Cloud Security Company Raises $10.75 Million in Funding From ClearSky Security, Dell Technologies Capital and Foundation Capital
Losing control of accounts with elevated privileges is a major concern for all organizations, and can only be solved by enforcing a strict policy of least privilege. That is not easy, but even harder in hybrid cloud environments. It has been estimated that there are almost 8,000 separate actions — or privileges — available across AWS, Azure, Google Cloud and vSphere. Managing privilege to this amount of actions is almost impossible manually.
This is the argument behind startup firm CloudKnox Security. Founded in 2016 by Balaji Parimi and headquartered in the San Francisco Bay Area, CloudKnox has now raised $10.8 million in venture funding led by ClearSky Security with participation from Dell Technologies Capital and Foundation Capital. Dell Technologies Capital had been an investor in RedLock, which had raised a total of $12 million. Palo Alto Networks yesterday announced that it had agreed to acquire RedLock for approximately $173 million.
CloudKnox delivers a platform that enables customers to manage the risk of over-provisioning privileges. “Enterprises today are focused on protecting their cloud environments by using tools that provide visibility into anomalous activity and then reacting to it,” said Jay Leek, Managing Director at ClearSky Security and former Blackstone CISO. “Security leaders should approach the security of their cloud environments differently by getting ahead of the risks.”
The CloudKnox platform uses activity-based access controls to detect identities (service accounts, APIs, bots, contractors or employees) with unused privileges based on actual activities versus static roles. It then allows the automatic revocation of unused high-risk privileges with a single click. The platform, announced the company, “autonomously prevents risks as it learns what activities identities are performing and enables organizations to dynamically and instantly revoke or grant privileges based on actual needs.”
The iconic example of abused privilege can be seen in CodeSpaces, which was forced out of business when a hacker gained admin credentials and was able to delete the entire CodeSpaces AWS infrastructure, including backups.
“Today’s dynamic infrastructure demands a different approach to manage risks,” said Balaji Parimi, CEO and founder of CloudKnox Security. “One key stroke can deploy thousands of cloud workloads and can also destroy thousands of workloads and take down a business. Our approach is built on our belief that enterprises need a single cloud security platform that goes beyond visibility and provides a simple and flexible way to remediate and prevent risks without impacting productivity and trust.”
Related: What You Think You Know About SaaS Security Is Wrong

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.
More from Kevin Townsend
- Venafi Leverages Generative AI to Manage Machine Identities
- Hacker Conversations: Casey Ellis, Hacker and Ringmaster at Bugcrowd
- OT/IoT and OpenTitan, an Open Source Silicon Root of Trust
- CISOs and Board Reporting – an Ongoing Problem
- Vector Embeddings – Antidote to Psychotic LLMs and a Cure for Alert Fatigue?
- The Team8 Foundry Method for Selecting Investable Startups
- Hacker Conversations: Alex Ionescu
- The Reality of Cyberinsurance in 2023
Latest News
- Stealthy APT Gelsemium Seen Targeting Southeast Asian Government
- Nigerian Pleads Guilty in US to Million-Dollar BEC Scheme Role
- 900 US Schools Impacted by MOVEit Hack at National Student Clearinghouse
- City of Dallas Details Ransomware Attack Impact, Costs
- In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover
- Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks
- Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware
- In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking
