Sonrai Security Expands into Cloud Workload Protection

Sonrai Security announced its expansion into Cloud Workload Protection (CWPP), with unique capabilities that enable enterprise companies to react to host-based threats according to their immediate severity and business impact.

The announcement expands Sonrai’s comprehensive cloud security platform that incorporates cloud Infrastructure Entitlements Management (CIEM), Cloud Security Posture Management (CSPM) and data security platform functionality.As a recent report from Gartner notes: “The shift to cloud-native application development using container-based application architectures, microservices-based applications and adoption of serverless PaaS requires new CWPP capabilities both for development and at runtime.

Cloud-native applications require specific solutions designed to address the protection requirements of cloud-based systems. With immutable infrastructure, CWPP protection strategies will shift to a zero-trust mindset and focus on application control and container lockdown (default deny/zero trust) at runtime, with a stronger emphasis on scanning for vulnerabilities before deployment.”

Sonrai Dig delivers a cloud security solution that unearths, prioritizes and removes risks across every part of a customer’s public cloud. Sonrai Dig enables customers to see everything – including inventory, activity, identities, data and workloads – and to map every possible access path to data in their clouds. By linking workload vulnerabilities into Sonrai’s Identity Graph, the most critical risks are rapidly identified and remediated.

CWPP capabilities include:

  • Ability to drill down on specific vulnerabilities to fully understand ‘blast radius’
  • ‘Risk Amplifiers’ uncovered by the Sonrai identity graph which prioritize vulnerabilities with access to critical data, that give access to high privileges or those exposed externally
  • Extensive ability to uncover PII and other risks including classification of data on hosts
  • Establishment of team-based remediation workflows

For more information, visit