Elastica CASB Audit - subscription license (3 years) - 1 user
Mfg # CASB-AUD-500-1000-3Y
CDW # 4291021
| UNSPSC 43233205
Know your gear
A Cloud Access Security Broker (CASB) is a visibility and control point residing between employees of an organization and the cloud services and SaaS applications they access (e.g., Box, Dropbox, Google Drive, Office 365, Salesforce, Workday, etc. ). A Cloud Access Security Broker can potentially be deployed in either of two ways: as an on-premises offering or as a cloud-based gateway or proxy through which traffic enterprise traffic can be siphoned (typically on a per-application basis).
Because of its positioning, a Cloud Access Security Broker not only has (potentially granular) visibility into the traffic going to and from a cloud service or SaaS application, but can be used by IT organizations to actively detect threats and enforce policies.
It is unlikely that a single Cloud Access Security Broker (CASB) will offer every one of the above capabilities at the required degree of depth needed for most organizations. Instead, each will provide a subset of these capabilities, and organizations must pick and choose accordingly to ensure an adequate degree of coverage. Beyond that, different vendors will espouse different techniques and will differ with regard to their implementation details. For example, for threat identification and content classification, some vendors might only integrate with legacy solutions or limit themselves to keyword searches and regular expression matching. Other vendors might employ machine learning and natural language processing as well.
Some vendors might deliver their services as an on-premises appliance (physical or virtual). Other vendors might offer a software-based solution. And yet others will provide a cloud-hosted solution (figuratively sitting alongside the very cloud services and SaaS applications they are trying to protect).
It is worth clarifying one point here. People occasionally conflate Cloud Access Security Brokers with SaaS Platform Security Management (SPSM) technologies. The latter provide a similar set of capabilities as CASBs, but do so by leveraging any APIs offered by the SaaS provider to gain visibility into how the cloud service is used. However, only a small fraction of SaaS vendors offer an API (let alone one that is sufficiently robust to provide deep visibility). That said, on-boarding and deploying through a vendor API is extremely simple, so it is worthwhile when it can be done. Nowadays, however, vendors are emerging that provide a hybrid model. They can access SaaS traffic either via API or by sitting as a broker in between employees and SaaS applications. As a result, the term CASB is morphing to incorporate SPSMs as a special case.
Because of its positioning, a Cloud Access Security Broker not only has (potentially granular) visibility into the traffic going to and from a cloud service or SaaS application, but can be used by IT organizations to actively detect threats and enforce policies.
It is unlikely that a single Cloud Access Security Broker (CASB) will offer every one of the above capabilities at the required degree of depth needed for most organizations. Instead, each will provide a subset of these capabilities, and organizations must pick and choose accordingly to ensure an adequate degree of coverage. Beyond that, different vendors will espouse different techniques and will differ with regard to their implementation details. For example, for threat identification and content classification, some vendors might only integrate with legacy solutions or limit themselves to keyword searches and regular expression matching. Other vendors might employ machine learning and natural language processing as well.
Some vendors might deliver their services as an on-premises appliance (physical or virtual). Other vendors might offer a software-based solution. And yet others will provide a cloud-hosted solution (figuratively sitting alongside the very cloud services and SaaS applications they are trying to protect).
It is worth clarifying one point here. People occasionally conflate Cloud Access Security Brokers with SaaS Platform Security Management (SPSM) technologies. The latter provide a similar set of capabilities as CASBs, but do so by leveraging any APIs offered by the SaaS provider to gain visibility into how the cloud service is used. However, only a small fraction of SaaS vendors offer an API (let alone one that is sufficiently robust to provide deep visibility). That said, on-boarding and deploying through a vendor API is extremely simple, so it is worthwhile when it can be done. Nowadays, however, vendors are emerging that provide a hybrid model. They can access SaaS traffic either via API or by sitting as a broker in between employees and SaaS applications. As a result, the term CASB is morphing to incorporate SPSMs as a special case.