Our Field CTO and Director of Sales Engineering, Jeff Moncrief, was recently featured on the ISTARI Voices podcast. The topic at hand was ‘Demystifying Zero Trust’ for modern enterprise and shifting the security paradigm from devices and boundaries to Identity. In case you missed the podcast, we’ll cover some highlights right here.
- Sonrai is a new wave of Zero Trust moving away from endpoint security, mobile device or IoT security, but instead focusing on securing public cloud platforms like AWS, Azure, GCP, and the risk relationships between the many resources, services, data and identities in the cloud.
- Zero Trust at Sonrai is establishing whether all the communications and permission pathways between resources, data and identities are needed, and if not, getting rid of them.
- Cloud risks are vastly different from on-prem threats. Per Jeff, ‘Identity is the new network.’ The same concepts of environment recon and lateral movement by threat actors is the same, but the avenue has become Identity.
- Sonrai illuminates permission paths in the cloud, for example how one single serverless function can be connected to a VPC, and that VPC can be connected to an internet gateway, but that severless function is also connected to an API Gateway, in addition to having permission to access a role, revealing how many potential access point there are, only exacerbating risk.
- Jeff walks through potential attack paths and how Identity plays a critical role in the process – Sonrai coins these as ‘identity chains’.
- The danger that person, and non-person identities pose being over-permissioned.
- Jeff explains what a business needs to do to avoid these common pitfalls.
- Not only does Sonrai handle Identity risks, but the platform takes security alerts and pieces together the story to give you an end-to-end picture detailing you e.g. have a vulnerable workload, which is attached to the internet and publicly exposed, and it can be exploited to access a privileged identity, ultimately able to access sensitive data. Now you have a data breach.
- Jeff reviews how Sonrai not only illuminates how identities can access data, but how it can work backwards to discover and classify data and then reveal who and what can access it. Other tools cannot work from data to Identity the way Sonrai can.
Looking to learn more about Sonrai’s platform, Dig? Have questions for our cloud security experts? Start a conversation today by contacting us for a demo.