CloudKnox has the ability to help companies right-size permissions, enforce least-privilege principles to cut risk and allows for analytics to tighten security against breaches.
Microsoft said there are bigger needs for cybersecurity these days as IT modernization is often done across several clouds or hybrid cloud environments, so that was why the purchase was made.
Now, with the acquisition, Microsoft is looking at implementing more enhanced services, including automated and simpler enforcement of access policy enforcement, using just one integrated cloud platform for all identities. The acquisition will also provide for more signal-enabling, high-precision machine learning-based anomaly detection and easy integration with other cloud security services from Microsoft like Microsoft 365 Defender, Azure Defender and Azure Sentinel.
Microsoft also notes that while there are more companies overall utilizing cloud-based services, there are often still issues with things like assessing, preventing, enforcing and governing the access for hybrid and multi-cloud uses, with incomplete views a lot of the time. Microsoft in the past has advocated for more of a “zero trust” approach with lots of verification and always assumes a breach has happened.
This isn’t the only recent Microsoft acquisition to work with cybersecurity, as its acquisition of RiskIQ in July also fit that profile. With that acquisition, the RiskIQ threat intelligence offering will be integrated into Microsoft.
RiskIQ searches the web and provides details on things like websites, networks, domain names and more, giving customers more clarity on what can be accessed outside of company firewalls. That information can then be used to lock down vulnerable information and limit the likelihood of breaches.
With that acquisition, Microsoft customers will be allowed to develop more complete pictures of threats to their companies. This is especially prescient with the rising number of ransomware and other cyberattacks.