- 67
- 9 624
Sonrai Security
United States
Registrace 21. 02. 2020
Sonrai Security delivers an enterprise security platform focused on identity and data security inside AWS, Azure, GCP, and Oracle. We can show you all the ways data has been accessed in the past and can be accessed in the future. Our platform delivers a complete risk model of all identity and data relationships, including activity and movement across cloud accounts, cloud providers, and third-party data stores.
Find out more about Sonrai Security by visiting us at sonraisecurity.com
Find out more about Sonrai Security by visiting us at sonraisecurity.com
Quarantine Zombie Cloud Identities with Cloud Permissions Firewall
Join Tally as she details how the Cloud Permissions Firewall offers an effortless way to quarantine zombie cloud identities without having to delete them.
What does this mean?
Unused cloud identities (inactive for over 90 days) become 'zombies' just creating opportunity for risk. Sonrai can quarantine these zombies by blocking them from any use (restricting all their permissions) leaving them safe from exploitation.
You can 'wake up' your zombies from quarantine with an automated permissions-on-demand workflow.
What does this mean?
Unused cloud identities (inactive for over 90 days) become 'zombies' just creating opportunity for risk. Sonrai can quarantine these zombies by blocking them from any use (restricting all their permissions) leaving them safe from exploitation.
You can 'wake up' your zombies from quarantine with an automated permissions-on-demand workflow.
zhlédnutí: 13
Video
The 5-5-5 of SCPs Webinar
zhlédnutí 13Před 14 dny
Service Control Policies (SCPs) are amazing tools for implementing sweeping protections across your estate and centrally managing permissions - but when should you use them? How do you most effectively build them? And wouldn't it be nice if someone just wrote them for you? Join us as we flesh out everything you need to know about Service Control Policies and how to get around their greatest cha...
A Realist Approach to Least Privilege in Cloud
zhlédnutí 8Před 14 dny
Implementing the principle of least privilege across all 42k permissions and 600 services presents an overwhelming challenge. Achieving it is impossible and unsustainable with the rate at which dev teams would request new access. We have to redefine least privilege and what it means to be secure in the cloud. There’s a way to focus on only permissions that matter, reduce access requests, and ma...
Restricting Unused Excessive Permissions with Cloud Permissions Firewall
zhlédnutí 33Před měsícem
One of the Cloud Permissions Firewall's greatest use cases is the ability to restrict sensitive permissions your identities have access to, but aren't using. Get a preview of how you can do this in the product at the scope of your choosing, and a demonstration of the automated permissions-on-demand workflow.
Get to Know the Cloud Permissions Firewall
zhlédnutí 73Před měsícem
Chances are, you already know you've got overly permissioned and unused cloud identities lying around creating unnecessary risk. Your IAM tools and cloud native solutions are giving you tons of visibility, and tell you you've got a problem, but the reality is you're kinda left to DIY the actual fix. This is exactly why we built the cloud permissions firewall. What's so different? We don't stop ...
Least Privilege Made Achievable & Scalable! You Read That Right.
zhlédnutí 15Před měsícem
Everyone knows Least Privilege is the Cloud IAM gold standard - so why are so many struggling to achieve this state successfully? Well, building individual policies for thousands of human and machine identities and controlling access to all 42,000 possible permissions is cumbersome, endless, and can feel impossible. Current processes ask a lot of your team and are simply too slow. So what can y...
CSA x Sonrai Webinar: Least Privilege Reality Check: Refining Cloud Access and Permissions
zhlédnutí 19Před měsícem
Tackling least privilege in cloud environments is complex; with over 42,000 permissions to manage, tens of accounts, and thousands of identities to create policies for, traditional least privilege is not only impractical, but feels hopeless. Not to mention, the majority of those 42,000 permissions are mundane; so why are we asking DevOps to spend cycles securing low-risk permissions? In this se...
The (IAM) Call is Coming From Inside the House (SANs Spring Cyberfest 2024)
zhlédnutí 8Před 2 měsíci
Most have a dark and malicious image in their head when they hear ‘insider threat’, but there can easily be a different kind of insider threat in your cloud. Some cloud permissions are more sensitive by nature than others. They can create opportunities for access into your environment, gaining credentials, evading detection, or impacting your data. What happens when you lose control over who ha...
Rethinking Least Privilege: How to Slash Your Cloud Risk Overnight (SANs Spring Cyberfest 2024)
zhlédnutí 19Před 2 měsíci
In practice, achieving true least privilege at scale is not just daunting; it's practically impossible. There are over 40,000 possible permissions across the major clouds; trying to build policies around them all is not sustainable. It’s time to redefine least privilege, by focusing on protecting only the most sensitive and impactful permissions. By concentrating on what truly matters-the permi...
