A Lifecycle Approach
The CloudKnox solution supports continuous, adaptive risk-based decision making as defined by Gartner's Continuous Adaptive Risk and Trust Assessment (CARTA) framework. Our cloud security platform continuously monitors, assesses, adapts and responds to IAM risk as needed in real-time.
Discover & Assess
- Evaluate the risk of your identities and resources with a simple and powerful metric – the Privilege Creep Index and improve your risk posture— instantly.
- Get a multi-dimensional view of your risk by assessing identities, actions, and resources.
- Know your access keys –who are they assigned to, when were they used and what actions were performed.
& HUMAN IDENTITIES
FOR ACCESS KEYS
ON USAGE PATTERNS
Manage & Protect
- Simplify privilege right-sizing and least privilege role creation across any cloud – with the click of a button.
- Remove unused or high-risk privileges for identities – automatically.
- Grant privileges on demand for a scheduled period or an as-needed basis.
BASED ON ACTIVITY
Monitor & Alert
- Continuously monitor identities, actions, and resource changes (the number of unused high-risk privileges, critical resources accessed, and more).
- Detect and alert on anomalous activity (change in geo-location, client type, or unusual activity).
- Get alerts through email or integrated third-party SIEM or SOAR tools.
APPLY TO RESOURCE
Incident Response & Forensics
- Context-rich forensic reports around identities, actions, and resources to support a rapid investigation.
- Quick access to a timeline of all identity activity and resources accessed.
- Expedite security event triage with powerful data collection and export capabilities.
Audit & Reporting
- Incisive out-of-the-box reports – so your team can get ahead of the risk.
- Fully customizable reports to meet specific compliance reporting requirements.
- Scheduled or on-demand reports to be run and distributed by email.
Integrated Audit and Compliance Engine
Continuously monitors and reports vulnerabilities, misconfigurations, and compliance violations for all private and public cloud infrastructure.
- Hundreds of up-to-date built-in policies based on industry compliance standards and best practices
- Download fixes for misconfigured policies or have CloudKnox remediate on your behalf
- Report on current compliance posture and maintain historical snapshots – so you are always “audit-ready.”
Cloud Security Platform Capabilities
CloudKnox supports all key cloud platforms: AWS, Azure, GCP, and VMware (NSX and vSphere).
Single interface with a consolidated multi-cloud view of all identities, actions and resources.
Granular visibility and insights into every action performed by any identity across any resource.
Detect and alert on anomalous activity such as unusual activity, geo-location, and client type.
Discover and fix violations against security best practices and compliance standards.