Data security

Cloud access security broker (CASB)

Provides visibility and control over cloud service usage, enforcing security policies and compliance between users and cloud applications.

Securing access to cloud services and data

Cloud access security broker (CASB) solutions play a crucial role in helping cloud security engineers secure and govern the use of cloud services within their organizations. As cloud adoption accelerates, CASBs act as a security policy enforcement point between cloud service consumers and providers, offering visibility, compliance, data security, and threat protection.

CASBs provide comprehensive visibility into cloud service usage, helping security teams discover and monitor both sanctioned and unsanctioned (shadow IT) cloud applications. This visibility enables organizations to assess the risk associated with various cloud services and enforce consistent security policies across multiple cloud environments.

For cloud security engineers, CASBs offer powerful capabilities such as data loss prevention (DLP), encryption, access control, and threat detection specifically tailored for cloud services. These features help protect sensitive data from unauthorized access or exfiltration, ensure compliance with regulations like GDPR or HIPAA, and defend against cloud-specific threats such as compromised accounts or insider threats. By providing a centralized point of control, CASBs enable organizations to maintain a strong security posture while embracing the flexibility and scalability of cloud services.

Product vendors

Check Point
Cisco
Cloudflare
Cyscale
Fortinet
Google
Microsoft
Normalyze
Palo Alto Networks
Sentra
Sophos
Trellix
Zscaler

Open-source projects

Gapps
Google Workspace security analyzer focusing on permissions and potential security issues within cloud environments.

Similar categories

Cloud security posture management (CSPM)
Continuously monitors cloud infrastructures for risks and misconfigurations, ensuring adherence to security best practices and compliance requirements.
SaaS security posture management (SSPM)
Monitors and secures SaaS applications by managing security configurations, ensuring compliance with data privacy standards in cloud environments.
Data loss prevention (DLP)
Detects and prevents unauthorized transmission of sensitive data across cloud environments, enforcing data protection policies to mitigate data loss risks.
Cloud infrastructure entitlement management (CIEM)
Manages identities and access entitlements in cloud environments to ensure proper privilege distribution and minimize security risks.