- CloudKnox's software can help organizations ensure that employees and virtual identities don't have too much permission to take action on cloud infrastructure.
- The software works with Microsoft Azure, as well as the Amazon and Google public clouds.
Microsoft said Wednesday it's acquiring CloudKnox, a start-up whose software helps companies reduce the amount of access they provide to their cloud resources. Terms of the deal weren't disclosed.
The move represents another step Microsoft is taking to expand its security business, in addition to working to keep Windows and its other products secure.
In January, Microsoft said it had generated over $10 billion in security revenue in the previous 12 months, up more than 40% year over year, meaning that it's growing faster than most other product areas. Just last week, Microsoft announced the acquisition of another security company, RiskIQ, which can spot threats across a given company's entire information-technology footprint.
CloudKnox's software works with Microsoft's Azure public cloud, as well as the Amazon and Google clouds. The software spots — and can remove — cases of permissions for employees and virtual identities that aren't being actively used, and it can show alerts about unusual activity.
Microsoft corporate vice president Joy Chik explained in a blog post that as unmonitored cloud services (like virtual machines) proliferate, it's harder for organizations to keep a tight control over who's allowed to do what with them. "High-profile breaches demonstrate how quickly bad actors can move laterally by exploiting misappropriated privileged credentials."
The start-up was founded in 2015 and is based in Sunnyvale, California, with 58 employees listed on LinkedIn. Investors include Sorenson Ventures, Dell Technologies Capital and Foundation Capital.