The Sonrai Cloud Permissions Firewall

The Sonrai Cloud Permissions Firewall gets cloud access under control, slashes the permissions attack surface, and automates least privilege all without impeding DevOps. The Cloud Permissions Firewall uses sensitive permission intelligence and usage monitoring to determine who needs what permissions in your cloud. With one click, it eliminates all unused sensitive permissions access across your entire multi-cloud estate. Permission exceptions are granted to roles on the fly as new needs come up so development goes uninterrupted.

0 AWS reviews

18 external reviews

View purchase options

Try for free

Request private offer

Request demo

Overview

Product video

Get control of your cloud access by removing excessive permissions and unused services. The Cloud Permissions Firewall transforms your cloud into a platform-wide state of least privilege and maintains that state as cloud usage expands across teams and cloud providers. The solution drives DevOps velocity with easy access to required permissions and sensitive services without introducing unnecessary risk. With the Cloud Permissions Firewall, you will significantly reduce the opportunity for attackers to steal sensitive data, disrupt business or hijack your cloud once they get in.

How does it work?

The Cloud Permissions Firewall is built on detailed permission usage intelligence that understands how your users and machines work and what they need access to.

Everything that is unused is removed with a sweeping global default deny policy. Excessive permissions are restricted, unused services are locked down, and dormant zombie identities are quarantined off.

When new access needs arise, a frictionless permissions on-demand workflow sends a request directly to a relevant approver so any role or employee gets what they need, quickly. Your global deny policy is automatically updated allowing this new exemption.

The Cloud Permissions Firewall allows you to secure with confidence, accelerate productivity, and save time not manually managing policies.

After achieving multi-cloud least privilege, it is time to shut down remaining attack paths. The Sonrai Cloud Infrastructure and Entitlements Management (CIEM+) solution reveals how permissions and policies compound together to create unintended access. Use manual or automated remediation options to eliminate risk.

Note: If you are an AWS customer and looking at Cloud Permissions Firewall, you must use AWS Organizations in your cloud.

Highlights

Instant Risk Reduction: After your teams deploy the global policies in one-click, your attack surface is immediately reduced with quarantined zombie identities, restricted excessive permissions, and disabled unused services and regions.
Global Default Deny Without Disruption: Receive large-scale protection without restricting anything your identities actually need. As new identities appear in your cloud, the deny policy applies by default making least privilege continuous and sustainable.
ChatOps and ITSM Integration: No need to learn new tools or change your pre-existing workflows. The Cloud Permissions Firewall integrates with Slack, Google Teams, Email, Jira, ServiceNow, and more.

Details

Sold by

Sonrai Security

Unlock automation with AI agent solutions

Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.

Explore AI agent solutions

Features and programs

Vendor Insights

Info

Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.

Security credentials achieved

(1)

SOC2

View security profile

Financing for AWS Marketplace purchases

AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.

View financing details

Pricing

Free trial

Try for free

Try this product free according to the free trial terms set by the vendor.

The Sonrai Cloud Permissions Firewall

Info

View purchase options

Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.

Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.

12-month contract (3)

Info

Dimension	Description	Cost/12 months
Sonrai Cloud Permissions Firewall - Enterprise Annual [Standard Support]	Enterprise Edition Standard Support - 25 Account Bundle	$37,500.00
Sonrai Cloud Permissions Firewall - Enterprise Annual [Premium Support]	Enterprise Edition Premium Support - 25 Account Bundle	$45,000.00
Sonrai Cloud Permissions Firewall - Starter Annual [Basic Support]	Starter Edition - 10 Account Bundle	$10,690.00

Additional usage costs (1)

Info

The following dimensions are not included in the contract terms, which will be charged based on your usage.

Dimension	Description	Cost/unit
Sonrai Cloud Permissions Firewall	Sonrai Cloud Permissions Firewall - Enterprise Monthly Overage	$200.00

Vendor refund policy

All fees are non-cancellable and non-refundable except as required by law.

Custom pricing options

Request private offer

Request a private offer to receive a custom quote.

How can we make this page better?

We'd like to hear your feedback and ideas on how to improve this page.

