Sold by: Sonrai SecurityÂ
Deployed on AWS
Vendor Insights
Sonrai Security offers a cloud identity, access and permissions security solution for Amazon Web Services that reveals cloud risk and automates remediation.
Overview
The Sonrai Security platform reveals cloud blindspots and provides remediation to prevent high impact attacks. Its technology unifies four types of cloud risk analytics and remediation:
Identity Privilege & Access (CIEM) The Toxic Permissions Analyzer uncovers every overprivileged human and machine identity across all AWS accounts. Sonrai graphs every asset, resource and permission across your cloud, to reveal where privileges compound to create pathways to your data. See a full picture of effective permissions, including what identities can do after crossing accounts or clouds. Use Sonrai to monitor and alert on separation of duties, toxic combinations, dormant identities, and enforce Least Privilege.
Data Protection & Classification (DSPM) Continuously monitor critical data sitting inside object stores like AWS S3 and database services. Suspicious access activity or changes in access rights creating new risks are automatically flagged and remediated. Sonrai offers data discovery, data tagging, custom classification, Least Access policies and continuous monitoring of your most sensitive assets. Pass audits, meet compliance and guard the heart of your organization with Sonrai.
Agentless Vulnerability Scanning & Inspector Enrichment (CWPP) Leverage the Sonrai Security agentless scanner or enrich your own with identity and data risk amplifiers and a unique severity score. This built-in prioritization of vulnerabilities posing the greatest threat to your data, whether on the host or via identity lateral moment allows your team to focus their efforts and preserve resources. Enrich Amazon Inspector data with Sonrai context.
Custom Cloud Posture Management and Compliance (CSPM) Continuous monitoring of drift away from baseline for misconfigurations, data movement, and network access is detected and remediated. Check your security posture against pre-built or custom-built frameworks so you pass every audit and know that your AWS environment does not miss a new threat.
Highlights
- Unique ability to not only detect toxic policies allowing identities risky access, but detail the exact permission granted out of the 40,000+ possible actions (e.g. read, write, delete.)
- Attack path analysis: Sonrai simulates every possible attack path leading to data in your cloud and rebuilds the model each night to keep up with your evolving cloud.
- Deep data monitoring of S3, RDS, DynamoDB, EBS, Vault and other datastores, and the ability to track data movement, uncover risk to PII, geo-residency and data privacy controls. Operationalized cloud security: organizations are split into organized and automated workflows to ensure remediation alerts go to the specific team responsible. Integrations with Jenkins, ServiceNow, Slack, Jira, Teams, and more.
Details
Sold by
Categories
Delivery method
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(1)
SOC2
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Professional Edition | 500 Cloud Resources - Compute, Roles | $50,000.00 |
Dimension | Cost/unit |
|---|---|
Additional Usage Fees | $100.00 |
Vendor refund policy
No Refunds
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
Complementary Standard Support. Our Sonrai experts will help ensure Sonrai is optimized for your cloud security requirements. Onboarding accounts and users, setting up SSO, and initial configuration are executed step-by-step, all while educating you on process, documentation, and providing assistance. Premium Support & professional services are also available. Contact us for more information. awsteam@sonraisecurity.comÂ
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Sonrai Security
By BeyondTrust Corporation
By CyberArk
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Identity and Access Management
Advanced cloud identity privilege analyzer that uncovers overprivileged human and machine identities across AWS accounts
Data Protection Monitoring
Continuous monitoring of critical data in object stores and database services with automatic risk flagging and remediation
Vulnerability Assessment
Agentless vulnerability scanning with unique severity scoring and identity risk amplification capabilities
Cloud Posture Management
Continuous monitoring of security configuration drift, misconfigurations, and network access with automated remediation
Attack Path Analysis
Comprehensive simulation of potential attack paths leading to cloud data, dynamically rebuilt to track evolving cloud environments
Identity Threat Detection
Advanced discovery and intelligence system for detecting identity-based threats across infrastructure
Privileged Access Management
Comprehensive control and management of privileged passwords, accounts, credentials, and sessions for human and machine identities
Remote Access Security
Granular control, management, and auditing of privileged remote access for employees, vendors, developers, and cloud operations engineers
Endpoint Privilege Control
Dynamic least privilege enforcement across Windows, macOS, Linux, and mobile platforms to prevent malware and unauthorized access
Cloud Entitlement Management
Cross-cloud visibility of access permissions, detection of account permission anomalies, and guidance for privilege optimization
Zero Standing Privileges
Dynamically provisions temporary, session-based access across multi-cloud environments without persistent permissions
Attribute-Based Access Control
Implements granular permission management based on identity, role, and contextual attributes for secure access
Multi-Cloud Integration
Supports unified access management across AWS, Azure, and GCP cloud environments with native tool compatibility
Just-in-Time Access Model
Enables on-demand, time-limited access to cloud resources with automated entitlement and approval workflows
Identity Security Framework
Provides layered identity-based controls to prevent unauthorized access and reduce credential exposure risks
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
-
-
-
-
-
No security profile
No security profile
Standard contract
No
No
Customer reviews
0 ratings
0 AWS reviews
|
18 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Nisha J V.
