Sonrai Risk Insights Engine: Instant & Actionable Security

4 mins to read

When you turn on a security tool, you want it to be intuitive and impact real operations right away. The last thing your organization needs is a solution that is hard to use or just scratching the surface level problems instead of changing actual operational decisions. A lot of organizations are facing similar challenges: security gaps, compliance concerns, a lack of visibility, cloud complexity, and malicious threats. These challenges push you to then seek third-party security solutions, but a lot of the time these tools overwhelm you with tickets, punitive security scores, and a laundry list of things to remediate with no built-in prioritization. These user-experience challenges are just as much an issue as the security threats you’re trying to ward off.

We know these challenges, and we’ve heard them from the market. That is why Sonrai Security released the industry-first Risk Insights Engine to give an immediate view of all cloud risk and enable you to fix the biggest issues first.

The Sonrai Risk Insights Engine is the foundation of prescriptive, high-impact risk remediation. It tells you exactly what risks have the highest potential impact to your business, and what to fix next. With risk insights, you can:

  • Take the action with the greatest impact to reduce risk and hit your security goals, every day.
  • Measure & communicate your success towards your maturity goal over time.
  • Get automated advice on what goals to set and policies to implement.

Know how much risk you have, where it is, and what you can do about it. Let’s review what Sonrai Risk Insights Engine has to offer:

Top Features

Sonrai Risk Insights

What’s New?

The Risk Insights Engine displays a visual map of your entire cloud & all aggregated risk across it, allowing you to hone in on where help is needed.

Now it’s easier than ever to see yourself using Sonrai and getting value out of it right away. This engine builds upon Sonrai Security’s platform that operationalizes cloud security at scale in the long-term. With Risk Insights Engine, your business can see its full cloud footprint and top actions to remediate weaknesses at any given time, bringing tactical short-term value.

sonrai risk insights

Actionable & Organized

Many CISOs, Cloud & DevOps teams are swarmed with significant security gaps and a lot of potential tickets – but where do you start? How do you visualize so many different risks in different corners of your cloud? Risk Insights Engine offers an organized and visual representation of your cloud & risk with prioritized insights. The platform tells you what your weaknesses are and how to fix them. 

The “Top Insights” widget informs what to do from a strategic and long-term standpoint, complemented by “5 things to do right now” – these are the most important individual risks your team can execute on today. Together, Risk Insights defines your organization’s biggest offenses and top priorities to remediate them.

Separation of Insights vs. Tickets.

The Risk Insights Engine now allows customers to gain value without opting into a ticketing system. This means those just seeking information and insights into their cloud footprint aren’t overloaded with what feels like a punitive amount of tickets. Previously, you had to accept ‘tickets’ in order to gain the insights on cloud risk. Now, your team can view “Insights” and “Issues” separately, allowing you to use the platform how you want to. 

Better User Experience

An excellent feature in Sonrai Security’s platform is the ability to define “swimlanes,” specific environment sensitivities, and therefore tailored security goals and maturity, as your cloud is not homogenous. This requires onboarding, defining swimlanes, and setting up security frameworks to monitor these different environments. Before you do any of this organization, Risk Insights let you see a high-level picture of your risk state and the most critical issues. It’s a way to quickly start your prioritization even before you complete your operationalization of Sonrai’s platform.

Additionally, The Risk Insights Engine offers a brand new home screen design with clear, visual, and organized information making the journey from opening the product to actionable remediation more intuitive.


How do you calculate the Risk Score?

A: Risk score is a snapshot of your current exposure level. It tells you ‘how is my cloud right now?’ It’s calculated based on underlying findings’ categorization within Sonrai’s severity levels. These levels are designed by security experts and normalized over experience with many enterprise clouds. You get an entirely different risk index score for different swimlanes or environments. Your entire cloud estate is not homogenous.

How can I make the Risk Score go down? I want to show progress over time.

A: Since Risk Score is designed to show a snapshot of current health, a big ephemeral cloud will make risk score a noisy metric. Closing a single ticket may not impact the score. Over time, it will show a general trend. The best mechanism to track your performance against goals over time is to set a maturity goal and leverage Sonrai’s reporting there.

What determines which ‘5 things to do right now’ get highlighted?

A: They are the 5 most severe findings in the engine based on all Sonrai intelligence into how data, identity, platform and workloads compound and connect.

How is Top Insights different from ‘5 things you can do right now’?

A: Top Insights is overarching systemic issues we’ve detected in your cloud, they are long-term project based problems. Whereas, 5 things you can do right now are short-term tactical items you can remediate on a Friday afternoon.