Former IBM Security and Q1 Labs Executives Unveil Data-Centric Service to Provide Unified, End-to-End Data Security and Compliance Across AWS, Azure, and Google Cloud Platforms
New York, NY— January 15, 2019— Sonrai Security, an innovator in Cloud Data Control, today officially launched with $18.5 million in Series A funding, and a groundbreaking new service that delivers unparalleled data and identity control across all cloud accounts and within any data store. Polaris Partners and TenEleven Ventures led the round, with Polaris Partners Managing Partner Dave Barrett and TenEleven Ventures Founder and Managing General Partner Alex Doll joining the board. New Brunswick Innovation Foundation (NBIF) also participated in the funding.
Sonrai Security is co-founded by Brendan Hannigan and Sandy Bird, who are internationally respected as trailblazers in data security, risk and compliance. Most recently an entrepreneur partner with Polaris Partners, Hannigan was previously general manager of IBM Security, which he helped establish and grow to become a $2 billion division, and the world’s largest enterprise security provider. Hannigan and Bird joined IBM following its 2011 acquisition of Q1 Labs, with Bird serving as IBM Security’s chief technology officer. Bird co-founded Q1 Labs, and Hannigan served as CEO, where they helped establish the security intelligence and analytics company’s flagship platform, QRadar, which became the sector’s global market share leader.
A manual audit by one Fortune 100 firm determined that internal teams underreported by 50% the volume and nature of data assets present in cloud accounts, and the problem is only worsening. More broadly, enterprises often have hundreds of cloud accounts running across Amazon, Microsoft, and Google – and within those accounts, multiple individual data stores – many of which their IT groups don’t even know exist, or the data they contain and the extent to which access is allowed. The ease at which cloud accounts are spun up and data is transferred into them is making matters worse, compounding the risks to these organizations, their customers and their partners.
Additionally, with an ever-increasing number of data breaches prompted by everything from misconfigured data stores to malicious exploits of cloud platforms, it is clear that traditional network-centric security controls don’t work for the cloud. Sonrai understood this and started from a clean slate to develop Cloud Data Control. It is a model for hybrid cloud security and risk mitigation that puts the data itself at the center of the cloud security universe, and for the first time, truly bridges SecOps and DevOps teams to provide unmatched security, compliance, and efficiency.
“The Lincoln Center for the Performing Arts is among the world’s premier performing arts centers and a leader in arts education,” said Chief Technology Officer Robert Tarleton of Lincoln Center. “We use multiple cloud services and need to be confident in the protection of our creative intellectual property. But security is more science than art, and our main focus and resources need to be on the arts community. Services such as Sonrai’s give us remarkable visibility and control, while easing the burden on our staff.”
About Sonrai Security’s Cloud Data Control
The Cloud Data Control service is an industry-first, native cloud service that ties together data and identity for the most comprehensive discovery, classification, mapping and automation.
With the ability to discover and track data and users across any cloud service (Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, etc.) and to third-party data sources (e.g. MongoDB, Cassandra, MySQL, etc.), Cloud Data Control provides a common interface with deep granularity and extensibility for both SecOps and DevOps teams. This enables:
- Comprehensive Data Security – By focusing on data and users, the service offers the ability to assess and vastly reduce risk, comprehensively monitor usage and movement, and enforce accountability on the most critical assets. Thus, the service can protect against everything from external attack and access abuse to exposure from misconfiguration.
- Confident Compliance – By understanding the relationships between and actions on data by users or even automated processes, the service has extensive capabilities to audit data movement and ensure data sovereignty. This includes flagging potential violations and assessing overall compliance with any mandate, including GDPR, HIPAA, PCI, etc.
- Coordinated DevOps – By normalizing individual cloud provider management models and cataloging all query constructs, the service enables analytics and views across hundreds of AWS/Google accounts and Azure subscriptions, as well as associated data stores. Notably, DevOps teams can leverage APIs to easily integrate Cloud Data Control into their development frameworks and ensure conformance to security standards without reducing speed or agility.
“Cloud adoption affords us a unique opportunity to reimagine how we secure corporate data, and to make a clean break from the limitations of device, data center and perimeter centric security,” said Co-Founder and CEO Brendan Hannigan at Sonrai Security. “By putting data and identity at the center of a security model that spans cloud providers and third-party data stores, Sonrai Security offers a level of control and security never possible in a traditional enterprise network.”
About Sonrai Security
Sonrai, founded in 2017, provides a Cloud Data Control service that delivers a complete risk model of all identity and data relationships, including activity and movement across cloud accounts, cloud providers, and third-party party data stores. The Sonrai Cloud Data Control service helps security and DevOps leaders stop data security threats, ensure compliance and increase DevOps efficiency. The company has offices in New York, Texas and New Brunswick, Canada and is backed by Polaris Partners and TenEleven Ventures. For more information, visit www.sonraisecurity.com.