A Cloud Access Security Broker (CASB) is a policy enforcement point that delivers data and threat protection in the cloud, on any device, anywhere. There are three requirements for a CASB vendor: Management: Visibility and clean-up after high-risk events Security:  Preventing high-risk events such as data leakages and threat intrusions Zero-Day protection: Protection from known and unknown data leakage risks and malware threats Correspondingly there are three types of CASB: API-only that deliver only management. Such CASB uses API access to SaaS apps to remediate after data-leakage events. Multi-mode First-Gen that delivers management and security, but not Zero-Day protection.  Such CASB offer signature-based protection for known data leakage paths and a fixed set of applications Multi-mode Next-Gen that deliver management, security and Zero-Day protection.  Such CASB dynamically adapt to deliver protection for known and unknown data leakage risks and malware threats, on any app. Bitglass is the CASB with a true hybrid architecture. We use a combination of proxies and API integrations with cloud apps, ensuring complete coverage against all risk of data leakage as sensitive information moves beyond the corporate firewall. While the industry is making the shift to a multimode approach, Bitglass designed its solution from the beginning to reduce complexity and headaches for IT. Bitglass addresses all components of a multimode approach, including: Forward proxy, which requires light-weight installations on endpoints and is perfect for securing managed devices. Reverse proxy, which doesn’t require agents and is ideal for BYOD environments. ActiveSync proxy, for agentlessly securing data accessed and stored by mobile devices. API integration, which provides visibility and control over data at rest within cloud-based tools. The largest differentiator for Bitglass is its reverse proxy, something competitors have yet to achieve at scale with the same reliability. This is because Bitglass has patented AJAX-VM, proprietary technology necessary to ensure robust reverse proxy functionality. Additionally, Bitglass differs from the competition through the below:

• Patented, full-strength, searchable cloud encryption protects cloud data-at-rest while preserving user experience.
• Agentless mobile data protection and selective wipe ensure that Bitglass customers enjoy all of the benefits of an MDM solution without violating employee privacy or requiring the headaches associated with deploying and maintaining agents on endpoints.
• Its Zero-day Core, which includes advanced threat protection built for the cloud. While first-gen CASBs leverage signature-based engines for detecting known malware, Bitglass has partnered with Cylance to block both known and zero-day malware threats at upload, at download, and at rest within the cloud – for any app or device. Cylance’s solution is provided through Bitglass’ agentless, real-time protection platform – no endpoint installations are required.

CipherCloud, a leader in cloud security, provides powerful end-to-end protection for data resident in the cloud. Our award-winning cloud access security broker delivers comprehensive visibility, data security, threat protection, and compliance for cloud-based assets. Uniquely, CipherCloud provides the deepest levels of data protection and real-time data access control to provide an immediate solution for challenging cloud security and compliance problems. The world’s largest global enterprises and government institutions in over 25 countries protect and secure their cloud information with CipherCloud. Benefits Minimize Data Breach Risks with Powerful Data Protection End-to-end data protection and other key features ensure unprotected data is never stored in cloud applications or platforms, minimizing the risk of a data breach, financial loss, reputational and legal impact. Improve GDPR Readiness - One Solution to Meet Global Compliance Requirements The CipherCloud CASB+ architecture can address any mix of global compliance requirements and local privacy laws to simplify your cloud-based application adoption. Accelerate Cloud Adoption Move to cloud benefits faster by overcoming cloud security, data privacy and compliance obstacles. Increase Cloud Visibility Discover cloud usage and related data movement and user activity to minimize data lost and compliance risk. Prevent Forced 3rd Party Disclosures Unique key management capabilities give you more control and improve compliance. Enhance Collaborative Governance CASB+ provides a full solution for the collaborative sharing of data with 3rd parties, including full control over sensitive content and full monitoring and logging of activity. Reduce Cost of Ownership One centrally controlled, easy-to-deploy cloud or hybrid platform to address all enterprise cloud requirements, providing end-to-end data protection, and minimizing the scope of compliance audits. Capabilities Transparent Workflow Experience CipherCloud CASB+ extends data protection transparently and seamlessly to the user community, ensuring application experiences are not affected. Any App Connector Customers can integrate powerful application-level protection on sensitive data for their own custom applications. Application Specific Data Protection. CipherCloud CASB+ provides the deepest levels field level data protection for your major enterprise applications. Hybrid Architecture A single CipherCloud platform can support multiple application clouds and any mix of cloud and on-premise key management. Enterprise Integration Complete integrations with EDLP, EDRM, SIEM, IAM, SSO, EMM and NGFW are all in place today. Encryption - Full End-to-End and Searchable Encryption at rest, in-flight, and in-use can address the strongest security requirements while still providing user transparency for search, reporting, sorting, charts, and more. Zero Trust Key Management Full support for HMS and multiple on-premise keys enable you to address the most diverse compliance requirements. Native Device Management Limit authenticated users by device type so that access is done only from trusted designated platforms. Secure Offline Data Access Enable secure document access offline and automatically expire this access with a defined time period.

