At a Glance
Microsoft has acquired cloud infrastructure management and security provider CloudKnox Security to provide unified privileged access to its customers. The CloudKnox software would work with Azure public cloud and align with Microsoft’s cloud security goals
Microsoft has announced its acquisition of CloudKnox Security, a platform protecting critical cloud infrastructure, resources and identities to strengthen its cloud security aspirations, a week after it announced its acquisition of RiskIQ.
The acquisition would help organizations enforce least-privilege principles to reduce risk and employ continuous analytics to help prevent security breaches and ensure compliance. CloudKnox’s software would work with Microsoft Azure cloud and help remove cases of permissions for employees and virtual identities that aren’t being actively used, alerting unusual activity.
In a blog post, Joy Chik, corporate vice president at Microsoft, stated the need for modern identity security to consistently protect all users and resources across multi and hybrid cloud environments, a reason behind acquiring CloudKnox. She enunciated that as hybrid work models increase with the growing cloud adoption rate, unmonitored service entities (with no human interaction) proliferate, exposing organizations to new attack vectors.
Chik stated that though organizations were reaping the benefits of cloud adoption, they struggled to assess, prevent and enforce privileged access across hybrid and multi-cloud environments.
Traditional Privileged Access Management and Identity Governance and Administration solutions are well suited for on-premises environments, however they fall short of providing the necessary end-to-end visibility for multi-cloud entitlements and permissions. Neither do they provide consistent identity lifecycle management or governance in multi-cloud and cloud-native environments,Chik stated
CloudKnox’s acquisition would enable Microsoft’s Azure Active Directory customers with visibility, monitoring and automated remediation for hybrid and multi-cloud permissions.
Overall, it offers customers – automated and simplified access policy enforcement in an integrated multi-cloud platform for all human and workload identities, high-precision machine learning-based anomaly detections and seamless integration with other Microsoft cloud security services, including 365 Defender, Azure Defender and Azure Sentinel.
We saw opportunities to provide even greater value and seamless experience across hybrid and multi-clouds with deeper integrations within the Microsoft ecosystem. By joining Microsoft, we can unlock new synergies and make it easier for our mutual customers to protect their multi-cloud and hybrid environments and strengthen their security posture.CloudKnox Security commented on the acquisition in its official blog