CASB

TECHNICAL DEFINITION

A Cloud Access Security Broker (CASB) is an on-premises or cloud-based security policy enforcement point positioned between cloud service consumers and cloud service providers, combining visibility, compliance, data security, and threat protection for Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) environments.

BACKGROUND

Penta Security Inc. is a South Korean global cybersecurity company that provides database encryption products, web application firewall(WAF) SaaS, WAF appliance, and cloud security products. Its headquarters is located in Seoul, South Korea, and it is considered as one of the country’s first-generation security firms.

SYNONYMS & ALIASES

• Cloud Security Broker
• Cloud Security Gateway
• CASB solution

USAGE NOTE

CASBs are crucial for organizations adopting cloud services to extend their on-premises security policies and controls to the cloud.

DEVELOPERS

Organizations developing technology related to CASB.

• Netskope

  Netskope is a leader in CASB, offering cloud security solutions that provide visibility into cloud usage, protect sensitive data, and prevent threats across sanctioned and unsanctioned cloud apps.

• Zscaler

  Zscaler offers a Cloud Access Security Broker (CASB) service as part of its Zero Trust Exchange platform, providing data protection, threat prevention, and compliance for cloud applications.

• Palo Alto Networks

  Palo Alto Networks provides comprehensive CASB capabilities within its Prisma Cloud security platform, offering discovery, data security, threat prevention, and compliance across SaaS applications.

• Microsoft

  Microsoft Defender for Cloud Apps (formerly Microsoft Cloud App Security - MCAS) is Microsoft's native CASB solution, providing deep visibility, strong data controls, and enhanced threat protection for cloud apps.

• Proofpoint

  Proofpoint offers CASB solutions to protect sensitive data and prevent threats across cloud applications, integrating with its broader data loss prevention and threat protection suites.

• Forcepoint

  Forcepoint provides CASB technology as part of its SASE and data-first security solutions, enabling organizations to discover cloud applications, monitor usage, and protect data in the cloud.

• Broadcom (Symantec Enterprise Division)

  Broadcom's Symantec Enterprise division offers CloudSOC CASB, providing security for cloud applications by discovering cloud usage, enforcing policies, and protecting data.

• Trellix

  Trellix (formerly McAfee Enterprise) offers CASB capabilities as part of its unified cloud security platform, providing visibility, data protection, and threat defense for cloud applications.