NY, New York, January 6th, 2026, NewsDirect
Strong customer and ARR growth highlight Sonrai’s leadership in Cloud PAM
Sonrai closed the year with strong customer, expansion, and ARR momentum, reflecting broad enterprise adoption of Cloud PAM. That momentum has been driven by adoption of Sonrai’s Cloud Permissions Firewall, which delivers Cloud PAM across human, machine, and AI identities without disrupting DevOps.
This growth reflects recognition that cloud permissions are now a primary attack surface, and that legacy PAM models were not designed to control access at cloud scale.
2025 momentum highlights include:
- 4x year-over-year ARR growth
- 220% growth in customers
- 60% of customers expanded Cloud Permissions Firewall deployments
Why it matters
Permissions have become a primary cloud attack surface, yet legacy PAM was built for static systems and human admins and not for cloud-scale, machine-driven access. The Cloud Permissions Firewall addresses this gap by enforcing default-deny guardrails and just-in-time (JIT) access at the permission layer, with every change approved and logged.
Customer adoption spanned a broad range of industries and company sizes. Example new customers in 2025 include: Sandisk, Fiserv, ISO New England, BAL, PG&E, Basis, Haemonetics, LiveView Technologies, and PIB Group.
Product milestones in 2025:
- WALLy, an AI agent that operates the Cloud Permissions Firewall, and AI-generated session summaries for privileged access activity
- Just-in-time (JIT) access to eliminate standing privileges for all enrolled identities while maintaining operational continuity
- Expanded third-party controls, enabling organizations to centrally restrict, approve, and govern external access
- Threat Vector dashboard, translating cloud identity risk into prioritized threat vectors such as data exposure and cryptomining, with one-click remediation at the selected scope
Independent validation and security outcomes in 2025 include:
- Independent Software Secured research showed the Cloud Permissions Firewall preventatively blocked 16 of 16 real AWS privilege-escalation attack paths
- Sonrai customers are actively blocking cryptomining campaigns that exploit excessive cloud permissions
- Customers consistently reduce their cloud permissions attack surface by more than 90% using the Cloud Permissions Firewall
“Companies are struggling with the reality of controlling privileged access in the cloud,” said Brendan Hannigan, CEO and co-founder of Sonrai. “The Cloud Permissions Firewall enforces Cloud PAM in minutes by applying default-deny guardrails, JIT approvals in Slack/Teams, and agentic AI staging of controls so teams ship fast without standing risk.”
Availability
The Cloud Permissions Firewall and WALLy are available today across AWS and Google Cloud, with Azure support coming soon. Learn more at sonraisecurity.com.
About Sonrai Security
Sonrai Security is a leading cloud privileged access management (PAM) solutions provider. With a mission to empower enterprises of all sizes to innovate securely and confidently, Sonrai Security delivers identity, access, and permissions security for companies running on AWS, Azure, and Google Cloud platforms. The company is renowned for pioneering the Cloud Permissions Firewall, enabling one-click least privilege while supporting developer access needs without disruption.
Trusted by leading companies across various industries, Sonrai Security is committed to driving innovation and excellence in cloud security. Sonrai Security has offices in New York and New Brunswick, Canada and is backed by ISTARI, Menlo Ventures, Polaris Partners, and TenEleven Ventures.
For more information, visit https://sonraisecurity.com/
Contact
VP, Product Marketing
Karen Levy
Sonrai Security
[email protected]