Your cloud identity security posture revealed

Get a comprehensive view of where your cloud identity risks are in 24 hours, with specific next steps to maximize your remediation value.

Free Cloud Identity Risk Audit

Discover Cloud Identity Risks

Get a snapshot of your identity security within 24 hours across your public cloud. See which privileged identities could compromise your cloud in ways not originally defined in IAM controls.

Easily Understand & Share Insights

Understand what needs to be done to reduce the risk of your cloud – and share it with any stakeholder. Evaluate all lateral movement paths that lead to sensitive privileges or traverse across cloud accounts – or even across cloud service providers.

Immediately Fix Risks

Get recommendations on what systemic identity risks you have – and the specific risks that should be fixed right away. See exactly what resources and identities are creating the most risk.

How we run this audit

Sonrai assumes a read-only role in your cloud that can be defined and controlled by you. This role only passes encrypted metadata to Sonrai. Sonrai ingests activity logs and permission configurations across all layers of the cloud, as well as metadata from over 150 cloud services. Patented analytics then piece together a comprehensive graph of all interlocking identities, unique permissions, and data/infrastructure/services affected, highlighting risky access paths and toxic privilege combinations.

Find the gaps in your identity posture, fast

Cloud security requires a deep understanding of access and permissions. Sonrai’s Toxic Permissions Analyzer reveals every attack path by decoding how complex policy layers interact to grant Effective Permissions. Indirect escalation scenarios, inherited admin rights, and hidden cross-cloud and cross-account trust are revealed by patented analytics, showing you where to break the attack chains that threaten your cloud the most.

Risk Scorecard

Know why it matters and where to start

Every type of identity risk is explained: what it is, the resources it’s affecting, and its relative importance to your security posture. Everything is stack ranked by impact to your cloud, and actions are recommended for immediate, mid-term, or long-term remediation.

What cloud security pros are saying about CID

“Setup was quick. Intel came in a day. And before our next quarterly security review, we had removed thousands of paths to data and removed machine identities that IAM didn’t register as admins. Just finding this identity risk anywhere else would take months.”

Director, Cloud Security, Fortune 1000 company

“Sonrai is one of the leaders in this space, both from a product maturity perspective, and the thought leadership.”

Director of IT, Banking Industry

Source: Gartner Peer Reviews

“Sonrai offers full visibility into effective permissions and the identity chain – giving my team value insight to identify, root cause and remediate identity risks.”

Enterprise Customer

Source: G2

Cloud Identity Risk Audit FAQ

What is Sonrai?

Sonrai is a leading cloud security company trusted by Fortune 100 companies in financial, healthcare, energy, and other industries. We protect the most critical assets in your cloud by securing identities and stopping high-impact attacks, with a focus on securing identities and breaking down the hidden paths to your high-value data and applications. Using patented analytics, we reveal how identity, asset, and permission compound to create unintended access, prioritizing findings based on business impact. With automated bots and integrated workflows, we enable cloud security teams to minimize risk without impacting business or draining resources. Continuous monitoring of abnormal changes ensures risks aren’t missed, keeping data secure.

Who do you partner with to do the audit? (can I do it without a partner)

You can run the audit directly with Sonrai, or use one of Sonrai’s partners. For example, Accenture runs the Cloud Identity Risk Audit as part of their cloud security evaluation for their customers.

Can I fix the issues found in the audit using Sonrai?

Yes. If you wish to pursue remediation efforts, Sonrai can transition your audit tenant to a full Sonrai tenant. You can see some of these features in preview when running an audit.

Is it really free?

Yes! There is no cost, and no commitments.

What’s the actual process to run the report?

Onboarding is simple and can take five minutes. In AWS, Sonrai needs to assume a role, which can be provided via a cloudformation template, or you can bring your own and add the Sonrai trust policy. In Azure, you must trust the Sonrai Azure app and create a role assignment. In GCP, you must add the Sonrai service account and grant it a few permissions. Then we’re off and running.

How long does it take to get results?

It will likely take less than a day to get a full picture of your cloud, but we recommend two days to make sure larger cloud footprints are processed.

I don’t want to give you the data from my cloud.

Great, we don’t want it either. Sonrai doesn’t possess your data at any point and nothing ever leaves your cloud. Our read-only role only passes metadata to Sonrai. Everything is encrypted – and you keep control of your data.

Will there be a document I can share with my team after the CID audit is complete?

Yes, this datasheet can be downloaded and shared with your team. Here’s an example of what you’ll receive: sonraisecurity.com/cid-pdf.

How does Sonrai handle its internal security?

Sonrai is a SOC2- Type-2 compliant organization with rigorous internal security controls, training, and monitoring. We live cloud security every day. Regulatory demands on Sonrai’s security standards are high, as a plurality of the top 10 banks in the US and Canada use Sonrai to secure their cloud, as well as Fortune 100 customers from several other highly regulated industries.

Get Your Free Cloud Identity Risk Audit

Receive a complimentary audit for your cloud. See what needs to get fixed next and compare your scores with other companies in your industry.