CloudKnox Security, the leading permissions management platform for security and infrastructure operations, announced that the company has been granted patents related to the CloudKnox Cloud Security Platform. The patents are part of the company’s active intellectual property (IP) protection program that includes other, as yet unpublished, pending patent applications.
The first patent, “Activity based access controls in heterogeneous environments,” is fundamental to the CloudKnox Activity-Based Authorization Protocol. This capability enables security and infrastructure teams to continuously create, monitor, and enforce least privilege policies based on human and non-human identity activity across hybrid and multi-cloud infrastructures.
The second patent, “Method and system to detect discrepancy in infrastructure security configurations from translated security best practice configurations in heterogeneous environments,” relates to the Anomaly Detection capability in the CloudKnox platform and leveraging activity-based authorization for security and compliance controls.
The patents come on the heels of a $12M round of funding and accelerating go-to-market momentum. The company realized triple-digit year-over-year growth in Q1 2020 fueled by rising demand from enterprise organizations looking to proactively measure and mitigate the greatest risk from operating in the cloud – machine and human identities with excessive permissions.
“These patents protect our unique lifecycle approach to managing identity permissions that combines dynamic activity and contextual-based authorization,” said Balaji Parimi, CEO and founder of CloudKnox Security.
“Giving enterprises granular visibility into every action that every identity is performing on every resource is the only way to successfully implement the Principle of Least Privilege in the cloud. I’m proud of the innovation we continue to drive through the CloudKnox platform.”
Through the Activity-Based Authorization Protocol, the CloudKnox platform creates activity profiles for each unique identity and resource. The profiles are then used as a starting point to measure and monitor least privilege policy enforcement with a single metric called the Privilege Creep Index (PCI).
CloudKnox then normalizes the activity performed across all the diverse cloud platforms making data within the platform highly consumable, allowing immediate action using its JEP (Just-Enough-Privileges) Controller.
Anomaly Detection uses the activity profiles to detect anomalous behavior, such as an identity that performs a high-risk action for the first time on resources it has never accessed.
This activity profile data is also leveraged by the CloudKnox platform’s compliance engine to continuously monitor, capture, and record security violations so customers have a historical record of their compliance posture.
CloudKnox Security offers a free Cloud Identity Risk Assessment to help enterprises understand their cloud identity and access risk profile.