June Recap: New AWS Sensitive Permissions and Services

June Recap: New AWS Sensitive Permissions and Services

As AWS continues to evolve, new services and permissions are frequently introduced to enhance functionality and security. This blog provides a comprehensive recap of new sensitive permissions and services added in June. Our intention in sharing this is to flag the most important releases to keep your eye on and ... Read More

Safeguarding AWS AI Services: Protecting Sensitive Permissions

As AI continues to grow in importance, ensuring the security of AI services is crucial. Our team at Sonrai attended the AWS Los Angeles Summit on May 22nd, where we noted how big of a role AI is going to play in 2024. In fact, according to summit presentations, 70% ... Read More
secure sensitive permissions

May Recap: New AWS Services and Sensitive Permissions

New Services Service: Amazon Q Apps Type: Artificial Intelligence and Machine Learning Description: As we know, Amazon Q was released in April. Amazon Q Apps is a feature within the Q Business that simplifies app creation. it allows employees to quickly and easily create generative AI-powered apps based on their ... Read More
new way to do least privilege

There’s a New Way To Do Least Privilege

Least privilege. It’s like a love-hate relationship. Everyone knows it’s a best practice, but no one is achieving it at scale.  Why? Because it’s hard to do. The market is constantly trying to sell you least privilege, but no solution is making it easier, attainable, or sustainable. TL;DR: We’re going ... Read More
aws

April Recap: New AWS Services and Sensitive Permissions

| | Permission & Access
Amazon Web Services (AWS) has over 200 cloud services available to help organizations innovate, build business, and secure their data. New services are released every year with new permissions to accompany (there are over 19k permissions in AWS today!) AWS releases new permissions for existing services all the time, so ... Read More
Cloud Security Stories: From Risky Permissions to Ransomware Execution

Cloud Security Stories: From Risky Permissions to Ransomware Execution

In the sprawling cloud infrastructure of GlobalTech Inc., a meticulously planned ransomware attack was set in motion by a sophisticated adversary, codenamed Vector. Vector’s objective wasn’t just to encrypt data for a ransom but to navigate through a complex AWS environment with precision, exploiting specific, less obvious permissions to achieve ... Read More
cloud permissions firewall cta

Defining a Cloud Permissions Firewall

Sonrai recently launched the first-ever Cloud Permissions Firewall – a new class of solution built to more efficiently protect sensitive permissions and access.  A new solution class deserves a proper introduction and definition, so this blog will cover what a Cloud Permissions Firewall is, why enterprises need one, how it ... Read More
Introducing the Cloud Permissions Firewall

Unveiling the Sonrai Cloud Permissions Firewall

Dear Community, The inspiration behind our groundbreaking solution, the Sonrai Cloud Permissions Firewall, stemmed from a critical gap in the market: managing cloud permissions had become a Herculean task, bogged down with complexity and risk — and no cloud security vendor has truly solved this problem.  The Genesis of an ... Read More
exfiltration and impact

Powerful Cloud Permissions You Should Know: Series Final

| | Permission & Access
MITRE ATT&CK Stage: Exfiltration and Impact This blog is the final publication in a series exploring the most powerful cloud permissions and how they map to the MITRE ATT&CK Framework. You can find the series beginning on the Initial Access stage here. — The end of the MITRE Framework concludes ... Read More
defensive evasion

Powerful Cloud Permissions You Should Know: Part 5

MITRE ATT&CK Stage: Defensive Evasion This blog is the fifth publication in a series exploring the most powerful cloud permissions and how they map to the MITRE ATT&CK Framework. If you have not yet read the first blog on the Initial Access stage, you can find it here and follow ... Read More