Cisco Cloudlock is a cloud-native cloud access security broker (CASB) that helps you move to the cloud safely. It protects your cloud users, data, and apps. Cloudlock's simple, open, and automated approach uses APIs to manage the risks in your cloud app ecosystem. With Cloudlock you can more easily combat data breaches while meeting compliance regulations. Features User security Cloudlock uses advanced machine learning algorithms to detect anomalies based on multiple factors. It also identifies activities outside whitelisted countries and spots actions that seem to take place at impossible speeds across distances. Data security Cloudlock's data loss prevention (DLP) technology continuously monitors cloud environments to detect and secure sensitive information. It provides countless out-of-the-box policies as well as highly tunable custom policies. App security The Cloudlock Apps Firewall discovers and controls cloud apps connected to your corporate environment. You can see a crowd-sourced Community Trust Rating for individual apps, and you can ban or whitelist them based on risk. Featured technologies Automated shadow IT visibility Cloudlock technology is now built into Cisco Umbrella to deliver App Discovery and blocking. It provides cloud app usage and risk info to enable secure cloud adoption. Cloudlock's FedRAMP ATO The authority to operate helps you enable secure cloud adoption across multiple platforms. Cloud and application performance monitoring Get end-to-end cloud monitoring with AppDynamics to help manage and visualize your critical cloud-based app performance, in real time.

True cloud security must ensure users are authenticated, that the device used is not compromised, that the network used is safe, and yes, that the user behavior (Access, downloads, uploads, collaboration, reporting) is allowed. To ensure true cloud security, organizations must purchase, integrate, and operate multiple platforms - which is very expensive, very complicated, labor intensive, and extremely time consuming. SecureCloud platform tackles this problem by providing continuous, real time visibility, control and remediation, Coronet SecureCloud ensures that corporate data is used only by trusted users, using trusted devices, connecting through trusted networks to trusted cloud services.

Threat Protection

• Ensure Control over who has access to the cloud platforms, and where from
• Ensure GDPR, HIPPA, SOX, compliance, and detect PII, PHI, and EDR automatically
• Block compromised devices from accessing corporate data in the cloud resources
• Control what users can do, and who they can collaborate with
• Prevent malware spread through cloud usage (such as file sharing)
• Provide visibility into activity in the cloud, the devices used, and the data that was shared
• Detect and mitigate advanced cloud-to-cloud attacks

SecureCloud device authentication

With SecureCloud, an organization can not only enforce fine-grained access control to a cloud service, but also create and enforce a policy that prohibits access from unmanaged devices with no active Coronet agent running. SecureCloud uses federated user authentication processes, such as SAML, that put the SecureCloud service in the path of SaaS applications. Each authentication request is steered to the SecureCloud authentication proxy that performs pre-authentication risk assessment based on user, device and service security postures and makes context-based access decisions.

