Ex-IBMers Launch Cloud Security Startup

The co-founders bring a wealth of experience to this new company that brings a unique approach to security.

Edward Gately, Senior News Editor

January 15, 2019

6 Min Read
Cloud Security

Two executives who helped form IBM Security and grow it into a $2 billion division have struck out on their own with a new cybersecurity startup, Sonrai Security.

The company launched Tuesday with $18.5 million in Series A funding and its Cloud Data Control service that delivers data and identity control across all cloud accounts and within any data store. Sonrai is co-founded by Brendan Hannigan and Sandy Bird.

Hannigan previously was IBM Security’s general manager and Bird was chief technology officer. Before that, Bird was co-founder and Hannigan was CEO of Q1 Labs, which IBM acquired in 2011 as the basis of its security division.

With the ability to discover and track data and users across any cloud service – including Amazon Web Services (AWS), Microsoft Azure and Google Cloud – and to third-party data sources, Sonrai’s service provides a common interface for both SecOps and DevOps teams.

The company has offices in New York, Texas and New Brunswick, Canada, and is backed by Polaris Partners and TenEleven Ventures.


Sonrai Security’s Sandy Bird

In a Q&A with Channel Futures’ MSSP Insider, Hannigan and Bird talk about why they wanted to start the new company and the opportunity it presents to the channel.

Channel Futures’ MSSP Insider: How did the idea for this startup come about?

Sandy Bird: We took a little break and in 2017 started looking at the whole market as to what was going on and saw this massive transition of companies moving their classic enterprise data centers into these public-cloud infrastructures – Azure, AWS, GCP – and wanting to make sure that they actually had control of the data and the identities that they moved in there. So that was kind of the vision for the company as we were starting it out. We wanted to be able to provide that visibility and best-practice enablement for those people to understand [if] they are doing the right thing across all of these and enable that for the security teams, and finding anything such as overprivileged accounts or configuration issues that could lead to a data leak. There’s also a huge benefit around compliance.

CFMI: What made this the right time to launch this company?


Sonrai Security’s Brendan Hannigan

Brendan Hannigan: Gartner is projecting that in 2025, 80 percent of companies will have shut down their traditional data centers; that number is 10 percent today. So we all know cloud is huge – there’s nothing new about that – but I do think what is new is the acceleration and extent to which infrastructures are being turned over into this public-cloud environment. So that’s reason No. 1. No. 2, I think there’s an increasing realization that as that happens, the volume and complexity, and richness of data that’s been put into that just keeps increasing and increasing. And No. 3, as you know, we are now in a climate of privacy, of sensitivity to data loss, [and] of specific government regulations around that. You put those three things together and you [think], there’s got to be a new way of doing this and helping customers with this. They’re really struggling in their understanding and how to get control of these infrastructures. So that’s what made this a good time.

CFMI: What’s the status of the company in terms of service availability, and reaching out to the channel and customers?

BH: Sandy [and I] have been in the business a long time … so we had the opportunity to create this company and essentially stay focused on …

… building the service and putting it in with some initial customers. So we are well set to essentially expand our service to sell it in the market. We’ve got a sales team based out of Texas and we’re now really focused on expanding that sales team.

CFMI: Will there be an opportunity for the channel?

BH: Yes, a fundamental part of our DNA is working with partners who have those relationships with customers. We did this in the past. Q1 Labs scaled up very successfully working with channel partners. We think this is a wonderful opportunity for channel partners, and we have something which allows channel partners to help their customers get control of these public-cloud infrastructures — and there’s flexibility built into the platform. It’s very customizable and it’s something where there’s API access into the solution, and so for channel partners who choose to, they will have the opportunity … to take this service and customize it for the customer that they want to work with. So for partners, you have to have a technology that’s suitable for selling with the channel and then you have to have a philosophical belief of your sales team working with channel partners. Everybody we will have in this company and in our go-to-market operation will have it within their … “automatic DNA” to work closely with channel partners in how we sell.

CFMI: There’s a lot of competition in cybersecurity, so how will you stand out among the others?

BH: There [are] a lot of companies in cybersecurity. Obviously cloud-platform providers provide a certain amount of tooling — certainly Microsoft does and Amazon does. But what we find is we have a lot of experience with the very sophisticated requirements of security practitioners in enterprises, and so we’ve built a lot of that functionality into our service. And then secondly, even within a cloud provider we actually will find, discover, analyze and monitor third-party data stores. Typically the providers don’t do that. And then of course we span cloud providers as well. As time goes on, companies are realizing they don’t just have a cloud, they have multiple cloud providers and multiple data stores, and we have a service that operates seamlessly across all of that. And typically cloud providers really don’t do a great job in that area.

CFMI: Where do you go from here? What milestones do you see your company reaching and surpassing in the months ahead?

BH: It’s a fun and exciting time. No. 1, we will be expanding out our sales opportunity, and that will be done very much focused on channel partners. That’s going to be a big push for us as we get into 2019 and 2020. And secondly, the true sign of a great big opportunity is you look and you say, “My goodness, we have a lot of road-map-related items to do.” For example, Sandy has years and a wealth of experience around machine learning and the application of machine learning to this type of data, so we have so much more that we can do leveraging machine learning, leveraging AI to make this service smarter and smarter, and smarter for our customers. And then I think in the end the application of finding the data and then applying machine learning and automatic learning … will be phenomenal for customers. So from an engineering perspective it will be all about machine learning, and from a sales perspective it’s all about go-to-market and in particular, go-to-market with our channels.

CFMI: Sandy, do you have anything to add?

SB: The old-school network controls that we used in these enterprises are probably not enough in the cloud and there [are] so many ways to bypass them, so we really need to look at this new way of controlling them using the data-centric view.

Read more about:


About the Author(s)

Edward Gately

Senior News Editor, Channel Futures

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like