Continual Compliance for Privileged Users.

Introduction to The Cloudknox Security Platform.

There is confusion when it comes to the infrastructure challenges around identity privilege management and authorisation, especially regarding hybrid cloud, which is something AVR and CloudKnox aim to change. CloudKnox has one mission; to implement a single platform to manage the identity privilege lifecycle across a business cloud environment.

The CloudKnox platform continuously monitors the activity to assess risk and behaviour and provides a single metric, giving you immediate visibility.


Managing and securing privileged identities and access to sensitive systems, infrastructure and data is rapidly evolving as a must-have compliance mandate. The necessity to provide granular access control logs detailing all identity privileges and related activity within an organisation’s infrastructure is a fundamental requirement across just about every industry regulatory standard today.

The process for retrieving these logs can mean employing a very tedious data collection method that includes arduous tasks such as manual scraping, custom scripting and data massaging. Not only do such time-consuming methods demand the time and effort of multiple teams over several weeks but are highly error-prone as well.


Using CloudKnox, the customer can quickly create a centralised database of all actions performed by every identity. All administrators, service accounts, bots, scripting accounts that utilise API keys across all their vCenters can be quickly accounted for. The customer is able to generate daily reports that address their compliance posture and remediate any violations that were uncovered before the format audit. This enables the customer’s compliance and audit teams to use CloudKnox directly to generate any reports they need without requiring the assistance of technical team – a huge time and cost savings. The CloudKnox solution can also enable the customer to reduce the time required to collect data from weeks to just a few minutes. In doing so, they can not only manage to avoid legal issues, but save hundreds of thousands that would have been otherwise spent on wasted man-hours.


With granular visibility and remediation capabilities, it allows the customer to quickly uncover over-provisioned identities and immediately implement measures to improve their security posture against insider threats. Customers are able to quickly fix the risk of over-privileged by removing some of those users from the vCenter and converting others to have permission to execute read-only actions. With CloudKnox, the customer can correct each account with exactly the actions it should be performing. For example, for SIEM services, the service account can be given permission to execute read-only actions and for back-up services.



With the increasing complexity of security and reduction in skills this now represents a very significant risk. With enforcement becoming more aggressive around compliance breaches it becomes vital to have the right tools to ensure consistency in a complex technical landscape.

Cloudknox provides simple control of roles and permissions in order to protect Enterprise architecture. Unlike previous generations of products in this space, the speed of deployment and simplicity of permission assignment permits rapid adoption.



Cloudknox recently announced it has been selected to join the National Cyber Security Centre (NCSC)’s fourth Cyber Accelerator cohort. This achievement is a testament to CloudKnox’s overall company as it empowers cyber security teams to prevent unnecessary and excessive privileges being granted to identities and resources within cloud infrastructure.


Contact us for a free demonstration.




We all know how busy IT teams are with keeping up with even the basic business infrastructure. AVR has developed a service offering that takes the headache away from the installation and management.  With us involved in the deployment from the beginning of the project we are able to move from deployment to operations in less than a day.   



AVR will encompass the very best practices and tools crafted from over 17 years experience in the IT industry to deliver and operate the CloudKnox infrastructure. AVR’s configuration model will continually monitor and enforce desired configurations, and remediate any risk or unexpected changes.



AVR’s highly skilled specialist Cloud support team provide 1st, 2nd and 3rd line support throughout the project lifecycle and beyond, depending on the needs of our customers. This means you can fully expand your infrastructure with confidence and ease.


Threat Hunting Webinar

The Threat Hunting Webinar: An educational webinar explaining the tools, techniques and procedures used by adversaries and how to detect and contain these types of attacks



A Morning with Balaji Parimi

Balaji discovered that organisations were predominantly relying on role-based access controls (RBAC) to solve their growing identity privilege challenge.



Securing Privileged Identities.

Managing and securing privileged identities and access to sensitive systems, infrastructure and data is rapidly evolving as a must-have compliance mandate.



Hospitals Close Doors Due to Ransomware Attacks

Reports this week have announced that computers at the DCH medical centres have been infected with ransomware. Three hospitals that make up the group in Alabama were closed to new patients as the attack paralysed the health network’s computer system.