Sonrai Dig
Provide Deep Visibility (CSPM), Eliminate Identity Risks and Strengthen Data Protection for your AWS Workloads – Operationalize your Cloud Security Model.
Learn how World Fuel Services securely accelerated their cloud migration with Sonrai ➡
Shawn Bowen, VP and Chief Information Security Officer
World Fuel Services Corporation
The modern cloud’s dynamic infrastructure presents extreme flexibility and innovation — but that can lead to runaway permissions issues, even in AWS.
Identity is the new perimeter of the cloud. Features like inheritable rights, privilege escalation capabilities, and the complexity of group and policy membership can bury an identity’s true access capabilities in a byzantine path hidden from traditional identity management tools.
It’s not about “excessive permissions” anymore. Sonrai Security’s effective permissions analytics simulate every attack path an identity could take to access data inside your AWS cloud, regardless of how many degrees of separation or how short-lived the identity’s access is.
Sonrai Dig is built on a sophisticated graph that continuously identifies and monitors every possible relationship between identities and data that exists inside your AWS Cloud.
Dig works in concert with your underlying 150+ AWS services and automates the incorporation of security controls to enable audit, visibility, protection, and detection of risks. It additionally monitors and remediates cloud misconfigurations and policy violations allowing customers to achieve continuous security and compliance. Customers (Infra, Ops, and SecOps teams) require an integrated security approach along with cloud-native tools, with automated 24/7 cloud monitoring to govern your identities and protect your data.
Within AWS Well-Architected Framework, Sonrai Security is a recommended partner in the Management & Governance Lens for security management, identity management, and controls and guardrails competencies.
Sonrai Dig uses AWS APIs to baseline the configuration of your cloud and build an up-to-date identity and data security model of how your identities can interact with resources and access data. Dig uses advanced analytics to determine the true end-to-end permissions, or “effective permissions,” of every identity in your cloud.
These effective permissions analytics consider not just people (users) identities but also non-people (such as AWS roles, compute, and serverless functions) identities. By knowing your effective permissions, you gain total visibility into what your identities can do and what data they can access, but you also visualize how they gain these permissions.
This makes the job of enforcing Least Privilege a much simpler and manageable task.
Manage your organization’s IAM risks, and auto remediate them.
Sonrai Dig maps every trust relationship, inherited permission, and policy for every identity (resource, application, and human) in real-time
Detect privilege escalation, separation of duty risks across roles, accounts, tables, services, and toxic combinations across any AWS service
Maintain an identity compliant platform that logs all data
Sonrai Dig discovers and classifies data across all your data stores – Amazon S3, Amazon RDS, AWS Aurora, AWS Redshift, and AWS DynamoDB.
Provide Least Access, Track Data Movement, and Lock Down Crown Jewel Data like PII, PCI, and More.
Behavioral modeling: Instantly detects changes in data access behavior, including access from new identities, access from undesirable locations including geography, and unusual changes in how identities access data. Sonrai Dig will also detect if suspicious access is granted before it is used
Automated blocking: Depending on the severity of the alert, Sonrai Dig can either block all access to a store, block a specific identity from access, or temporarily downgrade access privileges for a specific identity
Sonrai Dig analyzes your AWS environments to provide continuously updated levels of risk that span all resources, identities, services, data stores, secret stores, and networks.
Build a baseline and contextual view of your security posture
Run security use cases, like NIST Cybersecurity Framework, ISO 27001, GDPR, HIPAA, against your environment to ensure compliance
Continuously audit all of the changes to be sure your security model is kept up-to-date
Contextually prioritize and auto remediate your findings using our proprietary swim lanes
Dig brings all the best practices from AWS and policies together into one platform.
Operationalize your Cloud Security Model
Build swimlanes based not just on your accounts and workloads, but rather in line with your governance model
Owners of those environments and applications are best positioned to review the risks and decide on the best path forward
Advanced workflow capabilities & a library of custom remediation and prevention options – including prebuilt and custom bots – mean things get fixed fast
Dig’s Governance Automation Engine automates workflow, remediation, and prevention capabilities across cloud, DevOps, DevSecOps, and security teams to ensure end-to-end security and visibility
As you address risks, reporting lets you communicate your advancement towards a security maturity goal for each environment. Track progress over time with digestible KPIs that give your team benchmarks and make sense to executives
Vulnerabilities in the cloud are fundamentally different – and they require a continuous picture of your AWS platform, identity, and data information.
If identity is the new perimeter, Sonrai is your perimeter schematic. It’s the only source for comprehensive intelligence on identity-to-data pathways. A big data analytics engine continuously updates every complex path an identity has used or could use to access data – sometimes 12 relationships and inheritances deep or more. All activity, all relationships, all identities. See everything, connect everything, and build a foundation for cloud security.
Understand how our analytics engines can help you
Sonrai Dig’s integration provides visibility and context across 150+ AWS services. The result is that there are no blind spots and also integrates seamlessly with AWS Control Tower and AWS IAM Access Analyzer.
Bring Sonrai’s unique insights into Security Hub. Monitor assets and send alerts on resource configurations, compliance violations, network security risks, and anomalous user activities across AWS environments in one unified control center.
Resources you may like to help you with your AWS environments.
A. Sonrai Dig is available for direct purchase on the AWS Marketplace. Buy now on AWS Marketplace
A. Our platform can prevent unauthorized access, enforce container immutability, network segmentation and segregation of duties.
A. Sonrai Dig’s cloud security platform provides security, visibility and context for more than 150+ AWS services.
A. Like most cloud providers, AWS operates under a shared responsibility model. AWS takes care of the security ‘of’ the cloud while AWS customers are responsible for security ‘in’ the cloud. Learn more about the shared responsibility model.
See Sonrai’s integration with AWS
