CloudKnox Cloud Security Platform

Additional Info

CompanyCloudKnox Security
Websitehttps://cloudknox.io/
Company size (employees)10 to 49
Type of solutionSoftware

Overview

The CloudKnox Cloud Security Platform addresses the greatest unmanaged risk to hybrid cloud security that exists today – over-provisioned identity privileges. The platform fundamentally shifts the model for how enterprises can get ahead of this risk by applying a revolutionary new approach to an old problem – Activity-based Authorization. This enables organizations to not only detect identities with unused high-stake privileges – across any private or public cloud – based on actual activities versus static roles, but also right-size by revoking unused high-risk privileges with one click.

The CloudKnox platform autonomously prevents risks as it learns which activities the identities are performing and enables organizations to dynamically and instantly revoke or grant privileges based on actual needs. This ultimately allows enterprises to effectively enforce the principle of least privilege at the infrastructure level.

The CloudKnox platform collects the privileges and activity details of all identities on an hourly basis and generates a single metric, called the Privilege Creep Index. This index is a function of accumulated unused high-risk privileges. The higher the index, the more unused high-risk privileges an identity has.

With the click of a button, CloudKnox’s Just Enough Privileges Controller then provides the ability to reduce the risk by revoking the unused high-risk privileges for each identity across any cloud.

CloudKnox’s extensible platform centralizes authorization across all private and public clouds, including VMware vSphere, Amazon AWS, Microsoft Azure, and Google Cloud. The platform easily integrates with existing IT service workflow management tools for escalation approval workflows. It can also run in read-only mode while still providing all the remediation benefits by creating scripts and policies that administrators can apply manually.

How we are different

1. CloudKnox is the only cloud security platform that focuses on a dynamic authorization model by utilizing Activity-based rather than static Role-based Access Controls.


2. The CloudKnox approach was built upon a belief that the solution to mitigating insider threats should not be about restricting privileges but about creating a non-intrusive path to managing the entire identity privilege lifecycle while avoiding any impact to productivity or trust.


3. CloudKnox competitors are the infrastructure-as-a-service platform providers themselves, but they don’t manage this problem natively across private and public cloud environments.