Integrate Your IT Operations with Sonrai Dig and Google Cloud Platform
Moving an enterprise from a traditional security model to a cloud-native one requires changes to two main areas - namely infrastructure and development process. Google uses shared components into a shared fabric enveloping and connecting all microservices. Google’s infrastructure deploys workloads as individual microservices in containers and manages these workloads using Borg - Google’s container orchestration system. This is a basic "cloud-native" architecture that Sonrai Dig integrates with to secure identities and data in GCP.
Sonrai Dig is built on a sophisticated graph that continuously identifies and monitors every possible relationship between identities and data that exists inside your instance of Google Cloud Platform (GCP). Dig works in concert with your underlying GCP security controls to enable audit, visibility, protection, detection, and automation of security controls running on GCP. It additionally monitors and remediates cloud misconfigurations and policy violations allowing customers to achieve continuous security and compliance.
With all of these areas to manage, you’ll need the right tooling to govern identity and data in your GCP.
Sonrai Dig uses the GCP API to baseline the configuration of your cloud, and build an up-to-date identity and data security model of how your identities can interact with resources and access data. Dig utilizes advanced analytics to determine the true end-to-end permissions (or “Effective Permissions”) of every identity in your cloud. These Effective Permissions analytics take into consideration not just people (users) identities but also non-people (such as AWS roles, compute, and serverless functions) identities. By knowing your Effective Permissions, not only can you gain total visibility into what your identities can do and what data they can access, but also visualize how they gain these permissions. This makes the job of enforcing Least Privilege a much simpler and manageable task.
Sonrai Dig will map every single permission assignment, at all layers of GCP, back to the identities (people and non-people) that are associated with them. This mapping will give your enterprise a true understanding of not only the assigned permissions of a given identity but the “Effective Permissions” they inherit through all of the assignments. This enables your organization to clearly identify scenarios in GCP where an identity has access to assets that it really shouldn't have, such as sensitive data. This process gives organizations full visibility and control of their cloud security posture by graphing and monitoring identity and data access to detect cloud drift, misconfigurations, and complying with regulatory requirements and best practices.
GCP data stores exist in many places across your cloud. Sonrai Dig locates and identifies all data within your GCP cloud to provide an up-to-date model of who and/or what can access them and from where. Furthermore, the platform can audit every single action to determine a continuous baseline of what’s happening with your data. Should a deviation be found, the right teams are alerted to the right problem. Not only can Sonrai Dig find where your data is in the cloud, who and what can access it, we can also classify your data. This feature comes with out-of-the-box models to help your enterprise find PII and other sensitive data. Sonrai Dig also has custom configurations to help you with your own unique data models.
Sonrai Dig provides a cloud security and risk operating model that spans GCP resources, users, tables, containers, data stores, key stores and more. Initially, Sonrai Dig will discover everything that is deployed in your GCP environment and build a baseline and contextual view of your security posture. Dig will then run security use cases, like NIST CyberSecurity Framework, ISO 27001, GDPR, HIPAA, and other compliance mandates, against your environment to ensure your key values are met.
We know that security is not a static thing, so Sonrai Dig continuously audits all of the changes that are happening in the GCP environment to be sure your security model is kept up-to-date and you have a single end-to-end view of your GCP environment’s risk posture.
In GCP, it is likely your enterprise divides workloads and environments in various ways to align with your governance frameworks, as well as with your DevOps methodologies.
Dig’s Governance Automation Engine enables enterprises to “shift left” and integrate teams via organized analysis, alerts, and actions that align with how your organization uses your cloud(s). Dig allows customized monitoring and views for development, staging, or production workloads and an API architecture that can be integrated into your CI/CD pipelines. Security ceases to be the roadblock and instead is an enabler of better products and services. To do this, Dig maps your workloads into swimlanes, where each swimlane represents a specific slide of your environment. From there, your controls can be applied and the alerts generated are streamlined in the ways that your enterprise works. Automation can also be enabled within this model to allow for timely, efficient, and effective management of your issues. For example, traditional swimlanes would include your Dev, Stage, and Prod environments where your governance models are applied in a way that makes sense to you. Alerting and remediation would be in the context of the swimlanes eliminating alert fatigue and enabling effective and efficient management of risk that arise.
Our unique integration with GCP provides insights into your identity and data relationships that no other security platform can. Sonrai Dig goes way beyond detecting common cloud misconfigurations and instead provides you with continuous visibility into all the identities (both people and non-people) in your cloud, what they can / are doing, and what data they can access. In parallel, Dig provides the visibility to allow you to concretely know where your data is, what it is, who/what has access to it, what those Identities are doing with it and where it is moving.
Identity and data access complexity are exploding in your public cloud. Tens of thousands of pieces of compute, thousands of roles, and a dizzying array of interdependencies and inheritances. First-generation security tools miss this as evidenced by so many breaches. Sonrai Dig de-risks your cloud by finding these holes, helping you fix them, and preventing those problems from occurring in the first place. Schedule a conversation to talk with us about how we can help your enterprise.