The game has changed in the public cloud.  This new cloud world scales rapidly, and gives companies the freedom to innovate quickly.  However, it also introduces a ton of complexity making it extremely difficult to keep track of who and what (human and non human identities) has access to what data, creating unacceptable and invisible risk.

In this Q&A, VMblog connected with industry expert, Brendan Hannigan, CEO and co-founder of Sonrai Security, to learn more about Sonrai's new Governance Automation Engine within its Sonrai Dig platform, which provides cloud and security teams with complete visibility of the platform identifies and monitors every possible relationship between identities and data that exists inside their public clouds. 

VMblog:  You recently announced a Governance Automation Engine for Sonrai Dig.  Could you tell us a bit about the automation engine and the vision for the product?

Brendan Hannigan:  Of course. The widespread adoption of cloud-native computing, micro-service based architectures, containers, and serverless has led to an explosion in the number of ways that people and non-people identities can access sensitive data in public clouds. While this leads to incredible innovation, if ungoverned, it leads to a boatload of risk.  We launched our Governance Automation Engine to address the need for modern cloud-native organizations to find and prevent vulnerabilities tied to interrelationships between identity (human and non-human) and data. The primary goal of our Sonrai Dig platform is to deliver automated safeguards that find hidden risks, eliminate them, and through continuous monitoring, makes sure they never reappear.

VMblog:  Sonrai exited stealth mode in January 2019, with the launch of the Sonrai platform.  What new capabilities are featured in Sonrai's Governance Automation Engine that were not previously available to customers?

Hannigan:  Sure. In January of last year, we officially launched our platform with the goal of helping organizations secure identities across AWS, Azure, and Google Cloud deployments. A key innovation of our platform is a ‘graph' that maps every possible way every identity can access every type of data. First-generation security tools cannot graph these paths to data and so they totally miss critical risks.  Also, they habitually send too many alerts to the wrong teams leading to the alert fatigue.

The new capabilities of our Governance Automation Engine automates the removal of the complex identity and data access risks the Sonrai graph finds. Additionally, Dig allows companies to establish Least Privilege, eliminates identity risks, and lockdown "crown jewel" data. Finally, the Governance Automation Engine also eliminates the alert fatigue mentioned earlier by automatically determining which development team is responsible for a problem and routing remediations directly to them. It also sets up prevention and remediation bots that automatically prevent risky actions from being taken in the cloud and/or across multiple clouds as well to remediate an area of vulnerability based on hundreds of out-of-the-box policies  - all of this without human intervention.

VMblog:  There is a great deal of buzz around cloud security and data governance.  Can you elaborate on how this product is different than others on the market?

Hannigan:  Sonrai finds and eliminates complex identity and data access risks, in a way that aligns with how applications are developed today. Our swimlanes, workflow, and remediation are integrated seamlessly to eliminate risk in complex environments and it represents an entirely new and effective approach to governance and security. Early cloud security systems have focused on simpler cloud network setups and sent too many alarms to the wrong teams. The new cloud security model needs to be heavily focused on identity and data and that is what Sonrai is all about. By having this focus, companies will end up with security far superior to anything possible in old-world data centers.

VMblog:  What industries do you see benefiting the most from Sonrai Dig?

Hannigan: The problems we address are horizontal and impact all industries. Obviously, the level of pain and specific use cases will vary by vertical. For example, financial services organizations are showing significant concerns for protecting the PII of their customers. These companies use our platform to de-risk their cloud, protecting their public cloud environments from misconfiguration, policy violations, identity and data governance challenges.

Another example are healthcare and life sciences companies who often need to store crown jewel data, like PHI and they must protect valuable IP, along with safeguarding financial transactions and other aspects of their business processes. These companies also use Sonrai Dig to secure their data and achieve continuous security and compliance.

VMblog:  What else can we expect to see from Sonrai Security in the coming months?

Hannigan:  We are building a platform company as we see the need to help companies deliver security for their public cloud deployments that far exceeds anything possible in the data center world. Expect to see continued expansion across the globe, new platform capabilities around data governance, and some exciting new integrations and partnerships.