Skip to main content

Microsoft doubles down on cybersecurity with CloudKnox acquisition

View of a Microsoft logo on March 10, 2021, in New York.
View of a Microsoft logo on March 10, 2021, in New York.

Join us in Atlanta on April 10th and explore the landscape of security workforce. We will explore the vision, benefits, and use cases of AI for security teams. Request an invite here.


Microsoft today announced that it acquired CloudKnox Security, a platform designed to protect resources and identities across multicloud and hybrid cloud environments. With the purchase, the terms of which weren’t disclosed, Microsoft says that Azure customers will be able to right-size permissions and enforce least-privilege principles, employing continuous analytics to help prevent security breaches.

As organizations adapt to hybrid work and deploy more cloud services, virtual machines and containers are proliferating. These entities have service accounts and associated permissions, privileges, and entitlements, some of which threaten to expose organizations to new attack vectors. Problematically, organizations often struggle to assess and govern privileged access in cloud environments. Even if they piece systems together, they still get an incomplete view of privileged access.

Sunnyvale, California-based CloudKnox, which was cofounded in 2015 by former VMWare engineer Balaji Parimi and Rao Cherukuri, provides a service that leverages activity-based authorization APIs to detect and remediate over-privileged machines and users. The company emerged from stealth in 2017 and launched its permissions management product for hybrid and multicloud infrastructures the following year, in 2018. It claims to have invented technology to manage entitlements of any identity — human or non-human, irrespective of their origin — across any cloud infrastructure with the same operating model.

CloudKnox reveals who has access to multicloud environments and endpoints, workspaces, and workflows across Amazon Web Services, Microsoft Azure, Google Cloud, active directories, and VPNs. Built-in tools monitor users and digital identity actions on resources across clouds for anomalies. And an identity management component spots suspicious changes in geolocation and client type.

VB Event

The AI Impact Tour – Atlanta

Continuing our tour, we’re headed to Atlanta for the AI Impact Tour stop on April 10th. This exclusive, invite-only event, in partnership with Microsoft, will feature discussions on how generative AI is transforming the security workforce. Space is limited, so request an invite today.
Request an invite

The 58-employee CloudKnox had raised $22.8 million in venture capital prior to the acquisition. ClearSky, Sorenson Ventures, Dell Technologies Capital, and Foundation Capital were among the investors in the startup’s previous funding rounds.

“We saw opportunities to provide even greater value and seamless experience across hybrid and multi-clouds with deeper integrations within the Microsoft ecosystem,” Parimi wrote in a blog post. “By joining Microsoft, we can unlock new synergies and make it easier for our mutual customers to protect their multi-cloud and hybrid environments and strengthen their security posture.”

Strategic play

The cloud identity and access management solutions market was worth an estimated $1 billion in 2020, and it’s anticipated to climb to $16.2 billion by 2027. As Gartner analyst Michael Kelley told VentureBeat via email, the segment — as well as cloud infrastructure entitlements management (CIEM) services — remains an area of high interest because of digital transformation and “move everything to the cloud” initiatives.

“Visibility for appropriate access in infrastructure-as-a-service (IaaS) is a significant concern for many organizations. And given the focus that many organizations have on a multi-cloud approach for IaaS, while some platform vendors provide some limited capabilities here, the market will find tools which can cover multiple IaaS environments important,” Kelley said. “Managing cloud infrastructure entitlements is becoming a greater challenge due to their rapid increase in number and complexity, further exacerbated by the multicloud, where entitlements are inconsistently defined and configured. Traditional privileged access management and identity governance and administration solutions have not adequately addressed the need to manage entitlements that are extremely granular and dynamic. Cloud security posture management (CSPM) platforms also don’t typically deliver deeper identity controls concerning account access governance, like identity life cycle tasks.”

As CNBC’s Jordan Novet notes, in January, Microsoft reported that it generated over $10 billion in security revenue in 2020 — up more than 40% year-over-year. Along with the company’s recent acquisition of cybersecurity startup RiskIQ, which spots threats across enterprise IT footprints, the CloudKnox buy appears to be a doubling down on technologies likely to become in demand as public cloud threats spread. Global spending on cybersecurity products and services is expected to exceed $1 trillion cumulatively over the five-year period from 2017 to 2021, according to Cybersecurity Ventures.

“Since IT modernization often spans multiple clouds, cloud security and identity are top of mind for most of our customers. Modern identity security needs to protect all users and resources consistently across multicloud and hybrid cloud environments,” Joy Chik, corporate VP of Microsoft identity, wrote in a press release. “As the corporate network perimeter disappears, it’s crucial to establish a strong cloud identity foundation, so you can enforce least privileged access to protect business-critical systems while improving business agility. We’re committed to making it easier to enforce least privileged access for all user and workload identities.”

VB Daily - get the latest in your inbox

Thanks for subscribing. Check out more VB newsletters here.

An error occured.