For VendorsBlog
Login

CASB - Cloud Access Security Broker

CASB - Cloud Access Security Broker

A cloud access security broker (CASB) (sometimes pronounced cas-bee) is on-premises or cloud-based software that sits between cloud service users and cloud applications, and monitors all activity and enforces security policies. A CASB can offer a variety of services, including but not limited to monitoring user activity, warning administrators about potentially hazardous actions, enforcing security policy compliance, and automatically preventing malware.

A CASB may deliver security, the management or both. Broadly speaking, "security" is the prevention of high-risk events, whilst "management" is the monitoring and mitigation of high-risk events.

CASBs that deliver security must be in the path of data access, between the user and the cloud. Architecturally, this might be achieved with proxy agents on each end-point device, or in agentless fashion without requiring any configuration on each device. Agentless CASB allows for rapid deployment and delivers security on all devices, company-managed or unmanaged BYOD. Agentless CASB also respects user privacy, inspecting only corporate data. Agent-based CASB is difficult to deploy and effective only on devices that are managed by the corporation. Agent-based CASB typically inspects both corporate and personal data.

CASBs that deliver management may use APIs to inspect data and activity in the cloud to alert of risky events after the fact. Another management capability of a CASB is to inspect firewall or proxy logs for the usage of cloud applications.

Compare of products in the category CASB - Cloud Access Security Broker

Please turn the screen for optimal content display

Compare: Cloud Access Security Broker (CASB)

Characteristics

Delivery

API

Advanced Threat Protection

Scan Data at Rest

Malware detection and prevention

UBA

Detect Compromised Credentials

Forward and Reverse Proxy

Consolidated Dashboard

Segregation of Data

Managed/Unmanaged Devices

Role Based Access

Single Sign On

Track Downloaded Data

FIPS 140-2 certified

Encrypt Structured/Unstructered Data

Simple and Advanced Data Pattern

Prebuilt Library

Inline DDoS Protection

Integration with On-Prem DLP

Incident Management

Digital Rights Management

Pricing

Cloud
Cloud
Cloud
Cloud
Cloud
Cloud, software or appliance
Cloud
Cloud, appliance
Cloud
Cloud
Cloud
  • MS Office 365
  • Salesforce.com
  • Dropbox
  • G-suite
  • Box
  • MS Office 365
  • MS OneDrive
  • MS SharePoint
  • Google Drive
  • Adobe Analytics
  • Salesforce.com
  • Dropbox
  • Box
  • ServiceNow
  • MS Office 365
  • Salesforce.com
  • Dropbox
  • G-suite
  • Box
  • AWS
  • ServiceNow
  • Slack
  • MS Office 365
  • Salesforce.com
  • Dropbox
  • G-suite
  • Box
  • AWS
  • MS Office 365
  • Google Drive
  • Salesforce.com
  • Dropbox
  • Box
  • AWS
  • MS Office 365
  • Salesforce.com
  • Dropbox
  • Box
  • AWS
  • MS Office 365
  • Salesforce.com
  • Dropbox
  • Box
  • AWS
  • ServiceNow
  • MS Office 365
  • Google Cloud Platform
  • Salesforce.com
  • Box
  • AWS
  • Slack
  • Workplace
  • MS Office 365
  • Salesforce.com
  • Dropbox
  • G-suite
  • Box
  • AWS
  • ServiceNow
  • Slack
  • MS Office 365
  • Google Cloud Platform
  • Salesforce.com
  • Dropbox
  • G-suite
  • Box
  • AWS
  • ServiceNow
  • Slack
  • Workplace
  • MS Office 365
  • Salesforce.com
  • Dropbox
  • G-suite
  • Box
Yes
Yes
Partial
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Partial
Yes
Partial
Partial
Yes
Yes
Yes
N/A
Yes
N/A
Yes
Partial
Yes
Yes
N/A
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Partial
Yes
Yes
N/A
Yes
N/A
Yes
Yes
Yes
N/A
Partial
Partial
Yes
Yes
Yes
Yes
N/A
Yes
N/A
Yes
N/A
Partial
Partial
Yes
N/A
N/A
Partial
N/A
Partial
N/A
N/A
N/A
N/A
N/A
Yes
Partial
N/A
Yes
N/A
Yes
N/A
Yes
N/A
Yes
Yes
Yes
Yes
Partial
Yes
N/A
Yes
N/A
Yes
N/A
Yes
Yes
Yes
Yes
N/A
Yes
N/A
Yes
N/A
Yes
N/A
N/A
Partial
N/A
N/A
On number of users, apps
On number of users, options
N/A
Per user per year
$5 a month per user
Per user per year
Per month, per hour
N/A
N/A
Found mistake? Write us.

The most popular products in category CASB - Cloud Access Security Broker All category products

Suppliers CASB - Cloud Access Security Broker

Bitglass

Bitglass

Bitglass, the total data protection company, is a global cloud access security broker (CASB) and agentless mobile security company based in Silicon... Read more
Vendor, Supplier
CipherCloud

CipherCloud

CipherCloud, the leader in cloud data security, enables companies to adopt the cloud while ensuring data protection, compliance, and control.... Read more
Vendor, Supplier
Cisco

Cisco

Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and... Read more
Vendor, Supplier

F.A.Q about CASB - Cloud Access Security Broker

What is CASB? A Cloud Access Security Broker (CASB) is a policy enforcement point that secures data & apps in the cloud and on any device, anywhere.

What is the difference between security and management? Security is preventing risky events from happening, management is cleaning up after high-risk events.

What is Shadow IT? Cloud applications used by business users without IT oversight, also known as unmanaged apps.

What are managed apps? Cloud Applications that are managed by IT, e.g.Office 365.

What are the types of CASB? Three types of Cloud Access Security Broker

  • a) API-only CASB offer basic management
  • b) multi-mode first-gen CASB offer management & security
  • c) Next-Gen CASB deliver management, security & Zero-Day protection.

What is a forward proxy? A proxy where traffic must be forwarded by the end-point Such proxies requires agents and configuration on client devices.

What is a reverse proxy? A proxy where traffic is automatically routed, requiring no agent or configuration on the end-point.

What is AJAX-VM? Acronym for "Adaptive Javascript and XML- Virtual Machine." AJAX-VM virtualizes cloud apps on the fly so they can be proxied without agents. Reverse-proxy CASB are brittle without AJAX-VM and break frequently with app changes.

What are the types of CASB architecture? There are three types of CASB architecture: API-only, forward proxy, and reverse proxy. Some CASB are API-only, others API and forward proxy. Next-Gen CASBs offer all three with AJAX-VM.

What is CASB encryption?  Encryption/decryption of data prior to upload/download to a cloud application.

What is searchable encryption? An encryption system that combines full encryption with a clear-text index to enable search and sort without compromising encryption strength.

What is tokenization? Obfuscation by encoding each input string as a unique output string.

What is agentless MDM? Mobile security for BYOD that does not require agents. Easy to deploy and has no access to personal data or apps, thereby preserving user privacy.

Materials