Aws Re:invent 2025 - Solving The Cloud Privilege Problem At Scale:...

🦄 Making great presentations more accessible. This project aims to enhances multilingual accessibility and discoverability while maintaining the integrity of original content. Detailed transcriptions and keyframes preserve the nuances and technical insights that make each session compelling.

📖 AWS re:Invent 2025 - Solving the Cloud Privilege Problem at Scale: A Fiserv Case Study (COP213)

In this video, a Fiserv representative shares their experience partnering with Sonrai Security to manage IAM challenges across thousands of multi-cloud accounts. After an SCP-related outage, they discovered Sonrai's automation capabilities at AWS re:Invent. The POC took 30 minutes to deploy via CloudFormation templates. Key features demonstrated include managing excessive permissions, zombie identity hunting, service controls for AI governance, third-party access visibility, and region management. The solution automated SCP deployment across 1,000+ accounts, saving over 1,000 hours and 38-40 lines of code per account, while providing centralized visibility and workflow automation that existing tools couldn't deliver.

; This article is entirely auto-generated while preserving the original presentation content as much as possible. Please note that there may be typos or inaccuracies.

Welcome. I know it's happy hour and you have dinner plans, so I'll keep that in mind. The main reason I'm up here is to encourage you to visit booth 435 and check out Sonrai Security. Thank you.

That's the agenda. We've been partnered with Sonrai this past year, and this presentation is about that partnership and what we found valuable about it, and hopefully you can do something similar. It's going to be four simple steps. First, what was Fiserv's challenge? Why were we looking for a solution? Second, we're going to talk about tools and what it can feel like when you're trying to go through the process. Then we'll discuss the turning point—what was it that we did with Sonrai that actually made a difference and why we chose to move forward. And of course, the results.

Fiserv is a financial services company. We're global and we probably touch every household in the United States, though I'm not sure if that's physically true. We have grown, merged, and continue to acquire and merge companies. Over the years, this has led to us becoming multi-cloud with thousands of accounts that we have to manage globally. Every time you bring another company together or buy another product, you have what

Source: Dev.to