Microsoft Adds Another Security Acquisition With CloudKnox

Microsoft has announced it is acquiring cloud access specialist CloudKnox for an undisclosed sum, in its second cybersecurity purchase in the past ten days.

CloudKnox was established in February 2017 with a mission to control (and limit) people’s access privileges to multiple cloud infrastructure including Microsoft Azure, Amazon Web Services and the Google Cloud.

In a blog post, Microsoft explained its reasoning for the acquisition, saying that while organisations are reaping the benefits of cloud adoption, they still struggle to assess, prevent, enforce and govern privileged access across hybrid and multi-cloud environments.

CloudKnox acquisition

“Even if they piece multiple siloed systems together, they still get an incomplete view of privileged access,” wrote Joy Chik, corporate VP at Microsoft Identity.

“Traditional Privileged Access Management and Identity Governance and Administration solutions are well suited for on-premises environments, however they fall short of providing the necessary end-to-end visibility for multi-cloud entitlements and permissions,” said Chik. “Neither do they provide consistent identity lifecycle management or governance in multi-cloud and cloud-native environments.”

“The acquisition of CloudKnox further enables Microsoft Azure Active Directory customers with granular visibility, continuous monitoring and automated remediation for hybrid and multi-cloud permissions,” wrote Chik.

This is the second Microsoft security acquisition in the space of a week.

Last week Microsoft announced it was acquiring San Francisco-based cybersecurity firm RiskIQ but did not disclose how much it will pay for the firm (although Bloomberg reported it as $500 million).

RiskIQ specialises in helping customers identify their “attack surfaces” and it also utilises “threat intelligence from a global, outside-in perspective.”

RiskIQ was the firm that identified the “skimming” group called Magecart, that had carried out the attack of BA systems in 2018 that stole data from hundreds of thousands of passengers and staff.

In early June, Microsoft also acquired ReFirm Labs to enhance IoT security.

Microsoft incidents

The acquisitions come after Microsoft has had to deal with its own cybersecurity challenges this year.

The most notable one was when Chinese-linked group Hafnium breached the company’s Exchange email service in March this year.

That incident follows the hack last year of SolarWinds’ widely used Orion IT monitoring tool, which also in turn compromised Microsoft systems.

That compromise resulted in the theft of Microsoft customer data and also allowed the hackers to view Microsoft source code.