New FinOps Capabilities Kion Strengthens Multicloud Capabilities with New Support for FOCUS and Oracle Cloud Infrastructure Read the press release

Press Release Cloud Operations

Kion Expands IAM Capabilities to Help Organizations Manage CloudOps Security and Governance By Default

4 min read

Last updated on June 10th, 2024 at 9:07am

Philadelphia, Pa. – June 10, 2024 – AWS re:Inforce – Kion, the leading automated CloudOps platform for multicloud, today announced a new identity and access management (IAM) capability that discovers, manages, and remediates overprivileged administrators across an organization’s cloud infrastructure. Kion’s Admin Audit feature provides a panoramic view of all cloud admins across an organization’s hundreds, sometimes thousands, of cloud accounts, enabling security and CloudOps teams to better secure and govern administrative access by default. This new IAM capability is part of the company’s efforts to help users improve cloud visibility and implement the guardrails necessary to scale secure, compliant, and well-architected clouds.

Admin Audit automatically discovers human and machine users with administrative permissions. This includes users and roles with permissions applied directly to the principal, as well as principals who can become admins indirectly via role-chaining to another role, privilege escalation, or other techniques. This visibility helps to rightsize permissions to ensure least-privilege access and minimize blast radius. It provides unprecedented visibility into ‘accidental admins’ across multicloud infrastructure, empowering CloudOps and security teams to confidently manage complex multicloud environments at scale. With Admin Audit, organizations gain CIEM (Cloud Infrastructure Entitlement Management) functionality – previously only found in security software – natively in a multicloud operations platform to effectively manage permissions and safeguard sensitive data.

“Cloud-related data breaches are still occurring regularly because of threat actors’ ability to abuse mismanaged identities. Configuring these identities across multiple cloud accounts and providers has become a significant headache. The default has been to continue manually managing permissions and accept that there is a level of risk and exposure that your organization is vulnerable to,” said Brandon Turner, VP of Engineering at Kion. “But with Admin Audit, that doesn’t have to be the case. Admin Audit scans your entire environment, unveiling not just the unmistakable admins, but also those hidden figures who possess indirect admin abilities. These are the users who, while not labeled as admins, can create new roles with sweeping rights or access other principals that have been granted admin permissions, effectively operating as unchecked ‘accidental admins’.”

Turner continued, “According to the Identity Defined Security Alliance (IDSA), 90% of organizations experienced an identity-related incident in the last year. As a former practitioner, I know how overwhelming managing permissions can be to security and CloudOps teams. With cloud usage expanding over the past couple of years, this process has become exponentially more complex for my peers. Our goal with Admin Audit is to better support organizations’ CloudOps and information security efforts by giving them greater insight into their cloud ecosystem and providing the tools to identify and quickly fix errors and inconsistencies before a problem occurs.”

Kion’s IAM capabilities have been recognized by industry award programs for their user-friendly approach to overseeing individual access to cloud resources across multiple cloud providers and regions. Using a highly customizable hierarchical organizational structure, the Kion platform leverages an inheritance model to effectively consolidate policies and rules, reducing misconfiguration risks in the cloud and ensuring consistent application of customer-specific IAM policies throughout the entire organization.

Kion’s Admin Audit feature will initially support AWS and be available in the company’s upcoming v3.10 release.

Kion will be exhibiting at the annual AWS re:Inforce conference from June 10-12, 2024 in Philadelphia, PA. Stop by Kion’s booth (#701), located along the main expo entrance, to discover who your cloud admins are via an Admin Audit demo. Kion will also be discussing common CloudOps challenges such as cloud account sprawl without baselines, compliance drift, and issues with find-and-fix tools creating thousands of items to remediate.

About Kion

Kion automates CloudOps with a single platform providing policy-based identity, FinOps and compliance across multicloud. Kion helps organizations achieve ‘governance by default’ through improved visibility, automation, guardrails, and guidance across AWS, Azure and Google Cloud environments. This helps enterprises reduce complexity, eliminate chaos, and minimize manual work so they can innovate faster with less risk. Wherever they are on their cloud journey, Kion empowers organizations to confidently provision accounts, maintain financial control, and ensure compliance with security regulations. Kion serves leading commercial, higher education and government agencies including Indeed, Verizon, NASA, and the Centers for Disease Control and Prevention (CDC).

Media Contact

Sara Jacono


LaunchTech Communications

[email protected]

Start your cloud operations journey.

Request a demo today,