The Sonrai Cloud Permissions Firewall
Sonrai SecurityReviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
25 reviews
from
External reviews are not included in the AWS star rating for the product.
A fix for untamed privileges in AWS
What do you like best about the product?
Sonrai's analytics, policies, and quarantine workflows let us lock down excessive permissions in a controlled, risk-aware way. It’s different from our other visibility tools, it’s enforcement. The ability to target unused or risky privileges and act instantly is a huge leap forward for cloud IAM.
What do you dislike about the product?
There’s a learning curve if you want to go deep on advanced configuration, but the Sonrai team supports you well through onboarding.
What problems is the product solving and how is that benefiting you?
We needed a way to implement least privilege, remove unused permissions, and secure high-risk identities in AWS. Sonrai replaces what AWS and traditional PAM tools can’t do. We now have automated control over everything from human users to machine identities to third-party access.
It’s real cloud PAM—not a bolt-on or a siloed tool. It helps our team address identity risks in AWS at scale without slowing down developers. It’s fast, clean, and flexible.
It’s real cloud PAM—not a bolt-on or a siloed tool. It helps our team address identity risks in AWS at scale without slowing down developers. It’s fast, clean, and flexible.
AWS IAM Controls made Easy
What do you like best about the product?
The overall workflow was amazing start to finish when it was protecting services and identities, it made sense what/how/when things were happening.
The Setup was clear and well thought out, can deploy a top to bottom protection in a few hours.
The Customer Service was always top notch and would quickly evaluate the issue with a zoom call within a quick SLA.
The Setup was clear and well thought out, can deploy a top to bottom protection in a few hours.
The Customer Service was always top notch and would quickly evaluate the issue with a zoom call within a quick SLA.
What do you dislike about the product?
The UI was a bit tricky to navigate, when mass updating settings, it would reset or clear filters and reload the screen constantly. Future versions or deployments can easy fix that issue.
Deploying changes took a long time, would have to iterate the whole stack versus the one item you were updating, but I believe that was already on a release branch.
Deploying changes took a long time, would have to iterate the whole stack versus the one item you were updating, but I believe that was already on a release branch.
What problems is the product solving and how is that benefiting you?
From my perspective, it was controlling Identity with 1 plane of glass. Roles/Users/Policies all being controlled for all of the AWS Accounts. Made changes and updates simple. Easy to lock down a service/Account very quick and effective. With the ability to revert just as easy.
Cloud PAM That Actually Works
What do you like best about the product?
Sonrai’s Cloud Permissions Firewall delivered the speed and simplicity we were looking for—along with real, immediate results. Deployment was quick, and within minutes, we saw it in action, automatically cleaning up thousands of unused privileges across our AWS environment. The interface is user-friendly, the controls are powerful, and it’s easy to navigate and master. We especially appreciate how fast it was to get started and how it simplifies securing our environment without requiring manual effort. It’s the first PAM solution we've encountered that truly matches the speed and agility that cloud teams demand.
What do you dislike about the product?
There were a couple of minor display bugs during early testing, though the Sonrai team responded with speed and delivered fixes. They’ve been transparent and proactive in regard to resolving any edge cases.
What problems is the product solving and how is that benefiting you?
Our biggest challenge was managing privileged human access—users were accessing resources and permissions we couldn’t fully see or control. Sonrai’s Cloud Permissions Firewall addressed this by removing unused privileges and replacing always-on access with just-in-time access. Now, access is granted only when needed and only after proper approval. As a result, our attack surface has been significantly reduced by eliminating unnecessary privileges and identities.
We also appreciate the flexibility Sonrai offers—it can be deployed broadly or targeted precisely where needed, thanks to its granular controls and customizable enforcement levels. Integration with Teams makes it easy for users and approvers to manage access in real time, while detailed session summaries give us visibility into activities we previously missed.
We also appreciate the flexibility Sonrai offers—it can be deployed broadly or targeted precisely where needed, thanks to its granular controls and customizable enforcement levels. Integration with Teams makes it easy for users and approvers to manage access in real time, while detailed session summaries give us visibility into activities we previously missed.
