News

Microsoft Sheds Light on CloudKnox Security Product Future

• By Kurt Mackie
• September 30, 2021

Microsoft announced that its recently acquired CloudKnox security solutions will continue for new and existing users.    

Existing CloudKnox users can continue to use the product, and they'll get "sales, engineering, and service support from Microsoft." There's also no change in the pricing, according to Alex Simons, corporate vice president for identity program management at Microsoft, in the announcement. He also assured CloudKnox users that the product will remain as a multicloud security solution.

"In fact, the #1 reason Microsoft purchased CloudKnox was to accelerate our ability to help customers manage their AWS and Google Cloud Platform, and VMware deployments," Simons indicated.

Microsoft had announced the acquisition of CloudKnox back in July.

CloudKnox offers "cloud infrastructure entitlement management" solutions that can show information about machine and human identities and activities associated with cloud services. The company's CloudKnox Activity-based Authorization solution works across Amazon Web Services, Google Cloud Platform, Microsoft Azure and VMware vSphere.

In July, Microsoft had explained that CloudKnox technologies would be used to boost Azure Active Directory visibility and remediation capabilities, including support for "hybrid" (premises plus cloud) environments. Microsoft also had indicated that CloudKnox technologies would integrate with other Microsoft services, such as Azure Defender, Azure Sentinel and Microsoft 365 Defender.

It wasn't clear back in July, though, whether the CloudKnox products would survive the acquisition. Now Microsoft is explaining that CloudKnox products will be continuing.

More about the CloudKnox integration will be shared at Microsoft Ignite, Simons added. The next Microsoft Ignite event is scheduled for Nov. 2-4, 2021.

Passwordless Push
In other Azure Active Directory news, Microsoft has updated its whitepaper guide for organizations on how to go without passwords, according to a Thursday announcement.

Essentially, organizations should use FIDO2-based standards and solutions -- including things like cards, key fobs, face scanners and fingerprint readers -- instead of plain passwords. They should go without passwords because "even the strongest passwords are easily phish-able and vulnerable to attacks, such as password spray and credential stuffing," Microsoft's announcement argued.

Top Microsoft luminaries are planning to speak on this topic in an upcoming Microsoft "Your Passwordless Future Starts Now" online event. It kicks off on Oct. 13.

Unfamiliar Sign-Ins
Last week, Microsoft announced the ability of Azure Active Directory Identity Protection to track noninteractive sign-ins, such as sign-ins involving session cookies. Azure Active Directory Identity Protection can now track "unfamiliar" behaviors associated with these noninteractive sign-ins.

Microsoft also tuned down the sensitivity of Azure Active Directory Identity Protection when tracking low-risk sign-ins. Users had complained that there were too many low-risk sign-ins to investigate. To help security staff focus, "we tuned our detections and have reduced the number of low-risk Risky sign-ins by more than 60% while also significantly improving precision," the announcement indicated.