Believe It or Not One Click Least Privilege
zhlédnutí 75Před 2 měsíci
If you’re struggling to achieve least privilege and know how cumbersome identity policy management can be, this webinar is for you. Native cloud security tools leave you writing policy requirements manually, becoming a major time suck and ultimately failing to meet the dynamic needs of cloud architectures. Meet Sonrai’s Cloud Permissions Firewall - a one-click solution for establishing and main...
Introducing the Cloud Permissions Firewall
zhlédnutí 2KPřed 3 měsíci
Sonrai’s Cloud Permissions Firewall gets cloud access under control, slashes the permissions attack surface, and automates least privilege all without impeding DevOps. The Cloud Permissions Firewall uses sensitive permission intelligence and usage monitoring to determine who needs what permissions in your cloud. Then, with one-click, it eliminates all unused sensitive permissions access across ...
Four Proactive Steps to Secure Access in Your Cloud - Webinar
zhlédnutí 11Před 6 měsíci
As we have all seen recently, breaches are inevitable. Despite extensive perimeter defenses, we’re human - we make mistakes, often leading to credential compromises and unauthorized access. The real question isn't about keeping attackers out-it's about rendering them powerless even when they get in. In this session, we’ll discuss some of the recent newsworthy breaches, along with four strategie...
Sonrai's 4 Step Process to Securing Cloud Identities
zhlédnutí 38Před 6 měsíci
Sonrai Security believes in taking simple actions to dramatically reduce risk. Sandy explains the inspiration around our blog, '4 Steps to Secure Cloud Identities if You're Stuck.' 1. Find unknown admins and certify necessary ones. 2. Remove unused identities. 3. Enforce least privilege. 4. Disrupt lateral movement. Blog: sonraisecurity.com/blog/4-steps-to-secure-cloud-identities-if-youre-stuck/
Ranking Sensitive Cloud Permissions by Risk
zhlédnutí 5Před 6 měsíci
Sandy Bird details how Sonrai ranks all 42,000 possible cloud permissions into sensitivity categories to help teams prioritize the most risky actions.
How to Centralize Multi-Cloud Security
zhlédnutí 6Před 6 měsíci
Sandy shares how critical it is to find a way to centralize security, governance and maturity reporting when operating out of multiple clouds.
The Cloud Identity Diagnostic Use Cases
zhlédnutí 16Před 6 měsíci
The Cloud Identity Diagnostic Use Cases
Secure Cloud Permissions and Access with Sonrai
zhlédnutí 1KPřed 6 měsíci
Secure Cloud Permissions and Access with Sonrai
Securing Cloud Identity with Sonrai Security: An Introduction by CTO & Co-Founder Sandy Bird
zhlédnutí 80Před 7 měsíci
Securing Cloud Identity with Sonrai Security: An Introduction by CTO & Co-Founder Sandy Bird
Closing the Security Void left by PAM and IGA in the Cloud
zhlédnutí 54Před 8 měsíci
Closing the Security Void left by PAM and IGA in the Cloud
Strategy to Execution How to Close the Identity Security Gaps in the Cloud
zhlédnutí 68Před 8 měsíci
Strategy to Execution How to Close the Identity Security Gaps in the Cloud
Accelerate Identity Security Maturity in the Cloud
zhlédnutí 274Před 8 měsíci
Accelerate Identity Security Maturity in the Cloud
CISO vs Security Architect: Battling to Secure the Cloud
zhlédnutí 53Před 8 měsíci
CISO vs Security Architect: Battling to Secure the Cloud
Identity 101: From Human to Machine and Everything In Between
zhlédnutí 35Před 8 měsíci
Identity 101: From Human to Machine and Everything In Between
5 Tips to Build an Identity Strategy Your CISO will Love
zhlédnutí 50Před 8 měsíci
5 Tips to Build an Identity Strategy Your CISO will Love
Mapping The Battlefield By Untangling Cloud IAM
zhlédnutí 59Před 8 měsíci
Mapping The Battlefield By Untangling Cloud IAM
Securing the Inevitable: Disarming Identity and Permissions Risks in Your Cloud
zhlédnutí 46Před 8 měsíci
Securing the Inevitable: Disarming Identity and Permissions Risks in Your Cloud
Sonrai Expert Corner: Privilege Gathering -- Enough to Hijack Your Cloud Part 3
zhlédnutí 32Před 9 měsíci
Sonrai Expert Corner: Privilege Gathering Enough to Hijack Your Cloud Part 3
Can you elaborate on how you got access to the public IP of that EC2? In the demo, we can only see its private IP. 🤔 Thanks
Hi, I'm Jeff and this is me in the video. I used an RFC1918 ip in the video just as a placeholder for what in real-life would be the actual public ip. I hope this helps and appreciate you watching!