Exceptional Cloud Identity & Data Governance Platform
Reviewed on May 13, 2025
Review provided by G2
What do you like best about the product?
Sonrai Security gave us unparalleled visibility and control over identity governance and cloud permissions.
What do you dislike about the product?
Sonrai's platform provides deep insights into identity access paths, risky entitlements, and over-permissioned accounts across multi-cloud environments. The user interface is clean and easy to navigate, making complex security data more actionable. The Cloud Permissions Firewall is particularly impressive — it helps enforce least privilege policies with minimal friction.
What problems is the product solving and how is that benefiting you?
Sonrai Security helps us identify and eliminate excessive permissions and risky identity access paths across our cloud infrastructure (AWS, Azure, and GCP). This has drastically improved our security posture, enabled compliance with internal policies, and reduced the chances of data exposure. The platform also ensures continuous monitoring and provides actionable insights, which streamline our audits and remediation efforts.
Dumindu d.
Best Clous Security Solution Ever
Reviewed on Mar 17, 2025
Review provided by G2
What do you like best about the product?
Automation & AI-powered Insights
Good Customer Support
Good Customer Support
What do you dislike about the product?
Complex Initial Setup
Pricing Can Be High
Pricing Can Be High
What problems is the product solving and how is that benefiting you?
Cloud Identity & Access Management (CIAM) Risks
Aditya T.
I would suggest to definitely use this it is very help ful
Reviewed on Feb 26, 2025
Review provided by G2
What do you like best about the product?
This is very easy to use and also secures our properties etc
What do you dislike about the product?
I disliked about the passwords every time I open this it takes passwords and dont hai fingerprint option
What problems is the product solving and how is that benefiting you?
It helped my company to secure our properties
Naveen K.
True review of Sonrai security
Reviewed on Feb 06, 2025
Review provided by G2
What do you like best about the product?
Sonrai security is best for cloud security and vulnerability management. It's simulates attack paths.
What do you dislike about the product?
We can't automate all the security task in Sonrai Security.
What problems is the product solving and how is that benefiting you?
Sonarai security provides cloud security and cloud permissions firewall. We use it for secure our domains and applications which are running on cloud mostly on AWS and Google cloud. We use it for our IAM permissions.
Nucera L.
The Successful Solution for Data Safety and Risk Metigation
Reviewed on Jan 30, 2025
Review provided by G2
What do you like best about the product?
Sonrai Security has simplified DSP that allows us to navigate all the data leaks.
The scanning of vulnerability of data is systematically addressed, offering understandable report.
The scanning of vulnerability of data is systematically addressed, offering understandable report.
What do you dislike about the product?
Sonrai Security has permanent solution for matters data safety.
What problems is the product solving and how is that benefiting you?
We manage and scan all our identities using Sonrai Security, to ensure every user is fully certified and verified. The cloud monitors on how our systems operates gives us an easy workload management and no risks on losses. The threat discovering solutions are comprehensivley deployed to showcase accurate security.