Location based defense

Many organizations require that sensitive information and services only be accessed on premises or in secure locations. SecureCloud includes sophisticated location resources management and turns raw geo-location data into geo-spatial intelligence, leveraged in access control, threat prevention and data control.

Threat prevention

Additionally, the administrator can mark a named location as trusted or risky (white and black list). For a conditional access policy, the trusted or risky locations are yet another filter options available for conditional access policy definition. Named locations are also important for the reduction of false positives during detection of impossible travel and atypical locations risk events. SecureCloud identifies, mitigates, and automatically remediates threats across cloud services. It monitors activity patterns in the cloud, determines the behavioral models and establishes baselines. Upon connection of a cloud service, all cloud activity is scored according to various predefined risk factors. SecureCloud inspects every user session and takes automatic remediation actions when something happens that is different from either the baseline or from the user’s regular activity. In this manner, SecureCloud continues evolving its models as it observes new and often unusual behavior without human intervention. These capabilities set SecureCloud apart from traditional approaches that require an unreasonable number of manual updates to ensure accurate threats detection.

Discover Shadow IT & Risk Unsanctioned adoption of cloud apps is a top cloud security concern for enterprises. Forcepoint CASB’s secure and non-intrusive approach to cloud app discovery and risk scoring ensures that IT can eliminate blind spots by uncovering what cloud apps are used by employees and their risk profiles. Prevent Leaks of Sensitive Data Inspect files and cloud content in real-time to prevent the malicious or unintentional leakage of confidential information. Identify and analyze sensitive or regulated data stored in cloud file-sync services to understand sharing permissions exposure and ensure compliance with regulations such as PCI, SOX, and HIPAA. Control BYOD Access Minimize the risk of data proliferation to unmanaged or untrusted devices by enforcing device-based access rules. Prevent the downloading or syncing of data to unmanaged devices while allowing online access only to cloud data. Detect & Block Cyber Attacks Forcepoint CASB monitors all user activity and analyzes usage patterns to rapidly detect anomalies that can indicate an account takeover. The dashboard provides a wealth of cloud analytics, highlighting suspicious activities and attempts to compromise accounts. Forcepoint CASB provides visibility and control over sanctioned and unsanctioned cloud apps to enable their safe and productive use. Discover Shadow IT & Risk Unsanctioned adoption of cloud apps is a top cloud security concern for enterprises. Forcepoint CASB’s secure and non-intrusive approach to cloud app discovery and risk scoring ensures that IT can eliminate blind spots by uncovering what cloud apps are used by employees and their risk profiles. Prevent Leaks of Sensitive Data Inspect files and cloud content in real-time to prevent the malicious or unintentional leakage of confidential information. Identify and analyze sensitive or regulated data stored in cloud file-sync services to understand sharing permissions exposure and ensure compliance with regulations such as PCI, SOX, and HIPAA. Control BYOD Access Minimize the risk of data proliferation to unmanaged or untrusted devices by enforcing device-based access rules. Prevent the downloading or syncing of data to unmanaged devices while allowing online access only to cloud data. Detect & Block Cyber Attacks Forcepoint CASB monitors all user activity and