IAM simplified
What do you like best about the product?
I discovered Sonrai Security at AWS re:inforce 2024, and within 15 minutes, I had a full POC set up in AWS and running—nothing fancy, just smooth and effective. From day one, it’s filled a critical gap in our access protections.
Here’s what sticks out:
Effortless Least Privilege via Cloud Permissions Firewall: One click and it quarantines zombie roles, disables unused services and regions, and tightens permissions across the entire cloud estate—without breaking anything.
Third-party Tracking and Management: In a single screen, I can track every ISV with access to my cloud, understand if their roles use best practice protections, and disable them with a single click for later cleanup. Better is that I can prevent unapproved new access by setting the default action to block.
Super-simple Permissions-on-Demand — When someone needs access, it’s a seamless ChatOps workflow that grants just what is required, only when it’s needed. No more standing permissions, no Jira tickets for role increase, and a simple audit trail of yes/no approvals with time constraints sent easily directly to the people who need to approve.
Just-in-Time (JIT) Access with AI-powered summaries: This is the next level. Pulling temporary elevated access only when needed, policy-enforced, and fully auditable. With integration into Amazon Bedrock, each privileged session generates a concise, human-readable summary. For businesses in regulated industries, it's the perfect auditing solution for user access.
Genuine usability and visibility: G2 users say it best: “Sonrai gave us unparalleled visibility and control over identity governance and cloud permissions,” and “the solution is very easy to use and implementation was also quick.”
In short, what I appreciate most is how Sonrai simplifies complex security challenges (and how I never have to write another SCP!). It’s powerful and intelligent, but never heavy. It just works.
Here’s what sticks out:
Effortless Least Privilege via Cloud Permissions Firewall: One click and it quarantines zombie roles, disables unused services and regions, and tightens permissions across the entire cloud estate—without breaking anything.
Third-party Tracking and Management: In a single screen, I can track every ISV with access to my cloud, understand if their roles use best practice protections, and disable them with a single click for later cleanup. Better is that I can prevent unapproved new access by setting the default action to block.
Super-simple Permissions-on-Demand — When someone needs access, it’s a seamless ChatOps workflow that grants just what is required, only when it’s needed. No more standing permissions, no Jira tickets for role increase, and a simple audit trail of yes/no approvals with time constraints sent easily directly to the people who need to approve.
Just-in-Time (JIT) Access with AI-powered summaries: This is the next level. Pulling temporary elevated access only when needed, policy-enforced, and fully auditable. With integration into Amazon Bedrock, each privileged session generates a concise, human-readable summary. For businesses in regulated industries, it's the perfect auditing solution for user access.
Genuine usability and visibility: G2 users say it best: “Sonrai gave us unparalleled visibility and control over identity governance and cloud permissions,” and “the solution is very easy to use and implementation was also quick.”
In short, what I appreciate most is how Sonrai simplifies complex security challenges (and how I never have to write another SCP!). It’s powerful and intelligent, but never heavy. It just works.
What do you dislike about the product?
Nothing. Not only is Sonrai a fantastic product that plugs a unique gap, but the team is incredibly dedicated and responsive to their customers. They take our feedback, and the next thing we know, they deliver those features.
What problems is the product solving and how is that benefiting you?
Sonrai security took what would have been an extremely complex challenge for my team of just even observing access controls in my AWS organization and provided a way for me to easily resolve those issues. Its literally a problem I wouldnt have been able to solve without significantly increased headcount and probably a year of dedicated effort. Instead I was able to scope AWS services and regions, quarantine zombie roles, identify and clean overly permissioned roles, and manage my third-party ISV access with literally a few clicks in their UI. Its that powerful while also allowing me to scope at various levels for Org, OU, and Account.
To accomplish the same thing of just the cleanup would have been somewhere between monumental and insurmountable, but not only have i solved the cleanup issue, its ongoing protection without my team having to worry about writing AWS SCPs and potentially breaking production.
