- 82
- 11 572
Sonrai Security
United States
เข้าร่วมเมื่อ 21 ก.พ. 2020
Sonrai Security delivers an enterprise security platform focused on identity and data security inside AWS, Azure, GCP, and Oracle. We can show you all the ways data has been accessed in the past and can be accessed in the future. Our platform delivers a complete risk model of all identity and data relationships, including activity and movement across cloud accounts, cloud providers, and third-party data stores.
Find out more about Sonrai Security by visiting us at sonraisecurity.com
Find out more about Sonrai Security by visiting us at sonraisecurity.com
Unlocking Security Insights for Everyone with AI
In this session, we’ll explore how Large Language Models (LLMs) are transforming cloud security by making complex security data accessible to everyone, not just the experts.
With AI, anyone in the organization can ask plain-language questions to get insights from security tools, see progress on risks, and understand what still needs attention-without having to learn the ins and outs of technical dashboards.
Once security info is simplified, it can be shared easily across email and chat, boosting collaboration. By freeing security teams from endless reporting, LLMs let them focus on keeping the organization secure, while ensuring everyone stays informed.
With AI, anyone in the organization can ask plain-language questions to get insights from security tools, see progress on risks, and understand what still needs attention-without having to learn the ins and outs of technical dashboards.
Once security info is simplified, it can be shared easily across email and chat, boosting collaboration. By freeing security teams from endless reporting, LLMs let them focus on keeping the organization secure, while ensuring everyone stays informed.
มุมมอง: 31
วีดีโอ
Practical Steps for Tackling Identity Sprawl with AWS Access Analyzer
มุมมอง 14วันที่ผ่านมา
In the intricate landscape of cloud security, effectively managing identity sprawl is a persistent challenge for organizations. AWS Access Analyzer has emerged as a crucial tool in this ongoing battle, offering enhanced features to identify over-permissioned and unused identities-often termed “zombie identities.” This webinar will dissect the functionalities of AWS Access Analyzer, demonstratin...
Fix What Your CNAPP Found
มุมมอง 2128 วันที่ผ่านมา
Moving from visibility to action in cloud security.
Defeating Cloud Zombies Identifying and Eliminating Hidden Threats
มุมมอง 8หลายเดือนก่อน
In the dynamic realm of cloud security, organizations are in constant pursuit of innovative solutions to shield their cloud environments from the ever-growing array of threats. The SANS CloudSecNext Solutions Summit stands as a pivotal platform that brings to the forefront the latest trends, challenges, and solutions pivotal to cloud security. This solutions track is meticulously curated to pro...
Live Look: Cloud Permissions Firewall
มุมมอง 25หลายเดือนก่อน
If you’re struggling to achieve least privilege and know how cumbersome policy management can be, this webinar is for you. Native cloud security tools leave you writing policy requirements manually, becoming a major time suck and ultimately failing to meet the dynamic needs of cloud architectures. Meet Sonrai’s Cloud Permissions Firewall - a one-click solution for establishing and maintaining a...
From Manual to Automated: Implementing Least Privilege in AWS with SCPs
มุมมอง 52หลายเดือนก่อน
Learn first hand about the journey of achieving least privilege in the cloud using Service Control Policies (SCPs) in AWS. This case study will start by showcasing the manual approach, detailing the design and implementation with cloud-native tools. Then, the discussion will focus on leveraging automation tools to streamline the process, significantly reducing time and effort. Take away practic...
JIT vs Long Lived Roles: Evaluating Cloud Security Strategies
มุมมอง 69หลายเดือนก่อน
JIT permissioning is often hailed as a silver bullet for cloud access, yet its security benefits beyond privilege escalation are hard to quantify. This session delves into the dynamics of JIT roles versus long-lived roles, evaluating their true value and exploring practical implementation strategies to maximize security and efficiency in cloud environments. Presented by: James Berthoty, Cloud S...
Privilege Escalation Deconstructed: Attacks and How to Stop Them
มุมมอง 70หลายเดือนก่อน
Discover how IAM Privilege Escalation attacks work and how threat actors commonly exploit misconfigurations. This session will explain what privilege escalations are, go through a live environment escalating privilege, and discuss common techniques used in the wild. We'll then explain and demonstrate how to find potential PrivEsc paths in the cloud to prevent and detect ongoing attacks. Present...
What is a Cloud Permissions Firewall Anyway?
มุมมอง 93หลายเดือนก่อน
Discover the Cloud Permissions Firewall concept and its role in modern cloud identity security. This session explores achieving least privilege at scale with a default-deny model that works, delving into real-world applications and benefits. See it in action to gain an understanding of how implementing a permissions firewall will solve the overpermissioned and unused identity problem in your cl...
