In the past couple of months, Microsoft has made two major acquisitions when it comes to enhancing the security of its cloud platform. It acquired cybersecurity firm RiskIQ for a reported $500 million earlier this month as well as ReFirm Labs in June to improve its Azure Defender for IoT platform. Today, it has announced that it is purchasing CloudKnox Security, a leader in Cloud Infrastructure Entitlement Management (CIEM).

A Microsoft logo on a grey background with a padlock icon in a circle on the right

CloudKnox Security's expertise lies in helping organizations enforce least-privilege access, right-size permissions, ensure compliance, and provide analytics to identify potential attack surfaces in cloud environments.

Microsoft says that while traditional entitlement management solutions work well in on-premises environments, they do not cater to multi-cloud and hybrid environments. Even if the attack surface is reduced by having siloed systems, there is generally a lack of unified visibility across environments. Considering that customers now have lots of service entities running and communicating with each other without human intervention, this makes it difficult to configure the correct permissions – the lack of which results in security breaches.

This is where CloudKnox Security comes into play. Microsoft says that via this acquisition, it will offer Azure Active Directory (AAD) customers continuous monitoring at a granular level across hybrid and multi-cloud environments and will enable auto-remediation capabilities as well.

The ultimate goal is to provide customers with a solution through which they have visibility over privileged access management, identity governance, and entitlement management. This will be accomplished by automated enforcement of policies, anomaly detection via machine learning, and integration with existing Microsoft security solutions such as Microsoft 365 Defender, Azure Defender, and Azure Sentinel.