Sonrai Security website logo for identity and data governance and cloud security

Strengthen Your Azure Cloud Security

Integrate Your IT Operations with Sonrai Dig and Microsoft Azure

Maze GraphicMaze Graphic

Organizations that already use on-premise Active Directory can synchronize their identities with Azure AD to provide seamless integration between on-premise and cloud resources. While this may seem seamless, migrating workloads from on-premise to the cloud can be an identity and data security challenge for enterprises.


An Overview of Sonrai Dig

Sonrai Dig is built on a sophisticated graph that continuously identifies and monitors every possible relationship between identities and data that exists inside your Azure cloud. Dig works in concert with your underlying Azure security controls to enable audit, visibility, protection, detection, and automation of security controls running on Azure. Dig additionally monitors and remediates cloud misconfigurations and policy violations allowing customers to achieve continuous security and compliance.

Your Azure workloads require an integrated security approach with 24/7 Azure Cloud monitoring to protect and govern your identities and data.

How Sonrai and Microsoft Azure Work Together

Sonrai Dig uses Azure APIs to discover how your resources are configured and how identities can interact with those resources based on any permissions your enterprise has and any permissions which may have been granted. This discovery helps your organization understand the state of your Azure cloud. From this baseline, Dig builds out the IAM model to understand the uniqueness of Azure’s identities around classic admins, defining management and RBAC groups, and determining how those are inherited through subscriptions and resources.

security teams use case

Identity Security

Sonrai Dig will map every single RBAC assignment at a subscription or unique individual layer back to the identities that are associated with them. This mapping will give your enterprise a true understanding of not only the assigned permissions of a given identity but the effective permissions they inherit through all of these assignments. Dig allows for scenarios in Azure to look for access keys granted on storage accounts so you can understand if people have access outside of the traditional IAM protocol. This process gives organizations full visibility and control of their cloud security posture by graphing and monitoring identity and data access to detect cloud drift, misconfigurations, and complying with regulatory requirements and best practices.

Learn More
CISO Who We Serve Page

Data Governance

In Azure, Data exists in many places across your cloud. Sonrai Dig locates and identifies all data within your Azure cloud to provide an up-to-date model of who and/or what can access them and from where. Furthermore, the platform can audit every single action to determine a continuous baseline of what’s happening with your data. Should a deviation be found, the right teams are alerted to the right problem. Not only can Sonrai Dig find where your data is in the cloud, who and what can access it, we can also classify your data. This feature comes with out-of-the-box models to help your enterprise find PII and other sensitive data. Sonrai Dig also has custom configurations to help you with your own unique data models.

Learn More
Graphic for Blog Data Governance

Intelligent Cloud Security Posture Management

Sonrai Dig works on the Azure foundation in your cloud to provide a cloud security and risk operating model that spans all identities, data, and resources. Initially, Sonrai Dig will discover everything that is deployed in Azure - all of the different data stores, all of the networks you have in your subscriptions, and all of the ways identities configured in your Azure environment to provide contextual value to your sensitive information. Once we have a baseline and contextual view, Dig will then run security use cases, like NIST CyberSecurity Framework, ISO 27001, GDPR, HIPAA, and other compliance mandates, against your environment to ensure your key values are met.

  • Is your data protected properly?
  • Do you have issues with privilege escalation?
  • Do you have CSPM issues?

We know that security is not a static thing, so Sonrai Dig continuously audits all of the changes that are happening in Azure to be sure that your security posture is kept up-to-date and you have a single end-to-end view of your Azure environment’s risk profile.

Learn More
CSPM Cloud Security Posture Management pyramid

Governance Automation

In Azure, it is likely your org divides workloads and environments into things like subscriptions, management, and resource groups. Because your Azure environment is extremely complex, it becomes very difficult to keep track of what each and every identity has permission to do, if that permission has been used, and what data it can access. Sonrai Dig maps every trust relationship, inherited permission, and policy for all of the resources, data stores and identities in Azure. Through this model, Dig is able to detect identity risks such as privilege escalation, separation of duty violations, and toxic combinations across your Azure environment.

Dig’s Governance Automation Engine enables enterprises to  “shift left” and integrate teams via organized analysis, alerts, and actions that align with how your organization uses your cloud(s). Dig allows customized monitoring and views for development, staging, or production workloads and an API architecture that can be integrated into your CI/CD pipelines. To effectively manage and secure your enterprise, Dig maps your workloads into swimlanes, where each swimlane represents a specific slide of your environment, determined by you and how your business works. For example, traditional swimlanes would include your Dev, Stage, and Prod environments where your governance models are applied in a way that makes sense to you. Alerting and remediation would be in the context of the swimlanes, which helps to eliminate alert fatigue and enables effective management of risks that arise. Dig’s Governance Automation Engine automates workflow, remediation, and prevention capabilities across cloud and security teams to ensure end-to-end security and visibility.

Learn More
who we serve | devops | cloud security image

Deep Understanding and Integration with Azure

Sonrai Dig’s unique integration with Azure provides deeper insights into identity and data in your cloud.

For example, Azure Security Center uses a wide variety of physical, infrastructure, and operational controls to help secure Azure — but there are additional actions you need to take to help safeguard your workloads. With Sonrai Dig, you can uncover all identity and data relationships between people and non-people identities (admins, roles, compute instances, serverless functions, and containers) across multi-cloud accounts and third-party data stores to further strengthen your security posture and protect against threats.

Dig also has an integration with Advanced Data Security (ADS), which is a unified package for advanced SQL security capabilities. Dig with ADS includes functionality for discovering and classifying sensitive data, surfacing and mitigating potential database vulnerabilities through over privileged identities, and detecting anomalous activities that could indicate a threat to your database. The combined integration provides a single goto location for managing and governing these activities including data classification, drift detection, and more.

Dig also sends alerts to Azure Sentinel, bringing insights around configuration, identity, and data risks of a particular application or the entire cloud environment within the Sentinel Console. Ticket activities in Dig, like remediations and snoozes, can be configured to appear in Sentinel to give a comprehensive picture of security event management. Sentinel users can also run automation & orchestration playbooks off of Sonrai alerts.

Learn More
Map Graph for Resources

Ready to De-Risk Your Public Cloud? See It For Yourself.

Identity and data access complexity are exploding in your public cloud. Tens of thousands of pieces of compute, thousands of roles, and a dizzying array of interdependencies and inheritances. First-generation security tools miss this as evidenced by so many breaches. Sonrai Dig de-risks your cloud by finding these holes, helping you fix them, and preventing those problems from occurring in the first place. Schedule a conversation to talk with us about how we can help your enterprise.