IAM in the Cloud: Successes, Pitfalls, and Lessons Learned
มุมมอง 145หลายเดือนก่อน
Learn how companies of all sizes and maturity levels have addressed the complexities of managing identities in the cloud to reduce risk. Through real-world examples and expert insights, this session reveals both successes and pitfalls in cloud IAM. Gain practical strategies today to elevate your organization's cloud identity security. Presented by: Chad Lorenc, Security Delivery Manager, AWS
What Everyone Should Know About Cloud Permissions
มุมมอง 83หลายเดือนก่อน
Dive into the current state of cloud permissions and identities, focusing on strategies to identify and mitigate risks. Review the latest analysis on the scale of cloud permissions in typical environments, gain insights into newly introduced risky permissions by cloud providers and learn effective measures to address these risks. Presented by: Nigel Sood, Cloud Security Researcher, Sonrai Secur...
Permissions Boundaries and SCPs: The Cloud IAM Invariants
มุมมอง 42หลายเดือนก่อน
Join us as we unravel the complexities of permissions boundaries and Service Control Policies and discover their power in preventing privilege escalation while supporting delegated administration. Through real-world examples and clear explanations, you'll gain practical knowledge to enhance your cloud security and streamline your IAM strategy. Presented by: Rich Mogull, Researcher and CEO, Secu...
Navigating the Challenges of Cloud Permissions: Ownership, Maturity, and Centralized Control
มุมมอง 121หลายเดือนก่อน
Explore the challenges of least privilege and who should own this critical issue. Delve into the three phases of maturity for addressing the problem and master strategies to centralize permissions management to lighten the load on developers. Walk away with specific policies you can implement today to protect the most powerful permissions in your cloud. Presented by: Sandy Bird, Co-Founder and ...
Using AWS SCPs to Achieve Least Privilege while Supporting Developers
มุมมอง 573 หลายเดือนก่อน
Traditionally, achieving least privilege means a lot of identity-by-identity policy creation and management. In this session, explore a new approach to least privilege that leverages AWS SCPs to centrally restrict excessive permissions and secure unused identities, services, and regions. By protecting only the most sensitive cloud permissions, developer innovation remains intact.
SCP Writing 101 Workshop
มุมมอง 363 หลายเดือนก่อน
If you are working with SCPs and want to increase your expertise, this workshop is for you. Join Sandy Bird, Sonrai Security Co-Founder and CTO, and Christophe Limpalair, Cybr Founder, for a hands-on session where you will learn how to write SCPs to protect some of the most powerful permissions in your AWS environment. In this interactive session, you will: - Write 3-5 SCPs to block tampering o...
Quarantine Zombie Cloud Identities with Cloud Permissions Firewall
มุมมอง 474 หลายเดือนก่อน
Quarantine Zombie Cloud Identities with Cloud Permissions Firewall
A Realist Approach to Least Privilege in Cloud
มุมมอง 294 หลายเดือนก่อน
A Realist Approach to Least Privilege in Cloud
Restricting Unused Excessive Permissions with Cloud Permissions Firewall
มุมมอง 615 หลายเดือนก่อน
Restricting Unused Excessive Permissions with Cloud Permissions Firewall
Get to Know the Cloud Permissions Firewall
มุมมอง 2535 หลายเดือนก่อน
Get to Know the Cloud Permissions Firewall
Least Privilege Made Achievable & Scalable! You Read That Right.
มุมมอง 225 หลายเดือนก่อน
Least Privilege Made Achievable & Scalable! You Read That Right.
CSA x Sonrai Webinar: Least Privilege Reality Check: Refining Cloud Access and Permissions
มุมมอง 235 หลายเดือนก่อน
CSA x Sonrai Webinar: Least Privilege Reality Check: Refining Cloud Access and Permissions
The (IAM) Call is Coming From Inside the House (SANs Spring Cyberfest 2024)
มุมมอง 176 หลายเดือนก่อน
The (IAM) Call is Coming From Inside the House (SANs Spring Cyberfest 2024)
Rethinking Least Privilege: How to Slash Your Cloud Risk Overnight (SANs Spring Cyberfest 2024)
มุมมอง 456 หลายเดือนก่อน
Rethinking Least Privilege: How to Slash Your Cloud Risk Overnight (SANs Spring Cyberfest 2024)
Believe It or Not One Click Least Privilege
มุมมอง 1036 หลายเดือนก่อน
Believe It or Not One Click Least Privilege
Introducing the Cloud Permissions Firewall
มุมมอง 2.3K7 หลายเดือนก่อน
Introducing the Cloud Permissions Firewall
Four Proactive Steps to Secure Access in Your Cloud - Webinar
มุมมอง 1810 หลายเดือนก่อน
Four Proactive Steps to Secure Access in Your Cloud - Webinar
Sonrai's 4 Step Process to Securing Cloud Identities
มุมมอง 4410 หลายเดือนก่อน
Sonrai's 4 Step Process to Securing Cloud Identities
Ranking Sensitive Cloud Permissions by Risk
มุมมอง 510 หลายเดือนก่อน
Ranking Sensitive Cloud Permissions by Risk
How to Centralize Multi-Cloud Security
มุมมอง 910 หลายเดือนก่อน
How to Centralize Multi-Cloud Security
Can you elaborate on how you got access to the public IP of that EC2? In the demo, we can only see its private IP. 🤔 Thanks
Hi, I'm Jeff and this is me in the video. I used an RFC1918 ip in the video just as a placeholder for what in real-life would be the actual public ip. I hope this helps and appreciate you watching!