Microsoft Acquires Startup Company CloudKnox Security

Sunnyvale, Calif.-based CloudKnox Security is getting acquired by Microsoft, according to a Wednesday announcement.

CloudKnox is a maker of "cloud infrastructure entitlement management" solutions for organizations using various cloud services. It's a "startup" company, having received an initial $10.8 million in funding back In October 2018. Its main platform, "Activity-based Authorization," can be used to track identity information across Amazon Web Services, Google Cloud Platform, Microsoft Azure and VMware vSphere cloud services.

The Activity-Based Authorization Platform consists of "a dynamic data-driven protocol that collects and analyzes in real-time the activity of machine and human identities across multiple cloud platforms," according to CloudKnox.

The company got its start upon discovering that IT departments had "no way to ascertain which users were doing what to which resources" when using cloud services, per a company description. It led Balaji Parimi, the company's founder and CEO, to invent the CloudKnox Activity-based Authorization platform.

Cloud Visibility
The biggest potential threat for organizations using cloud services is coming from the proliferation of so-called "non-human identities" with high privileges in cloud services, according to a CloudKnox infographic (PDF download). CloudKnox claims that its solution empowers IT teams with "granular visibility, actionable insights, and control of machine and human identities with excessive high-risk privileges."

Microsoft's announcement by Joy Chik, corporate vice president for Microsoft Identity, seemed to agree with this perspective. Organizations don't have the tools to assess "multicloud entitlements and permissions," she indicated:

Traditional Privileged Access Management and Identity Governance and Administration solutions are well suited for on-premises environments, however they fall short of providing the necessary end-to-end visibility for multi-cloud entitlements and permissions. Neither do they provide consistent identity lifecycle management or governance in multi-cloud and cloud-native environments.

Integration with Microsoft Services
By acquiring CloudKnox, Microsoft intends to bolster "granular visibility" and "automated remediation" for users of the Microsoft Azure Active Directory service, Chik indicated. The benefits will apply to organizations with "hybrid" environments (premises plus cloud) and multicloud environments to manage.

Additionally, Microsoft intends to integrate CloudKnox's technology with "other Microsoft cloud security services, including Microsoft 365 Defender, Azure Defender and Azure Sentinel," the announcement indicated.

Chik characterized the acquisition of CloudKnox, along with Microsoft's earlier acquisitions of RiskIQ and ReFirm Labs, as enhancing defenses for organizations using Microsoft services. It's also in accord with "zero-trust" principles earlier advocated by Chik.

The terms of the deal weren't described. How it may affect customers currently using CloudKnox solutions wasn't indicated.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


  • The 2021 Microsoft Product Roadmap

    From Windows 10X to the next generation of Microsoft's application server products, here are the product milestones coming down the pipeline in 2021.

  • Microsoft Says System Center 2022 Will Arrive Early Next Year

    Microsoft is planning to release its new System Center product in the first quarter of 2022, with a private preview arriving within months.

  • Microsoft Talks Up Windows Server 2022's Azure Integrations

    Windows Server became available on Sept. 1; last week, Microsoft gave the product its official unveiling, focusing on all of the other products and services it will work with.

  • 2021 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.