Legal

Vendor terms and conditions

Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

Content disclaimer

Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

Usage information

Info

Request demo

Delivery details

Software as a Service (SaaS)

SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

Resources

Vendor resources

Pricing FAQs

Cloud Permissions Firewall Product Page

Sonrai Security Website

Support

Vendor support

The Sonrai Cloud Permissions Firewall - Starter Edition Support

Sonrai shall provide customer support to Company by email and the Sonrai support portal. Email: support@sonraisecurity.com Sonrai support is available during the hours of 9am-5pm ET, Monday through Friday and excluding public holidays. Customer response time is up to one (1) business day.

The Sonrai Cloud Permissions Firewall - Enterprise Edition Support

Standard Support for Enterprise (included) Sonrai shall provide customer support to Company by email, phone, chat, and the Sonrai support portal. Email: support@sonraisecurity.com Sonrai support is available during the hours of 9am-5pm ET, Monday through Friday and excluding public holidays. Customer response time varies from (1) hour to (1) business day depending on severity of ticket.

Premium Support for Enterprise (additional fee) Sonrai shall provide 24x7 customer support to Company by email, phone, chat, and the Sonrai support portal. Email: support@sonraisecurity.com . Sonrai support is available 24/7, 365 days per year through Jira Service Desk and Slack(when enabled). Normal response time to tickets is within four (4) hours during business hours (9am-5pm ET), 12 hours on evenings, 24 hours on weekends. Severity 1 issues are prioritized 24/7 and are escalated immediately when reported.

AWS infrastructure support

AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

Get support

Product comparison

Info

Updated weekly

The Sonrai Cloud Permissions Firewall

By Sonrai Security

BeyondTrust

By BeyondTrust Corporation

CyberArk Secure Cloud Access

By CyberArk

Accolades

Info

Top

In Centralized Identity Management

Top

In Financial Services

Customer reviews

Info

Sentiment is AI generated from actual customer reviews on AWS and G2

Reviews

Functionality

Ease of use

Customer service

Cost effectiveness

18 reviews

Positive

Mixed

Positive

Insufficient data

292 reviews

Positive

Mixed

5 reviews

Positive

Insufficient data

Positive reviews

Mixed reviews

Negative reviews

Overview

Info

AI generated from product descriptions

Permission Intelligence

Advanced system that analyzes and understands user and machine permission usage across cloud environments

Global Default Deny Policy

Comprehensive access control mechanism that automatically restricts and removes unused permissions and services

Multi-Cloud Identity Management

Cross-platform capability to manage and secure cloud identities and permissions across different cloud providers

Dynamic Permission Workflow

Automated permissions request and approval system that enables on-demand access with minimal friction

Attack Surface Reduction

Systematic approach to quarantine zombie identities, restrict excessive permissions, and disable unused services and regions

Identity Threat Detection

Advanced discovery and intelligence system for detecting identity-based threats across infrastructure

Privileged Access Management

Comprehensive control and management of privileged passwords, accounts, credentials, and sessions for human and machine identities

Remote Access Security

Granular control, management, and auditing of privileged remote access for employees, vendors, developers, and cloud operations engineers

Endpoint Privilege Control

Dynamic least privilege enforcement across Windows, macOS, Linux, and mobile platforms to prevent malware and unauthorized access

Cloud Entitlement Management

Cross-cloud visibility of access permissions, detection of account permission anomalies, and guidance for privilege optimization

Zero Standing Privileges

Dynamically provisions temporary, session-based access across multi-cloud environments without persistent permissions

Attribute-Based Access Control

Implements granular permission management based on identity, role, and contextual attributes for secure access

Multi-Cloud Integration

Supports unified access management across AWS, Azure, and GCP cloud environments with native tool compatibility

Just-in-Time Access Model

Enables on-demand, time-limited access to cloud resources with automated entitlement and approval workflows

Identity Security Framework

Provides layered identity-based controls to prevent unauthorized access and reduce credential exposure risks

Security credentials

Info

Validated by AWS Marketplace

FedRAMP

GDPR

HIPAA

ISO/IEC 27001

PCI DSS

SOC 2 Type 2

No security profile

Contract

Info

Standard contract

Customer reviews

Leave a review

Ratings and reviews

Info

0 ratings

5 star

4 star

3 star

2 star

1 star

0 AWS reviews

18 external reviews

Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.

Nisha J V.

