Sonrai Security — a leader in public cloud security — announced it has raised $20 million in Series B funding in a round led by Menlo Ventures with full participation from founding investor Polaris Partners and Series A lead investor Ten Eleven Ventures.
Menlo Ventures partner Venky Ganesan will join David Barrett and Alex Doll on the Sonrai Security board of directors. Including this round of funding, the company has raised a total of $38 million. The funding will be used to accelerate research and development along with global sales and marketing activities for Sonrai Dig, the company’s industry-leading identity and data security platform — which is currently used by a growing number of global enterprise organizations.
Public cloud utilization by global enterprises generates hundreds of cloud accounts and thousands of data stores and tens of thousands of ephemeral pieces of compute involving multitudes of development teams. When improperly configured, this ever-expanding array of interdependencies and inheritances leads to many security risks including over-permissioned identities, separation of duties risks, and excessive access paths to critical data. And legacy cloud security tools have failed to address identity and data complexity and either miss critical vulnerabilities or send continuous alarms, creating high levels of noise that overwhelm security teams’ resources, leading to inaction.
The Sonrai Dig platform automatically uncovers identity, data and cloud platform risks, automatically eliminates these risks and continuously monitors to ensure new risks and unusual activity are quickly identified. And Sonrai Dig builds a comprehensive graph detailing every relationship between identities (people and non-people) and data that exist within cloud platforms such as AWS, Azure, GCP, and Kubernetes. And DevOps-specific workflows represented graphically as swimlanes enable easy escalations, certifications and risk-exception handling and provide role-based access control for development, security, cloud and audit teams, to ensure adherence to policy.