CloudKnox Security, a leader in identity privilege management for hybrid cloud environments, announced integration of the CloudKnox Security Platform with AWS IAM Access Analyzer, a new capability from Amazon Web Services (AWS) that analyzes resource policies to help administrators and security teams protect their resources from unintended access.
AWS IAM Access Analyzer automatically analyzes policies attached to companies’ AWS resources and delivers detailed findings, which feeds the CloudKnox cross-account explorer that visually maps all the entry points into customers’ AWS accounts.
Using AWS IAM Access Analyzer to continuously monitor policies for change, CloudKnox notifies customers whenever a policy change results in exposed resources – such as enabling an external account to assume an IAM role or sharing access to an Amazon Simple Storage Service (Amazon S3) bucket. From there, customers can right-size privileges using the CloudKnox JEP Controller.
“Exposed or misconfigured infrastructure resources can lead to a breach or a data leak,” said Balaji Parimi, CEO, CloudKnox Security. “Combining AWS IAM Access Analyzer’s automated policy monitoring and analysis with CloudKnox’s identity privilege management capabilities will make it easier for CloudKnox customers to gain visibility into and control over the proliferation of resources across AWS environments.
“It’s a strategic integration designed to protect organizations against unintended access to critical resources and mitigate the number one risk they face – overprivileged identities.”
The AWS IAM Access Analyzer integration is the latest example of CloudKnox’s growing relationship with AWS. In May 2019, CloudKnox announced that the company attained Advanced Technology Partner Status in the AWS Partner Network (APN).
CloudKnox allows customers to continuously assess, manage and monitor their AWS identities, actions, roles and resources, helping them enforce least privilege policies and avoid the unnecessary risk of overprivileged identities.