Microsoft Adds Another Security Acquisition With CloudKnox

Microsoft has announced it is acquiring cloud access specialist CloudKnox for an undisclosed sum, in its second cybersecurity purchase in the past ten days.

CloudKnox was established in February 2017 with a mission to control (and limit) people’s access privileges to multiple cloud infrastructure including Microsoft Azure, Amazon Web Services and the Google Cloud.

In a blog post, Microsoft explained its reasoning for the acquisition, saying that while organisations are reaping the benefits of cloud adoption, they still struggle to assess, prevent, enforce and govern privileged access across hybrid and multi-cloud environments.

CloudKnox acquisition

“Even if they piece multiple siloed systems together, they still get an incomplete view of privileged access,” wrote Joy Chik, corporate VP at Microsoft Identity.

“Traditional Privileged Access Management and Identity Governance and Administration solutions are well suited for on-premises environments, however they fall short of providing the necessary end-to-end visibility for multi-cloud entitlements and permissions,” said Chik. “Neither do they provide consistent identity lifecycle management or governance in multi-cloud and cloud-native environments.”

“The acquisition of CloudKnox further enables Microsoft Azure Active Directory customers with granular visibility, continuous monitoring and automated remediation for hybrid and multi-cloud permissions,” wrote Chik.

This is the second Microsoft security acquisition in the space of a week.

Last week Microsoft announced it was acquiring San Francisco-based cybersecurity firm RiskIQ but did not disclose how much it will pay for the firm (although Bloomberg reported it as $500 million).

RiskIQ specialises in helping customers identify their “attack surfaces” and it also utilises “threat intelligence from a global, outside-in perspective.”

RiskIQ was the firm that identified the “skimming” group called Magecart, that had carried out the attack of BA systems in 2018 that stole data from hundreds of thousands of passengers and staff.

In early June, Microsoft also acquired ReFirm Labs to enhance IoT security.

Microsoft incidents

The acquisitions come after Microsoft has had to deal with its own cybersecurity challenges this year.

The most notable one was when Chinese-linked group Hafnium breached the company’s Exchange email service in March this year.

That incident follows the hack last year of SolarWinds’ widely used Orion IT monitoring tool, which also in turn compromised Microsoft systems.

That compromise resulted in the theft of Microsoft customer data and also allowed the hackers to view Microsoft source code.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Facebook Agrees To Pay French Newspapers

Social network giant Facebook signs copyright deal with local publishers - this time with a…

23 hours ago

US Watchdog Questions Tech Giants On Electronic Payments

Consumer Financial Protection Bureau questions Amazon, Apple, Facebook, Google, PayPal, and Square over electronic payments

24 hours ago

Apple To Require Daily Tests For Unvaccinated Staff

Unvaccinated staff working for Apple will be required to take a Covid-19 test, every time…

1 day ago

Sphere Chat App Acquired By Twitter

Second startup purchase by a big name tech firm for young British entrepreneur Nick D'Aloisio,…

2 days ago

Boeing Delays Starliner Launch Until 2022

Glitch with vehicle's propulsion system discovered in August still to be resolved, and crucial uncrewed…

2 days ago

Oversight Board: Facebook ‘Not Forthcoming’ On VIP Cross-check System

Facebook’s own oversight board has slammed the platform for withholding relevant information about its VIP…

2 days ago