Sonrai | Enterprise Cloud Security Platform

IAM Access Analyzer is a useful starting point for any team trying to enforce least privilege. It surfaces unused permissions, unused roles, unused access keys, and unused passwords across your AWS environment. For a feature that c...

The cloud is all about innovation at a speed never before possible. This can often lead to rapid development sprints and a proliferation of identities and infrastructure, and with that, excessive privilege. In large scale enterprises, IAM governance can be difficult. To accommodate this, Amazon Web Services (AWS) created Service Control Policies. The following guide will:

Let’s say the typical enterprise has a 5-to-10 person security team responsible for over 11,000 identities in a single AWS organization. The majority of those identities aren’t humans. Instead they’re machine identities created by pipelines, vendors, test environments, and integrations that nobody reviews after the first sprint.

Sonrai’s

The cloud moves fast. Accounts multiply, roles get spun up for every new service, and somewhere along the way, the permissions inventory balloons into the thousands. Most enterprise AWS environments are sitting on a permissions sprawl problem they can’t fully see and the tools meant to contain it weren’t all built for the same job.

Permission b...

AWS recently launched Claude Platform on AWS, which blends Anthropic’s native Claude Platform with Amazon’s identity and billing fabric. Organizations using both AWS and Anthropic in the...