Sonrai Security Unfurls Service to Track Data in the Cloud
Fresh off raising an additional $18.5 million in funding, Sonrai Security has launched a Cloud Data Control service that promises to make it easier for cybersecurity teams to keep track of what data has been stored where on any public cloud service.
Sonrai Security CEO Brendan Hannigan said the Cloud Data Control service not only can make it easier to meet compliance mandates, but also to reduce cybersecurity risks by being able to monitor usage and movement of data by specific end users. Cloud Data Control is designed to automate discovery, classification and mapping of all data residing in a public cloud, he said.
Cloud Data Control leverages application programming interfaces (APIs) to make it possible to integrate the service within the construct of a DevOps process, which enables users to apply analytics based on machine learning algorithms across hundreds of Amazon Web Services (AWS) and Google accounts or Azure subscriptions, as well as associated data stores such as MongoDB, Cassandra and MySQL databases. That latter capability is critical because it means Cloud Data Control is not just limited to tracking data in the object-based storage services that cloud service providers have built, Hannigan noted.
As the rate at which data is being either created or shifted into the cloud, Hannigan said cybersecurity professionals are finding it more challenging than ever to keep track of what data assets reside where. But while that may seem problematic today, long-term, cybersecurity teams may be pleasantly surprised to discover the APIs that cloud service providers expose make it much easier to track data assets when compared to on-premises IT environments, where APIs are not usually nearly as robust or well-documented. In fact, data stored in a public cloud is generally more secure than data stored in on-premises IT environments assuming the proper controls are applied, he noted.
Cloud Data Control’s API capability means that, in many cases, cybersecurity teams now will be able to keep pace with the rate at which cloud computing environments are being updated in the age of DevOps, Hannigan added, which should help accelerate the development of best DevSecOps practices.
Thanks to the rise of shadow IT, most organizations today are significantly underestimating the amount of data that needs to be monitored and secured in their multiple cloud computing environments, said Hannigan, noting that as organizations embrace multiple clouds, that issue will only become more acute.
Both Hannigan and co-founder Sandy Bird trace their security pedigree back to IBM Security and Q1 Labs, which IBM acquired in 2011. Hannigan previously served as general manager of IBM Security, while Bird served as CTO for IBM Security.
It may take some time before DevSecOps becomes pervasive across IT environments. But in the meantime, IT organizations looking to make that transition at least now have a set of data management tools from which to start.
