Microsoft Buys CloudKnox Security to Boost Azure Active Directory Service
Microsoft on Wednesday announced the acquisition of CloudKnox Security, a maker of “cloud infrastructure entitlement management” solutions for organizations using various cloud services.
Sunnyvale, Calif.-based CloudKnox got its start upon discovering that IT departments had “no way to ascertain which users were doing what to which resources” when using cloud services, per a company description. Balaji Parimi, the company’s founder and CEO, subsequently invented the CloudKnox Activity-based Authorization solution. It surfaces information about the machine and human activities associated with cloud services.
CloudKnox described its Activity-based Authorization solution as “a dynamic data-driven protocol that collects and analyzes in real-time the activity of machine and human identities across multiple cloud platforms.” Its solution tracks identity information across Amazon Web Services, Google Cloud Platform, Microsoft Azure and VMware vSphere.
CloudKnox might be called a “startup company.” In October 2018, it got $10.8 million in funding for its cloud security platform, according to Parimi’s bio.
The biggest potential threat for organizations using cloud services is coming from the proliferation of so-called “non-human identities” with high privileges in cloud services, according to a CloudKnox infographic (PDF download). CloudKnox claims that its solution empowers IT teams with “granular visibility, actionable insights, and control of machine and human identities with excessive high-risk privileges.”
Microsoft’s announcement by Joy Chik, corporate vice president for Microsoft Identity, seemed to agree with this perspective. Organizations don’t have the tools to assess “multicloud entitlements and permissions,” she indicated:
Traditional Privileged Access Management and Identity Governance and Administration solutions are well suited for on-premises environments, however they fall short of providing the necessary end-to-end visibility for multi-cloud entitlements and permissions. Neither do they provide consistent identity lifecycle management or governance in multi-cloud and cloud-native environments.
Integration with Microsoft Services
By acquiring CloudKnox, Microsoft intends to bolster “granular visibility” and “automated remediation” for users of the Microsoft Azure Active Directory service, Chik indicated. The benefits will apply to organizations with “hybrid” environments (premises plus cloud) and multicloud environments to manage.
Additionally, Microsoft intends to integrate CloudKnox’s technology with “other Microsoft cloud security services, including Microsoft 365 Defender, Azure Defender and Azure Sentinel,” according to the announcement.
Chik characterized the acquisition of CloudKnox, along with Microsoft’s earlier acquisitions of RiskIQ and ReFirm Labs, as enhancing defenses for organizations using Microsoft services. It’s also in accord with “zero-trust” principles earlier advocated by Chik.
The terms of the deal weren’t described. How the deal may affect customers currently using CloudKnox solutions wasn’t indicated.