Sonrai Security raises $20 million to protect public clouds with automation

Public cloud security provider Sonrai Security today announced a $20 million round that will be used to accelerate R&D and boost global sales and marketing for its identity and data governance products.

Roughly 83% of enterprise workloads have moved to the cloud, according to a 2020 survey from LogicMonitor. But the cloud remains vulnerable to cyberattacks. IBM found last year that the average time to identify a breach was 206 days. Meanwhile, security breaches have increased by 11% since 2018 and 67% since 2014, Accenture reported in a recent study.

Sonrai offers a platform called Sonrai Dig to help companies stay ahead of threats. The platform is built on a graph that identifies and monitors relationships between entities (e.g., admins, roles, compute instances, serverless functions, and containers) and data within public clouds and third-party data stores. An engine automates workflow, remediation, and prevention across cloud and security teams to provide baseline security. At the same time, it provides critical data in object stores like AWS S3 and Azure Blob priority to address suspicious activity and access rights monitoring.

Sonrai’s data governance automation solution helps integrate teams via analyses, alerts, and actions that align with the way organizations use the public cloud. The platform allows customized monitoring and views for development, staging, and production workloads and an API architecture that can be integrated into a continuous integration/continuous development process. Dig also automatically dispatches prevention and remediation bots and provides safeguards in the form of code promotion blocks to provide end-to-end security in public cloud platforms.

Sonrai CEO Brendan Hannigan, formerly a general manager of security at IBM, says improperly configured cloud interdependencies and inheritances can lead to significant security risks. These include excessive access paths to data, over-permissioned identities, and an unwieldy separation of responsibilities. Hannigan estimates that enterprises’ public cloud utilization generates hundreds of cloud accounts, thousands of data stores, and tens of thousands of ephemeral pieces of compute — complexity that legacy cloud security tools have failed to address.

Hannigan won’t disclose Sonrai’s customers, but he says the platform can scale to thousands of roles and compute instances across hundreds of corporate accounts. “The increasing frequency of cloud breaches caused by identity and data access complexity has driven significant traction for our … platform among large enterprises,” Hannigan added. “They see it as the basis of their cloud security model.”

Menlo Ventures led today’s series B round, with participation from Polaris Partners and Ten Eleven Ventures. It brings the New York-based company’s total raised to over $38.5 million, following an $18.5 million series A round in January 2019.