A Lifecycle Approach
The CloudKnox solution supports continuous, adaptive risk-based decision making as defined by Gartner's Continuous Adaptive Risk and Trust Assessment (CARTA) framework. Our cloud security platform continuously monitors, assesses, adapts and responds to Identity Access Management (IAM) risk as needed in real-time.
IAM is the process of defining and managing the ever-changing roles and privileges of identities across an organization that have user access. After the digital identity has been established, it must be maintained, altered and monitored throughout each user’s “access lifecycle”. IAM is a critical part of an enterprise security plan and Zero Trust strategy because it is linked to a company’s system security and productivity, especially if the organization is a cloud first enterprise.
Discover & Assess
- Learn your organization’s insider risk profile with CloudKnox’s Privilege Creep Index™ technology, which generates valuable insights about your ability to enforce the Principle of Least Privilege across your hybrid or multi-cloud infrastructure.
- Get a multi-dimensional view of your risk by assessing identities, actions, access rights, and resources. Analyze the set of privileges that all administrator accounts have access to.
- Know your access keys, who are they assigned to, when were they used and what actions were performed.
Manage & Protect
- Simplify privilege right-sizing and least privilege role creation across any cloud – with the click of a button.
- Remove unused or high-risk privileged credentials for identities – automatically.
- Grant end-user privileges on demand for a scheduled period or an as-needed basis.
Monitor & Alert
- Continuously monitor identities, actions, and resource changes (the number of unused high-risk privileged accounts, critical resources accessed, and more).
- Detect and alert on anomalous activity (change in geo-location, client type, malicious code, or unusual activity).
- Get alerts on data breaches through email or integrated third-party SIEM or SOAR API tools.
Incident Response & Forensics
- Context-rich forensic reports around identities, actions, and resources to support a rapid investigation.
- Quick access to a timeline of all identity activity and resources accessed from standard users and privileged user accounts.
- Expedite security event triage with powerful data collection and export capabilities.
Audit & Reporting
- Incisive out-of-the-box reports on your critical systems – so your team can get ahead of the risk.
- Fully customizable access control reports to meet specific compliance reporting requirements.
- Scheduled or on-demand information security reports to be run and distributed by email.
Integrated Audit and Compliance Engine
Continuously monitors and reports vulnerabilities, misconfigurations, and compliance violations for all private and public cloud infrastructure.
- Hundreds of up-to-date built-in security controls and policies based on industry compliance standards and best practices.
- Download fixes for misconfigured policies or have CloudKnox remediate on your behalf.
- Report on current compliance posture and maintain historical snapshots – so you are always “audit-ready.”
CloudKnox proactively addresses insider threats by delivering continuous endpoint detection and remediation of over-privileged machine and human users leveraging our patented Activity-based Authorization protocol. We deliver streamlined privilege audits that make complex data easy to understand. Then you can take immediate action to right-size privileges and mitigate avoidable risk.
Cloud Security Platform Capabilities
CloudKnox supports all key cloud platforms: AWS, Microsoft Azure, GCP, and VMware (NSX and vSphere) and many different operating systems.
Single interface with a consolidated multi-cloud view of all identities, actions, admin accounts, and resources.
Granular visibility and insights into every action performed by any identity across any resource.
Detect and alert on anomalous activity such as unusual activity, geo-location, malware, and client type.
Discover and fix violations against computer security best practices and compliance standards.