analyzes usage patterns to rapidly detect anomalies that can indicate an account takeover. The dashboard provides a wealth of cloud analytics, highlighting suspicious activities and attempts to compromise accounts. Identify Security Gaps Forcepoint CASB uses cloud APIs to analyze your cloud tenants, helping IT review users and admins to detect dormant accounts, external users, and ex-employees that might still have access to your cloud apps. In addition, Forcepoint CASB inspects your tenant security configurations to detect deficiencies and to recommend best-practice settings for effective cloud governance. Optimize Detection of Anomalies and Threats Forcepoint CASB is the only cloud access security broker out there that protects enterprise data from theft and loss due to compromised, malicious, and careless users and that correlates activity anomalies with risky IP addresses. CLOUD GOVERNANCE Cloud App Discovery Uncovers cloud apps – sanctioned and unsanctioned – by inspecting data in user access logs across the enterprise. Also, Forcepoint CASB provides a searchable Cloud App Directory where customers can view details, including customized risk factors, for each cloud app discovered. Cloud App Risk Scoring Harness the ability to categorize and prioritize each cloud app as high, medium, or low risk. Application risk scoring and weighting are based on several categories (Compliance, Security Settings, General Info, Data Leakage, Data Ownership, Account Termination Policy and Auditing), the consolidated results of which can help you prioritize your risk mitigation “to do” list. Detection of Compliance Gaps Gain visibility into cloud app security settings and get notified when SaaS admins make critical configuration changes. Forcepoint CASB compares these settings against a set of industry best practices or compliance standards (e.g., HIPAA, PCI DSS, ISO, CSA) and highlights deficiencies that require immediate attention. Data Governance Scan corporate files and data stored in file-sharing services such as OneDrive, Box, Dropbox and Google Drive. See which ones are sensitive or contain regulated data so that you can initiate a remediation workflow, if necessary (e.g., alert) to meet your compliance requirements. Cloud App Metrics Automate the process of determining what cloud apps users are accessing and details the number of users, activity level, traffic volume and usage hours for each app. Identification of Overspend Review the entitlements of your users. You could be overlooking potential areas of risk or possibly some cost savings opportunities. AUDIT & PROTECTION Enforce BYOD Access Rules to Prevent Data Proliferation Prevent data proliferation to unmanaged devices through auto-sync clients such as Outlook, OneDrive for Business and Box Sync. Forcepoint CASB distinguishes between managed and unmanaged devices so you can create granular device-based access rules to stop data proliferation. Prevent Data Leakage Forcepoint CASB inspects content in real-time, scanning for keywords, phrases, regular expressions, and several other parameters, to ensure compliance with regulations such as PCI DSS, HIPAA, HITECH, GLBA and SOX by applying comprehensive data leak prevention (DLP) capabilities. Forcepoint CASB also includes an ICAP interface to integrate with 3rd-party DLP solutions. Identify Access Anomalies and Threats Forcepoint CASB strengthens cloud security by detecting access anomalies and issues that may indicate an external or insider threat targeting your data. Monitor User & Admin Activity Create a clear and accurate picture of user activity attributes, including user ID, department, location, time, device, application actions and data objects accessed. Track, monitor, and report all administrative and privileged user activity, including data accesses, configuration changes and user permission modifications.

