UPDATED 17:27 EST / MAY 18 2021

CLOUD

Sonrai monitors cloud workloads using graphs and a rights-based approach

Compute functions have rights. That’s good when it comes to running a business operation, but it can be bad for security if those rights aren’t handled correctly.

For Sonrai Security Inc. that means a process of reinvention, an opportunity to create new security solutions based on the rights assigned for three key control points in the cloud: identity, data and applications.

“You get to start from scratch, and when you do it, you can deliver a level of granularity and control and security that is unimaginable in a traditional enterprise network and datacenter,” said Brendan Hannigan (pictured), chief executive officer of Sonrai. “We can see and understand the significance of inventions like AWS. The opportunity, which is a ‘must take’ opportunity, is reinventing security from top to bottom.”

In anticipation of the AWS Startup Showcase: The Next Big Thing in AI, Security, & Life Sciences — set to kick off on June 16 — John Furrier, host of theCUBE, SiliconANGLE Media’s livestreaming studio, spoke with Hannigan for a special CUBE Conversation on how Sonrai delivers an enterprise identity and data protection security platform. (* Disclosure below.)

Monitoring identities and data

Hannigan, who previously worked as general manager of security for IBM, started Sonrai with a focus on monitoring every possible relationship between identities and data in an enterprise’s public cloud footprint. The cloud has changed the nature of security controls from datacenter firewalls, endpoint antivirus and security event management systems to a new world of serverless functions, pieces of compute and containers. A common denominator is the workload.

“Our clients have been able to break the cloud from this amorphous thing into specific workloads,” Hannigan explained. “Each of those workloads has specific controls in place that understand how that workload should operate in the environment, across staging, development and production. We’re able to lock down what it is these workloads can do from an identity perspective, a data access perspective, a platform rights perspective, and then monitor anything that changes.”

Improperly configured cloud interdependencies create security vulnerabilities. Identities can be over-permissioned, or access paths to data are a mile wide. All of it needs to be managed, which involves a focus on assigned rights within cloud environments.

“You could have a company with 80,000 pieces of compute, 20,000 which are active at a particular point in time,” Hannigan said. “Then they assume these roles which give them access and rights to do things on cloud services. That’s good because I can restrict what they do, but it can be bad because if I don’t have a handle on it, it’s a mess.”

Graph solution

To prevent security chaos, Sonrai uses graphing technologies to spot issues and automatically eliminate the risks. The graph understands the intricacies of identity access models across a highly complex cloud state.

“I can see everything that can do anything to any other resource in the cloud, whether it’s a serverless function, a container or a virtual machine,” Hannigan said. “We run analytics across the graph to find and eliminate platform risk.”

Shifts in technology for cloud security are also changing the nature of the security function itself. In the past, IT security was its own department, but Sonrai has found that issues need to be dispersed to the DevOps teams responsible for specific key elements of the shared IT infrastructure.

“We have customers who have onboarded tens and tens of teams onto our platform,” Hannigan said. “Why do we do that? When we’re finding issues and things that need to be resolved, we’re directing them to development teams. The security team will only hear about it if the developer doesn’t fix it.”

Sonrai is the Gaelic term for data, according to Hannigan, and it may also be a nod toward the CEO’s own computer science degree with honors from University College in Dublin, Ireland. The company’s tools are built for taking security of data and its use in the cloud seriously, a philosophy that is continuing to evolve.

“The dark side is inexperience and inefficient deployment of those tools can lead to a whole host of risks that quite frankly a lot of customers don’t fully appreciate yet,” Hannigan said. “The power of the cloud has created complexity opportunities, but it has also given us the solution.”

Watch the complete video interview below, be sure to check out more of SiliconANGLE’s and theCUBE’s CUBE Conversations, and tune in to theCUBE’s live coverage of the AWS Startup Showcase: The Next Big Thing in AI, Security, & Life Sciences on June 16. (* Disclosure: Sonrai Security Inc. sponsored this CUBE Conversation. Neither Sonrai nor other sponsors have editorial control over the content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU