloud security complexity
For enterprise organizations, public cloud expansion quickly leads to hundreds of cloud accounts, thousands of data stores and tens of thousands of ephemeral pieces of compute involving multitudes of development teams. Improperly set up, this growing array of interdependencies and inheritances can open up many security risks such as over-permissioned identities, separation of duties risks and excessive access paths to critical data. Legacy cloud security tools have failed to address identity and data complexity and either miss critical vulnerabilities or send continuous alarms, creating high levels of noise that overwhelm security teams’ resources and lead to inaction.
The Sonrai Dig platform builds a comprehensive graph detailing every relationship between identities (people and non-people) and data that exist within cloud platforms like AWS, Azure, GCP and Kubernetes. Analytics provided atop that graph allows users to understand risk, eliminate risk and monitor it continuously. Swimlane workflows enable escalations, certifications and risk-exception handling and provide role-based access control for workloads, teams and cloud platforms to ensure adherence to policy.
New automation capabilities
The Governance Automation Engine for Sonrai Dig automatically dispatches prevention and remediation bots and provides safeguards in the form of code promotion blocks. Helping to ensure end-to-end security in public cloud platforms, Sonrai Dig also fosters excellence in the application lifecycle and in DevOps by preventing users from promoting code to the next stage of the development cycle if public cloud security requirements are unmet.
Extensive integration ecosystem
Sonrai Dig and its growing integration ecosystem have worked closely to ensure cross-platform compatibility through API integrations including:
Public Cloud: AWS, Azure, Google Cloud (GCP), Kubernetes
IAM: AWS IAM, Azure AD, GCP IAM
Audit: AWS CloudTrail, Azure activity logs, GCP Stackdriver
Data Stores: DynamoDB, RDS, Cosmos DB, Data Lake, SQL, Big Table
Key Stores: KMS, HashiCorp Vault
Infrastructure: WAF, Cloudfront, ELB Compute: ECS, Lambda, Azure Serverless
“Enterprise companies’ explosive expansion of cloud-native development creates a dizzying number of ways people and non-people identities access corporate data, creating unacceptable risk,” said Brendan Hannigan, CEO, Sonrai Security. “Sonrai provides unique technology to find and eliminate all of these risks, in a way that aligns with how applications are developed in today’s world. Our swimlanes, workflow and remediation capabilities are integrated seamlessly to automatically de-risk complex environments and represent an entirely new and effective approach to security.”