Organizations are increasingly adopting Infrastructure-as-a-Service (IaaS) and Security-as-a-Service (SaaS) services and applications for the agility and savings they offer, but find that they don't have the visibility and control they require. FortiCASB-SaaS is a cloud-native Cloud Access Security Broker (CASB) subscription service that is designed to provide visibility, compliance, data security, and threat protection for cloud-based services being used by an organization. With support for all major IaaS providers and most major SaaS service providers, FortiCASB provides insights into resources, users, behaviors, and data stored in the cloud with comprehensive reporting tools. It also includes advanced controls to extend security policies from within the network perimeter to IaaS resources and SaaS applications. Features and Benefits: API-Based. Direct access to data stored in the cloud for on-network and remote protection. Compliance and DLP. Customizable data loss prevention tools and predefined compliance reporting options. User Insights and Policies. Usage, entitlement, and configuration assessments provide visibility and control for cloud applications. Security Fabric Integration. AV and Sandbox integration scans stored data and protects from the latest threats. Shadow IT Discovery. Consolidated reporting for FortiGate and FortiAnalyzer to detect on-network SaaS usage. Advanced Analytics. Comprehensive and easy-to-use visual tools quickly identify risks and policy violations.

McAfee MVISION Cloud is a cloud access security broker (CASB) that protects data where it lives today, with a solution that was built natively in the cloud, for the cloud. It’s cloud-native data security. Detect Gain complete visibility into data, context, and user behavior across all cloud services, users, and devices. Protect Apply persistent protection to sensitive information wherever it goes inside or outside the cloud. Correct Take real-time actions deep within cloud services to correct policy violations and stop security threats. Featured McAfee MVISION Cloud products

• McAfee MVISION Cloud for Office 365
• McAfee MVISION Cloud for AWS
• McAfee MVISION Cloud for Box
• McAfee MVISION Cloud for Salesforce
• McAfee MVISION Cloud for Azure
• McAfee MVISION Cloud for Shadow IT

Microsoft Cloud App Security is a multimode Cloud Access Security Broker (CASB). It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyberthreats across all your cloud services. Microsoft Cloud App Security natively integrates with leading Microsoft solutions. It is designed with security professionals in mind—providing simple deployment, centralized management, and innovative automation capabilities. FEATURES: Discover and control the use of Shadow IT Identify cloud apps and services used by your organization. Assess their risk levels and business readiness of >16,000 apps against >70 risk and start managing them to ensure security and compliance. Protect your sensitive information anywhere in the cloud Understand, classify and protect the exposure of sensitive information at rest, or leverage out-of-the box policies and automated processes to apply controls in real-time - across all your cloud apps. Protect against cyberthreats and anomalies Detect unusual behavior across cloud apps to identify ransomware, compromised users or rogue applications, analyze high-risk usage and remediate automatically to limit the risk to your organization. Assess the compliance of your cloud apps Assess if your cloud apps meet relevant compliance requirements including regulatory compliance and industry standards. Prevent data leaks to non-compliant apps, and limit access to regulated data.

The Netskope Security Cloud helps the world’s largest organizations take full advantage of the cloud and web without sacrificing security. Our patented Cloud XD technology eliminates blind spots by going deeper than any other security provider to quickly target and control activities across thousands of cloud services and millions of websites. With full control from one cloud, our customers benefit from 360-degree data protection that guards data everywhere and advanced threat protection that stops elusive attacks. At Netskope, we call this smart cloud security. Netskope Security Cloud can be deployed 100% in the cloud, as an on-premises appliance, or via a hybrid configuration that includes both. Cloud and web traffic is steered to Netskope for inspection using our patented all-mode traffic steering technology that provides several out-of-band and inline options ensuring that you get 100 percent coverage for users on premises, mobile, and remote.  For users accessing cloud services, full coverage is provided whether a browser, mobile app, desktop app or sync client is used to access sanctioned or unsanctioned cloud services. TLS-encrypted cloud traffic is safely decrypted using the Netskope cloud-scale architecture as part of the traffic steering process.

The Oracle CASB Cloud Service is the only Cloud Access Security Broker (CASB) that gives you both visibility into your entire cloud stack and the security automation tool your IT team needs. Threat Detection Identify existing threats to your cloud footprint by leveraging real-time threat intelligence feeds and machine learning techniques to establish security baselines and to learn behavior patterns. Predictive Analytics Stay a step ahead of threats with patent-pending modeling techniques that evaluate risks across hundreds of threat vectors to provide you with a concise summary of potential threats. Automated Incident Response Keep enterprises secure by automating responses to threats with forensics, incident management, orchestration and remediation through native capabilities as well as integration with existing technologies. Security Configuration Management Eliminate labor intensive, error prone manual processes and manages security configurations within cloud applications by asserting configurations as well as continuously enforcing them.

