View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cloud
October 3, 2018

CloudKnox Closes Venture Round, Launches Hybrid Cloud Security Platform, Backed by Dell Technologies Capital

"The nirvana is the achieving the principle of least privilege"

By CBR Staff Writer

Fresh from what looks likely to be a highly profitable exit from RedLock, sold today (subject to normal terms and conditions) to Palo Alto Networks for $173 million, Dell’s venture capital arm Dell Technologies Capital has joined Foundation Capital in backing a new multi-cloud security specialist, CloudKnox Security.

A $10.75 million funding round led by former Blackstone CISO Jay Leek and closed today is underpinning today’s launch of the company’s new cloud security platform.

New Cloud Security Platform Centralises Privilege Authorisation Across Clouds

CloudKnox, led by CEO Balaji Parimi – a VMware veteran who spent four years as VP, engineering and operations at CloudPhysics – is providing a platform that centralises identity privilege authorisation across all private and public clouds, such as VMware vSphere, Amazon AWS, Microsoft Azure and Google Cloud.

“The platform also integrates with existing IT service workflow management tools for escalation approval workflows. It can also run in read-only mode while still providing all the remediation benefits by creating scripts and policies that administrators can apply manually,” CloudKnox said.

CloudKnox: “Addressing One of the Greatest Unmanaged Multi-Cloud Infrastructure Threats”

CloudKnox claimed in a release today to be “addressing one of the greatest unmanaged multi-cloud infrastructure threats — an identity (employee, contractor, service account, API or bot) with excessive privileges.”

The company said: “The common practice is to give identities access to every action on a wide swath of infrastructure. CloudKnox data shows that most of these identities only use 1% of privileges. The nirvana is the achieving the principle of least privilege, which ensures identities only have the permissions needed to perform their work.”

See also: Okta Snaps Up ScaleFT, Takes Aim at $50 Billion VPN Market

A couple of examples of the risk: in 2014, source code hosting provider CodeSpaces went out of business when a hacker gained admin credentials and used them to wipe out its entire AWS infrastructure, including backups.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

In early 2017, meanwhile, an AWS S3 outage resulted from an authorised AWS administrator accidentally inputting incorrect commands.

“As we scale our Enterprise infrastructure, it’s becoming clear that having visibility into how many identities can touch the infrastructure, what privileges they have and what they actually do with them is critical,” an early customer, Prakash Kota, CIO of Autodesk said.

“Managing privileges based on static roles is too complex and tedious and creates the need for a solution that CloudKnox fulfills perfectly. Without the need to write a single line of script or understand multiple private and public cloud authorization models, CloudKnox uniquely and simply enables us to effectively enforce the principle of least privilege at the infrastructure level within our environment.”

CloudKnox, founded in 2016 but funded for the first time today in the $10.75 million venture round, is based in Sunnyvale, California.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.