Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

CloudKnox Raises $10.8 Million to Help Manage Cloud Privileges

Cloud Security Company Raises $10.75 Million in Funding From ClearSky Security, Dell Technologies Capital and Foundation Capital

Cloud Security Company Raises $10.75 Million in Funding From ClearSky Security, Dell Technologies Capital and Foundation Capital

Losing control of accounts with elevated privileges is a major concern for all organizations, and can only be solved by enforcing a strict policy of least privilege. That is not easy, but even harder in hybrid cloud environments. It has been estimated that there are almost 8,000 separate actions — or privileges — available across AWS, Azure, Google Cloud and vSphere. Managing privilege to this amount of actions is almost impossible manually.

This is the argument behind startup firm CloudKnox Security. Founded in 2016 by Balaji Parimi and headquartered in the San Francisco Bay Area, CloudKnox has now raised $10.8 million in venture funding led by ClearSky Security with participation from Dell Technologies Capital and Foundation Capital. Dell Technologies Capital had been an investor in RedLock, which had raised a total of $12 million. Palo Alto Networks yesterday announced that it had agreed to acquire RedLock for approximately $173 million.

CloudKnox LogoCloudKnox delivers a platform that enables customers to manage the risk of over-provisioning privileges. “Enterprises today are focused on protecting their cloud environments by using tools that provide visibility into anomalous activity and then reacting to it,” said Jay Leek, Managing Director at ClearSky Security and former Blackstone CISO. “Security leaders should approach the security of their cloud environments differently by getting ahead of the risks.”

The CloudKnox platform uses activity-based access controls to detect identities (service accounts, APIs, bots, contractors or employees) with unused privileges based on actual activities versus static roles. It then allows the automatic revocation of unused high-risk privileges with a single click. The platform, announced the company, “autonomously prevents risks as it learns what activities identities are performing and enables organizations to dynamically and instantly revoke or grant privileges based on actual needs.”

The iconic example of abused privilege can be seen in CodeSpaces, which was forced out of business when a hacker gained admin credentials and was able to delete the entire CodeSpaces AWS infrastructure, including backups. 

“Today’s dynamic infrastructure demands a different approach to manage risks,” said Balaji Parimi, CEO and founder of CloudKnox Security. “One key stroke can deploy thousands of cloud workloads and can also destroy thousands of workloads and take down a business. Our approach is built on our belief that enterprises need a single cloud security platform that goes beyond visibility and provides a simple and flexible way to remediate and prevent risks without impacting productivity and trust.”

Related: What You Think You Know About SaaS Security Is Wrong 

Advertisement. Scroll to continue reading.

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.

Register

Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Cyber Insurance

Cyberinsurance and protection firm Boxx Insurance raises $14.4 million in a Series B funding round led by Zurich Insurance.

Funding/M&A

Thirty-five cybersecurity-related M&A deals were announced in February 2023

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Funding/M&A

Forty-one cybersecurity-related M&A deals were announced in March 2023.

Funding/M&A

Forty cybersecurity-related M&A deals were announced in January 2023.

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem