CloudKnox Cloud Security Platform

The CloudKnox Cloud Security Platform addresses a critical operational challenge in hybrid cloud environments: the over-provisioning of identity privileges. This issue is tackled through a dynamic authorization model based on Activity-based Authorization, rather than traditional static Role-based Access Controls.

Technically, the platform continuously monitors and collects privileges and activity details of all identities on an hourly basis, generating a Privilege Creep Index. This index quantifies the gap between granted and used permissions, highlighting identities with unused high-risk privileges. The Just Enough Privileges Controller allows administrators to revoke these unused privileges with a single click, enforcing the principle of least privilege at the infrastructure level.

The architecture is designed to integrate with multiple cloud providers, including AWS, Azure, Google Cloud, and VMware vSphere, as well as existing IT service workflow management tools. It supports both human and non-human identities, such as virtual machines, access keys, containers, and scripts. The platform also leverages machine learning-powered anomaly and outlier detection to alert on suspicious activities and support rapid incident response through custom forensic reports.

Operationally, CloudKnox ensures minimal disruption to productivity by providing on-demand permission requests for temporary access needs. However, it is important to note that as of June 2023, CloudKnox has reached its end of life and its capabilities are now integrated into Microsoft Entra Permissions Management, which continues to offer unified Cloud Infrastructure Entitlement Management (CIEM) across multi-cloud environments. This transition ensures continued support and enhancement of the original CloudKnox features within the Microsoft ecosystem.