Sonrai Security’s workload security capabilities remove risks across customer’s public cloud

Sonrai Security announced its expansion into Cloud Workload Protection (CWPP), with new capabilities that enable enterprise companies to appropriately react to host-based threats according to their immediate severity and business impact.

This announcement expands Sonrai’s comprehensive cloud security platform that already incorporates Cloud Infrastructure Entitlements Management (CIEM), Cloud Security Posture Management (CSPM) and data security functionality.

As a recent report from Gartner notes, “The shift to cloud-native application development using container-based application architectures, microservices-based applications and adoption of serverless PaaS requires new CWPP capabilities both for development and at runtime. Cloud-native applications require specific solutions designed to address the protection requirements of cloud-based systems. With immutable infrastructure, CWPP protection strategies will shift to a zero trust mindset and focus on application control and container lockdown (default deny/zero trust) at runtime, with a stronger emphasis on scanning for vulnerabilities before deployment.”

Sonrai Dig delivers a cloud security solution that unearths, prioritizes and removes risks across every part of a customer’s public cloud. Sonrai Dig uniquely enables customers to see everything – including inventory, activity, identities, data and workloads – and to map every possible access path to data in their clouds. By linking workload vulnerabilities into Sonrai’s Identity Graph, the most critical risks are rapidly identified and remediated.

“Sonrai’s strategy that combines unified security for posture, identity, platform and workload security, data discovery and classification, and security framework mapping into one product is exactly what I needed to secure our growing cloud environments,” said Jeff Farinich, SVP Technology Services and Chief Information Security Officer at New American Funding. “Today many security vendors neglect to include support for NY DFS 23 NYCRR 500 in their product, but Sonrai was able to add those control mappings in 24 hours which showed the agility of innovation.”

New workload security capabilities include:

• Ability to drill down on specific vulnerabilities to fully understand ‘blast radius’
• ‘Risk Amplifiers’ uncovered by the Sonrai identity graph which prioritize vulnerabilities with access to critical data, that give access to high privileges or those exposed externally
• Extensive ability to uncover PII and other risks including classification of data on hosts
• Establishment of team-based remediation workflows

“This extension of our platform with workload security sets a new bar for the industry and is the next step in the strategy of Sonrai Security to address every aspect of cloud security,” said Brendan Hannigan, CEO, Sonrai Security. “Very large enterprises appreciate the breadth of capabilities Sonrai delivers for them — all beautifully integrated into one cloud security solution.”