We’re excited to bring back Transform 2022 in person on July 19 and virtually July 20-28. Join AI and data leaders for insightful talks and exciting networking opportunities. Sign up today!
Security Sonraioffering a cloud protection platform that focuses on data and identity security, today announced the introduction of cloud workload protection, enabling the platform to “make connections that no one else can” to secure the use of the public cloud, CEO Brendan Hannigan told VentureBeat.
In particular, Sonrai offers a greater emphasis on the core area of identity, with its identity graph, than other security vendors for public cloud infrastructure, Hannigan said. The addition of a cloud workload protection platform (CWPP) will now allow the startup to connect workload risks alongside identity risks to better protect customers, she said.
“We want to discover and find all the risks that affect our customers’ cloud. To do that, we have to see absolutely everything,” Hannigan said in an interview.
“When you do that, you can now see where workload risk is also related to identity and privilege-related risks,” he said. “You can also see where the risk is linked to access to sensitive data. Those are two things that no one else can see because they don’t have a chart like this.”
Complete cloud security platform
Along with CWPP, the Sonrai Dig platform now offers Cloud Security Posture Management (CSPM) to detect misconfigurations in cloud infrastructure; cloud infrastructure rights management (CIEM) to manage identities and permissions in the cloud; and data security on its unified platform. Sonrai Dig works with the three largest public cloud platforms: Amazon Web Services (AWS), Microsoft Azure, and Google Cloud, as well as Kubernetes container orchestration.
The expansion into cloud workload protection follows the company’s latest fundraising, a $50 million Series C round, raised in October. Sonrai achieved a valuation “approaching $500 million” in connection with the financing, a source with knowledge of the valuation told VentureBeat.
Founded in 2017 by Hannigan and CTO Sandy Bird, who together previously founded IBM-acquired Q1 Labs, Sonrai says it has taken a different approach than other cloud security vendors by building all its capabilities in-house, rather than acquiring them.
That approach has potentially taken longer, but it is paying off, according to Hannigan. When it comes to cloud security capabilities, “you have to have them seamlessly integrated to deliver value to customers,” she said. “That’s why we built it from scratch.”
focus on identity
Sonrai also made the decision to take an identity-centric approach to cloud security early on. The first key piece of technology the company developed was its graph for mapping identity and access in the cloud, Hannigan said.
Now, combining that identity graph with Sonrai’s new cloud workload protection capability will offer huge security benefits for customers, he said.
“The connection between workload security and identity understanding is really important,” Hannigan said. “People who think they have a cloud security solution and can’t answer these identity questions aren’t taking cloud security seriously.”
Identifying vulnerabilities is a “comfortable place” to start when it comes to cloud security, he said. “But if you’re going to try to reinvent security, you’ve got to tackle the toughest problems in the cloud,” Hannigan said, namely the problems around massive amounts of interconnected cloud identities and permissions.
Managing digital identities and access policies is notoriously difficult for businesses, with many suffering from so-called “identity sprawl.” A recent study commissioned by One Identity found that nearly all organizations, 95%, report digital identity and access management challenges.
To reduce complexity, Sonrai can now quickly show a customer situations where, through a combination of privileges, a user could gain administrator rights and access sensitive data they shouldn’t have access to, Hannigan said. Therefore, the platform is able to prioritize the biggest risks to customers that should be addressed first, she said.
The platform does this prioritization in part by taking into account what it calls “risk amplifiers” for workloads, such as having external exposure, access to any overprivileged identity, the ability to escalate privileges, or access to sensitive data.
As a result, if Sonrai’s solution finds a vulnerability or other risk in the workload, it can prioritize the problem for customers when one or more of these risk amplifiers are present, Hannigan said.
“As we collect information from different sources, we map all the possible ways that an entity can connect to another entity or can gain privileges,” he said.
Sonrai’s CWPP solution also provides the ability to initiate remediation of issues that have been discovered and prioritized, Hannigan said.
Sonrai’s revenue tripled in 2021, year over year, and the company has disclosed clients including World Fuel Services and New American Funding. The company doesn’t disclose how many customers it currently has, but says it now serves several of North America’s largest banking and aviation customers, along with Fortune 100 companies in healthcare, software and retail.
Sonrai has 100 employees and has offices in New York and New Brunswick.
Ultimately, with its new capabilities for cloud workload protection, the Sonrai platform “shows you all the ways things are connected. And other companies have very shallow views on it,” Hannigan said. “It is extremely unique. Nobody else has a chart that can show what we can show, in terms of identity risk, toxic combinations in the clouds, and a perfect view of data access.”
The VentureBeat Mission is to be a digital public square for technical decision makers to learn about transformative business technology and transact. Learn more about membership.