News

Microsoft Acquires Startup Company CloudKnox Security

• By Kurt Mackie
• July 21, 2021

Sunnyvale, Calif.-based CloudKnox Security is getting acquired by Microsoft, according to a Wednesday announcement.

CloudKnox is a maker of "cloud infrastructure entitlement management" solutions for organizations using various cloud services. It's a "startup" company, having received an initial $10.8 million in funding back In October 2018. Its main platform, "Activity-based Authorization," can be used to track identity information across Amazon Web Services, Google Cloud Platform, Microsoft Azure and VMware vSphere cloud services.

The Activity-Based Authorization Platform consists of "a dynamic data-driven protocol that collects and analyzes in real-time the activity of machine and human identities across multiple cloud platforms," according to CloudKnox.

The company got its start upon discovering that IT departments had "no way to ascertain which users were doing what to which resources" when using cloud services, per a company description. It led Balaji Parimi, the company's founder and CEO, to invent the CloudKnox Activity-based Authorization platform.

Cloud Visibility
The biggest potential threat for organizations using cloud services is coming from the proliferation of so-called "non-human identities" with high privileges in cloud services, according to a CloudKnox infographic (PDF download). CloudKnox claims that its solution empowers IT teams with "granular visibility, actionable insights, and control of machine and human identities with excessive high-risk privileges."

Microsoft's announcement by Joy Chik, corporate vice president for Microsoft Identity, seemed to agree with this perspective. Organizations don't have the tools to assess "multicloud entitlements and permissions," she indicated:

Traditional Privileged Access Management and Identity Governance and Administration solutions are well suited for on-premises environments, however they fall short of providing the necessary end-to-end visibility for multi-cloud entitlements and permissions. Neither do they provide consistent identity lifecycle management or governance in multi-cloud and cloud-native environments.

Integration with Microsoft Services
By acquiring CloudKnox, Microsoft intends to bolster "granular visibility" and "automated remediation" for users of the Microsoft Azure Active Directory service, Chik indicated. The benefits will apply to organizations with "hybrid" environments (premises plus cloud) and multicloud environments to manage.

Additionally, Microsoft intends to integrate CloudKnox's technology with "other Microsoft cloud security services, including Microsoft 365 Defender, Azure Defender and Azure Sentinel," the announcement indicated.

Chik characterized the acquisition of CloudKnox, along with Microsoft's earlier acquisitions of RiskIQ and ReFirm Labs, as enhancing defenses for organizations using Microsoft services. It's also in accord with "zero-trust" principles earlier advocated by Chik.

The terms of the deal weren't described. How it may affect customers currently using CloudKnox solutions wasn't indicated.