Sonrai CDC helps DevOps and security leaders achieve three things:

Improve Data Security and Reduce Risk

Improve Data Security and Reduce Risk

User configuration risks and public data exposure risks are all reported across cloud providers, accounts, countries, teams and applications.

  • Public data exposure risks
    Public data is monitored and notifications for newly public data issued. Unusual movement of public data and public data that is never accessed are all highlighted.
  • Configuration and privilege risks
    Separation of duties risks, accounts with MFA/password policy violations and privilege escalation risks are all highlighted. Data encryption and retention policies are assessed.
  • Crown Jewel monitoring
    Critical data in cloud provider or 3rd party data stores is monitored for unusual access or movement. Dashboards and reports deliver centralized view of critical assets and any access to them.
  • Anomalous data movement
    Unusual access to high risk data, instances accessing large numbers of data assets, behavioral changes in data movement and new identities accessing sensitive data are reported.
  • Anomalous user/developer activity
    Failed escalations attempts, disabling of audit functions, account creation with excessive privilege and unusual changes in user/developer behaviour are all monitored.
Ensure Compliance

Ensure Compliance

Data sovereignty, data movement and identity relationships are all monitored to ensure conformance to sovereign, GDPR, HIPAA and other compliance mandates.

  • GDPR compliance
    Geographic sovereignty is confirmed and data asset discovery is supported. PII data movement is monitored.
  • Data sovereignty monitoring
    Data classification and location is determined. Movement between geographies and access from alternate geographies is monitored.
  • HIPAA, PCI and other compliance reporting
    Mandate specific reporting and continuous audit of all identity, developer and privilege access to regulated data assets.
  • Data asset inventory
    Unreported data assets will be found, identified and monitored across cloud accounts and developer teams.
Increase DevOps Efficiency

Increase DevOps Efficiency

Cloud provider management models are normalized with centralized analytics and views across hundreds of AWS/GCP accounts and Azure subscriptions/resource groups.

  • Centralized model of identity and data
    Sonrai CDC models all activity and relationships across cloud vendors, accounts and third party data stores. All views pivot on cloud provider, country, cloud accounts, application or data store.
  • Cloud-native query
    Cloud Query Language (CQL) provides rapid interrogation of the complete and centralized model of all data and identity relationships.
  • User and asset reports
    User reports show all privileges and data a particular identity has access to. Similarly, data reports show all those entities with access and history.
  • DevOps and security personas
    DevOps team leaders pivot all functions across teams, applications and data. CISOs pivot on geography, provider and compliance mandates.
  • API's and customization
    APIs provided access to data and reporting functionality.

Webinar: Comparing Public Cloud Security Across AWS, Azure, and GCP: Lessons for Security Teams

Sign up for this webinar and learn how how the shift to public cloud is changing the rules for security. We identify the different principles each public cloud vendor is using as well as the different approaches to account organization and how resources are protected.