Sign up to save your podcasts
Or
Share Ep103: Supercharging Security with GenAI – Best Practice Sharing with Sonrai Security
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Ep103: Supercharging Security with GenAI – Best Practice Sharing with Sonrai Security
Jeff Moncrief discusses Sonrai Security's Cloud Permissions Firewall, and the best practices for using AI-powered summaries and orchestration to ensure security at all points.
Topics Include:
- Jeff Moncrief introduces Sonrai Security and Cloud Permissions Firewall
- Focus on achieving least privilege access in AWS quickly
- Lightweight orchestration layer secures IAM from inside out
- Eliminates need to write hundreds of individual policies
- Customers struggle with identity risk in CNAP/CSPM tools
- Generative AI adoption driving top security use cases
- Bedrock and AI agents mentioned daily by customers
- Product managers should consider underlying platform security risks
- AI models have control over infrastructure they run on
- Identity is fundamental infrastructure enabling AWS AI models
- Sonrai uses Bedrock capability inside Cloud Permissions Firewall
- Just-in-time access provides temporary, time-boxed AWS access
- Bedrock generates session summaries from audit logs automatically
- Plain English insights show what happened during sessions
- Session summaries improve audit compliance and incident response
- Customer with 1000 accounts manually deployed service controls
- Friday afternoon deployment caused very bad weekend disaster
- Policy inheritance issues broke child accounts and OUs
- Planning and orchestration essential for scaling AI security
- Sonrai platform built 100% cloud-native on AWS
- Coordinates service control policies and resource control policies
- Just-in-time access relies on IAM Identity Center
- Participates in ISV Accelerate and AWS Marketplace
- Security best practices start with identity as foundation
- "Hackers don't hack, they just log in" philosophy
- Eliminate standing privileges with just-in-time access patterns
- Restrict AI services by user, location, and account
- Review over-permissioned or inactive third-party vendor access
- Actionable insights through useful logging and AI summarization
- Future focus on protecting new services and permissions
Participants:
- Jeff Moncrief – Field CTO & Director of Sales Engineering, Sonrai Security
Links:
- Website – Sonraisecurity.com
- AWS Marketplace – Sonrai Security
See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
View all episodes
By Amazon Web Services
5
1010 ratings
Jeff Moncrief discusses Sonrai Security's Cloud Permissions Firewall, and the best practices for using AI-powered summaries and orchestration to ensure security at all points.
Topics Include:
- Jeff Moncrief introduces Sonrai Security and Cloud Permissions Firewall
- Focus on achieving least privilege access in AWS quickly
- Lightweight orchestration layer secures IAM from inside out
- Eliminates need to write hundreds of individual policies
- Customers struggle with identity risk in CNAP/CSPM tools
- Generative AI adoption driving top security use cases
- Bedrock and AI agents mentioned daily by customers
- Product managers should consider underlying platform security risks
- AI models have control over infrastructure they run on
- Identity is fundamental infrastructure enabling AWS AI models
- Sonrai uses Bedrock capability inside Cloud Permissions Firewall
- Just-in-time access provides temporary, time-boxed AWS access
- Bedrock generates session summaries from audit logs automatically
- Plain English insights show what happened during sessions
- Session summaries improve audit compliance and incident response
- Customer with 1000 accounts manually deployed service controls
- Friday afternoon deployment caused very bad weekend disaster
- Policy inheritance issues broke child accounts and OUs
- Planning and orchestration essential for scaling AI security
- Sonrai platform built 100% cloud-native on AWS
- Coordinates service control policies and resource control policies
- Just-in-time access relies on IAM Identity Center
- Participates in ISV Accelerate and AWS Marketplace
- Security best practices start with identity as foundation
- "Hackers don't hack, they just log in" philosophy
- Eliminate standing privileges with just-in-time access patterns
- Restrict AI services by user, location, and account
- Review over-permissioned or inactive third-party vendor access
- Actionable insights through useful logging and AI summarization
- Future focus on protecting new services and permissions
Participants:
- Jeff Moncrief – Field CTO & Director of Sales Engineering, Sonrai Security
Links:
- Website – Sonraisecurity.com
- AWS Marketplace – Sonrai Security
See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
More shows like AWS for Software Companies Podcast
View all
WSJ Tech News Briefing
1,646 Listeners
WSJ What’s News
4,335 Listeners
The Changelog: Software Development, Open Source
283 Listeners
a16z Podcast
1,030 Listeners
Software Engineering Daily
623 Listeners
Pivot
9,109 Listeners
AWS Podcast
202 Listeners
Founders
1,870 Listeners
Y Combinator Startup Podcast
216 Listeners
Morning Brew Daily
2,957 Listeners
The Stack Overflow Podcast
63 Listeners
All-In with Chamath, Jason, Sacks & Friedberg
9,045 Listeners
Big Technology Podcast
421 Listeners
Hard Fork
5,426 Listeners
Prof G Markets
1,041 Listeners