Microsoft has announced the public preview of CloudKnox Permissions Management, a unified CIEM solution that controls permissions of any identity across any cloud. The latest solution constantly monitors and remediates permission risks to secure critical cloud resources.
CloudKnox Permissions Management provides thorough visibility into all identities and their permissions granted and permissions used, throughout your cloud infrastructure. Other than user identities, it also includes workload identities like virtual machines, access keys, containers, and scripts, across Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure, the three major cloud providers.
Users can find an overview of their organization's permission profile from the dashboard to detect where the riskiest identities and resources are throughout their infrastructure. It also leverages the Permission Creep Index, a single metric ranging from zero to 100 that computes the gap between permissions granted and permissions used.
The new resource enables users to right-size excessive permissions and automate least privilege policy enforcement once they determine the most critical permission risks across their infrastructure. It monitors historical permission usage data for each identity and users can right-size permissions of that identity to only the permissions that are being employed for day-to-day operations.
Machine learning-powered anomaly and outlier detection alerts will warn users if any suspicious activity is detected to avert privilege misuse and a potential data breach. Users can also set up custom alert triggers for a certain set of actions or resources to automate their monitoring and perform incident response, and generate custom forensic reports to monitor their infrastructure to support rapid remediation.