Plateforme exceptionnelle de gestion des identités et des données dans le cloud

Reviewed on May 13, 2025

Review provided by G2

Qu'aimez-vous le plus à propos de the product?

Sonrai Security nous a offert une visibilité et un contrôle inégalés sur la gouvernance des identités et les autorisations cloud.

Que n’aimez-vous pas à propos de the product?

La plateforme de Sonrai offre des informations approfondies sur les chemins d'accès aux identités, les droits à risque et les comptes sur-autorisés dans des environnements multi-cloud. L'interface utilisateur est propre et facile à naviguer, rendant les données de sécurité complexes plus exploitables. Le pare-feu des permissions cloud est particulièrement impressionnant — il aide à appliquer des politiques de moindre privilège avec un minimum de friction.

Quels sont les problèmes que the product résout, et en quoi cela vous est-il bénéfique?

Sonrai Security nous aide à identifier et éliminer les permissions excessives et les chemins d'accès d'identité à risque à travers notre infrastructure cloud (AWS, Azure et GCP). Cela a considérablement amélioré notre posture de sécurité, permis la conformité avec les politiques internes et réduit les risques d'exposition des données. La plateforme assure également une surveillance continue et fournit des informations exploitables, ce qui simplifie nos audits et nos efforts de remédiation.

Dumindu d.

Meilleure solution de sécurité cloud jamais vue

Reviewed on Mar 17, 2025

Review provided by G2

Qu'aimez-vous le plus à propos de the product?

Automatisation & Informations alimentées par l'IA
Bon support client

Que n’aimez-vous pas à propos de the product?

Configuration initiale complexe
Les prix peuvent être élevés

Quels sont les problèmes que the product résout, et en quoi cela vous est-il bénéfique?

Risques liés à la gestion des identités et des accès dans le cloud (CIAM)

Aditya T.

Je suggérerais d'utiliser cela, c'est très utile.

Reviewed on Feb 26, 2025

Review provided by G2

Qu'aimez-vous le plus à propos de the product?

C'est très facile à utiliser et sécurise également nos propriétés, etc.

Que n’aimez-vous pas à propos de the product?

Je n'aimais pas les mots de passe chaque fois que j'ouvre cela, il faut des mots de passe et il n'y a pas d'option d'empreinte digitale.

Quels sont les problèmes que the product résout, et en quoi cela vous est-il bénéfique?

Cela a aidé mon entreprise à sécuriser nos propriétés.

Naveen K.

Véritable avis sur la sécurité Sonrai

Reviewed on Feb 06, 2025

Review provided by G2

Qu'aimez-vous le plus à propos de the product?

Sonrai Security est le meilleur pour la sécurité du cloud et la gestion des vulnérabilités. Il simule les chemins d'attaque.

Que n’aimez-vous pas à propos de the product?

Nous ne pouvons pas automatiser toutes les tâches de sécurité dans Sonrai Security.

Quels sont les problèmes que the product résout, et en quoi cela vous est-il bénéfique?

Sonarai Security fournit une sécurité cloud et un pare-feu de permissions cloud. Nous l'utilisons pour sécuriser nos domaines et applications qui fonctionnent principalement sur le cloud, principalement sur AWS et Google Cloud. Nous l'utilisons pour nos permissions IAM.

Nucera L.

La solution réussie pour la sécurité des données et l'atténuation des risques

Reviewed on Jan 30, 2025

Review provided by G2

Qu'aimez-vous le plus à propos de the product?

Sonrai Security a simplifié le DSP qui nous permet de naviguer dans toutes les fuites de données. L'analyse des vulnérabilités des données est systématiquement traitée, offrant un rapport compréhensible.

Que n’aimez-vous pas à propos de the product?

Sonrai Security a une solution permanente pour les questions de sécurité des données.

Quels sont les problèmes que the product résout, et en quoi cela vous est-il bénéfique?

Nous gérons et analysons toutes nos identités en utilisant Sonrai Security, pour garantir que chaque utilisateur est entièrement certifié et vérifié. Les moniteurs cloud sur le fonctionnement de nos systèmes nous offrent une gestion de la charge de travail facile et aucun risque de pertes. Les solutions de détection des menaces sont déployées de manière exhaustive pour démontrer une sécurité précise.

View all reviews