Virtualization Technology News and Information
VMblog Expert Interview: Getting Ready for CloudBytes Connect with Sonrai Security

cloudbytes connect 2020 

Are you attending the CSA Cloudbytes virtual conference on May 26 through May 28?  If so, I invite you to add Sonrai Security to your must-see list of vendors.  CSA Cloudbytes is taking its conference online.  And the number of sponsoring vendors at this year's show is imposing as the show shifts to a virtual summit.

One of the companies that will be on VMblog's list this year at the event is Sonrai Security.  Sonrai Security helps enterprise organizations with identity and data governance for AWS, Azure, Google Cloud, and Kubernetes.  Sonrai Dig, an enterprise identity, and data governance platform, de-risks your cloud by finding security holes, helping you fix them, and preventing those problems from occurring in the first place in your public cloud.

We sat down with Sonrai Security for an exclusive VMblog Expert Interview on what they have planned for the upcoming Cloudbytes event and why you need to see their keynote session.

VMblog:  As a sponsor, how can people find you during CloudBytes?

Sonrai Security:  Fortunately, signing up for the event is simple: going to the CSA CloudBytes page or visiting the Sonrai Security page. Because we're a keynote speaker, most people will get to see our name on the agenda for May 26th at 10am.

VMblog:  If an attendee likes what they see and hear at your session, what message about your product can you send them back with to sell their boss on your technology?

Sonrai Security:  Identity and data access complexity is a ticking time bomb in your public cloud. Tens of thousands of short compute pieces, thousands of roles, and a dizzying array of interdependencies and inheritances. If you think about it, you have admins that get access to data stores in your environment. As the old world, but this is just the beginning in the cloud world.

Then, there are service principles, roles, keys. It's what you use every day to build dynamic workloads. If you're using a secret store (like HashiCorp Vault) and want to bring your keys, that's another level of indirection.

It's not about just people anymore. For your cloud, the vast majority of identities are not people's identities. A serverless function, a container, a VM. They have rights too. In addition to specific rights associated with computing or users, a group of policies also convey rights. And of course, cloud security services have access rights too. All of this can be controlled, adjusted, or over-written through global restrictions and resource policies like Amazon's SCP.

Now multiple this by 100 or 1000 and add cloud accounts and subscriptions with Trust Relationships and Permission Inheritance, and you have a ticking time bomb in your cloud. This is why we see data breaches every day.

Sonrai Dig, our enterprise identity and data governance platform, de-risks your cloud by finding these holes, helping you fix them, and preventing those problems from occurring in the first place.

VMblog:  What are some of the reasons why you believe CSA Cloudbytes attendees should add your keynote to their must-see list?

Sonrai Security:  Because they will have an opportunity to understand why cloud migrations need a new approach to security and governance, we cover why digital transformation turns old-security ways upside down, how new approaches must be built for the cloud from the ground up and why identity and data are the key critical control points for public cloud governance.

VMblog:  Thinking about your company, give readers a few reasons why your product or service is considered unique.

Sonrai Security:  Sonrai offers customers the most comprehensive and innovative approach to protect their cloud security and container environments from risk - whether it is misconfigurations, policy violations, over-privileged identities, and other data and identities access challenges.

We consider our solution unique because we can de-risk your cloud in four steps. Our identity and data governance platform, Sonrai Dig, allows customers to:

  1. Get to Least Privilege and stay there. Eliminate all identified risks in your cloud - Dig maps every single trust relationship, inherited permission, and policy, for every entity in your cloud. Identify all excessive privilege, escalation, and separation of duty risks across 1000's of roles and compute instances across 100's of cloud accounts; all mapped continuously.
  2. Discover, classify, lockdown, and monitor crown jewel data. Dig relentlessly monitors your critical data sitting inside object stores and database services. Suspicious access activity or undesirable changes in access rights are flagged.
  3. Shift left by integrating teams. Via organized analysis, alerts, and actions that align with how your organizations use public cloud. Dig allows customized monitoring and views for development, staging, or production workloads and an API architecture that can be integrated into a CI/CD process.
  4. Prevent. Escalate. Remediate. Remediation bots fix the problems found. But, how about preventing those problems from happening in the first place? Sonrai Dig does both. It also puts prevention rules in place across your cloud and makes sure they stay there. As people try to move workloads to production, checks are in place, and promotion only happens if your risk policies are followed.

VMblog:  How does your company and product fit within the container or cloud ecosystem?

Sonrai Security:  Sonrai helps reduce complexities across AWS, Azure, Google Cloud, and Kubernetes. We show you what has access, how access is possible, and where best to eliminate risk. Sonrai Dig, the identity and data governance platform, protects cloud and container environments from misconfigurations, policy violations, threats, and data and identity governance challenges. Sonrai customers achieve getting to and maintaining the least privilege and can fully realize the benefits of cloud and container technology without unnecessary complexity and risk.

With Sonrai Dig, organizations gain unified security and compliance for Amazon Web Services, Microsoft Azure, Google Cloud Platform, and Kubernetes.

Using out-of-the-box policies mapped to industry, and regulatory standards empower security and governance, risk, and compliance, and cloud security professionals to quickly identify and assess risk before they are exploited. From custom policies to a robust API, Sonrai Dig can adapt to any organization's unique cloud security operations.

VMblog:  What do you hope to come away with from attending CSA CloudBytes?  What does event success look like to you?

Sonrai Security:  Above all else, we are interested in introducing ourselves to the cloud security community to help with data and identity governance across their public cloud.

VMblog:  Attendees always enjoy a good trade show tchotchke - even at a virtual trade show.  Are you giving away anything unique or exciting this year?

Sonrai Security:  We will be giving away a noise-canceling handset to help everyone working remote.


Save Your Spot to Listen to Sonrai Security

If you haven't saved your spot for the CSA CloudBytes Connect Conference, you still have time. Learn more about this exciting virtual summit here, and don't miss your chance to hear from Sonrai Security.  The team here at VMblog will definitely tune in.

Published Wednesday, May 20, 2020 7:34 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<May 2020>