To accomplish the same thing of just the cleanup would have been somewhere between monumental and insurmountable, but not only have i solved the cleanup issue, its ongoing protection without my team having to worry about writing AWS SCPs and potentially breaking production.
A significant breakthrough in fixing privileges in the cloud.
What do you like best about the product?
Sonrai's Cloud Permissions Firewall is purpose-built for cloud environments, avoiding the limitations of legacy access management solutions retrofitted for cloud use. It delivers low-latency performance with minimal deployment overhead and enables rapid, just-in-time provisioning for high-sensitivity roles.
What do you dislike about the product?
The only challenge we encountered was aligning initial permission set mappings within AWS Identity Center. Fortunately, the support team was highly responsive and quickly provided clear guidance to resolve the issue.
What problems is the product solving and how is that benefiting you?
Standing privileges, stale admin roles, and zombie accounts have consistently posed challenges for us. These common issues were quickly eliminated with Sonrai’s PAM approach. Access is now governed through policy-based controls, with approval workflows integrated directly into Microsoft Teams—our existing collaboration platform. This allows us to maintain agility without compromising auditability, control, or visibility.
Streamlined and Sophisticated Cloud Privileged Access Management
What do you like best about the product?
Sonrai delivered an exceptionally seamless experience for implementing just-in-time access governance across our cloud infrastructure. The deployment process was remarkably straightforward—operational within minutes—with effortless Slack integration that enabled real-time access orchestration. The platform's elegant architecture combines performance with intuitive design, while the automated approval mechanisms function with impressive precision and reliability.
What do you dislike about the product?
My sole recommendation centers on enhancing transparency regarding automated approval workflows, particularly in scenarios involving shared role assignments among multiple users. This represents a minor consideration, and the support team demonstrated exceptional responsiveness in providing comprehensive guidance.
What problems is the product solving and how is that benefiting you?
Our organization has historically grappled with excessive persistent access privileges creating security vulnerabilities. Sonrai's Cloud Permissions Firewall has enabled us to systematically eliminate dormant permissions while transitioning from static access models to dynamic, approval-driven provisioning with intelligent expiration controls. This transformation has substantially mitigated risk exposure while delivering enhanced governance and operational visibility.
Least privilege in days rather than months
What do you like best about the product?
Sonrai saved us months in manual effort to get to least privilege with Chatops permissions firewall enabler and automated SCP management which had been a painpoint for years.
What do you dislike about the product?
If we ever get off of it, we will have to do all of the work manually.
What problems is the product solving and how is that benefiting you?
Cloud Identity and access management, least privilege, SCP and RCP automation and Just in time access
Exceptional Cloud Identity & Data Governance Platform
What do you like best about the product?
Sonrai Security gave us unparalleled visibility and control over identity governance and cloud permissions.
What do you dislike about the product?
Sonrai's platform provides deep insights into identity access paths, risky entitlements, and over-permissioned accounts across multi-cloud environments. The user interface is clean and easy to navigate, making complex security data more actionable. The Cloud Permissions Firewall is particularly impressive — it helps enforce least privilege policies with minimal friction.
What problems is the product solving and how is that benefiting you?
Sonrai Security helps us identify and eliminate excessive permissions and risky identity access paths across our cloud infrastructure (AWS, Azure, and GCP). This has drastically improved our security posture, enabled compliance with internal policies, and reduced the chances of data exposure. The platform also ensures continuous monitoring and provides actionable insights, which streamline our audits and remediation efforts.
Best Clous Security Solution Ever
What do you like best about the product?
Automation & AI-powered Insights
Good Customer Support
Good Customer Support
What do you dislike about the product?
Complex Initial Setup
Pricing Can Be High
Pricing Can Be High
What problems is the product solving and how is that benefiting you?
Cloud Identity & Access Management (CIAM) Risks
I would suggest to definitely use this it is very help ful
What do you like best about the product?
This is very easy to use and also secures our properties etc
What do you dislike about the product?
I disliked about the passwords every time I open this it takes passwords and dont hai fingerprint option
What problems is the product solving and how is that benefiting you?
It helped my company to secure our properties
showing 1 - 10