Use of SaaS applications is exploding because software as a service is so easy. But, because of that simplicity, the security risks of SaaS are also on the rise. The use of unsanctioned SaaS apps can expose sensitive data and propagate malware – and even sanctioned SaaS adoption can increase the risk of data exposure, breaches and noncompliance. By offering advanced data protection and consistency across clouds, Palo Alto Networks reins in the risks. Our products address your cloud access security broker needs and provide advanced capabilities in risk discovery, data loss prevention, user behavior monitoring and advanced threat protection. Now you can maintain compliance while preventing data leaks and business disruption through a fully cloud-delivered CASB deployment. Risk discovery and deep visibility Palo Alto Networks provides unparalleled visibility and precise control of all applications, including SaaS as one of the many application categories supported through an extensive library of application signatures. Easy-to-navigate SaaS usage dashboards and detailed reporting help rein in shadow IT risk and get you started on your journey to securing SaaS applications. In addition, discover risks at a much deeper level with an API-based approach that provides complete visibility across all user, folder and file activity, generating detailed analysis that helps you quickly determine if there are any data risk- or compliance-related policy violations. Data leak prevention and compliance Define granular, context-aware policy control to drive enforcement as well as quarantine users and data as soon as violations occur. This enables you to quickly and easily satisfy data risk compliance requirements, such as those related to PCI, PII or PHI data, while still maintaining the benefits of cloud-based applications. Aperture can connect directly to enterprise SaaS applications to provide:

• Data classification and monitoring
• Data loss prevention, or DLP, capabilities
• User activity tracking for anomalies
• Known and unknown malware prevention
• Detailed risk and usage reporting

User behavior monitoring Heuristic-based user behavior monitoring and alerting enables you to easily identify suspicious behavior, such as logins from unexpected regions, unusually large usage activity or multiple failed login attempts, indicative of credential theft. Advanced threat prevention WildFire malware prevention service, integrated across the platform, provides advanced threat prevention to block known malware and identify and block unknown malware. You can keep threats from spreading through the SaaS applications, preventing a new insertion point for malware. New malware discovered is automatically shared with the broader enterprise security tools, strengthening your overall security posture.

The SecureIdentity Platform allows organisations to provide verifiable trust in every activity they perform. By providing the identity of the user, the device and the data they are working on you can prove exactly who is doing what at any time Features:

• MFA. SecureIdentity multi-factor authentication (MFA) provides the security of user identity by verifying that a person is who they claim to be, utilising something the user knows (Password/PIN), something they have (Software/Hardware Token) and something they are (Biometric/ Facial Recognition).
• IAM. SecureIdentity IAM enforces access decisions around applications and data repositories. Our solution enhances security by blocking systems such as Shadow IT and by enforcing strong data boundaries and separation of duties.
• CASB. SecureIdentity CASB allows for a layer of security between your traditional on-premise infrastructure and your cloud based SaaS, PaaS and IaaS components.
• IRAD. Built upon artificial intelligence, SecureIdentity IRAD evaluates the user as an ongoing process and will detect any unusual activity or interaction in the user’s actions. This provides real time detailed analysis of the user interaction and allows risk s
• PAM. SecureIdentity PAM provides an interactive broker between users and administrative sessions on protected endpoints. This allows users to gain privileged access to areas they are given permission to access in the Universal Directory, while never actually exposing the credentials to the user at all.
• DLP. SecureIdentity DLP is a data protection portfolio of solutions (on-premises, off-premises and everywhere in between including the cloud), which can prevent the loss of data from malware, insider threat and human error.

Stay secure and compliant when using sanctioned and unsanctioned cloud apps and services on SaaS, PaaS, and IaaS platforms. Get unequaled cloud app security with the deepest visibility, tightest data security, and strongest threat protection from the CASB vendor named a Leader by Gartner and Forrester. Protect SaaS, PaaS, and IaaS Accounts from Misuse, Threats, and Data Loss Confidently use cloud applications and services with CloudSOC. Govern Sanctioned and Unsanctioned Cloud Service Use Protect your accounts, users, and data across the full range of cloud apps. Integrated Cyber Defense with CASB 2.0 Add DLP, SWG, endpoint protection, and more to your CASB security hub. Manage Your Security Posture for Regulatory Compliance Cloud Workload Assurance for IaaS. Managed Cloud Defense: Security Monitoring Expertise Cyber warriors trained for the cloud.