Cloud Access Security Brokers

Cloud Access Security Brokers Overview

What is Cloud Access Security Broker (CASB) Software?

Cloud Access Security Broker (CASB) Software is designed to allow organizations to extend their on-premise security policies to it’s interactions with a 3rd-party cloud provider's infrastructure. This software acts as a broker ensuring that network traffic between on-premises devices and the cloud provider complies with the organization's security policies.

The use of unauthorized cloud applications in large enterprises is growing as business units provision their own applications and bypass the IT organization. This practice is highly problematic in regulated industries. CASB can identify unauthorized cloud applications so that they can be brought under the security policies of the organization. This functionality provides organizations visibility into cloud service usage, ensures regulatory compliance, protects organization data, and mitigates some external threats.

CASB software most commonly uses a mix of APIs and proxy services to mediate systems and devices’ interactions with 3rd-party cloud providers. For instance, CASBs will forward proxy managed devices to control interactions to the device from the cloud provider server, and they will also reverse proxy unmanaged devices to control interactions for the unmanaged device to the cloud provider. This allows CASBs to both protect devices and systems from cloud provider vulnerabilities, as well as protecting cloud-based systems from certain device vulnerabilities and risks, particularly unmanaged devices.

CASB Solutions Comparison

When comparing cloud access security brokers, consider these factors:

  1. Granularity of Policy Controls: How granular will each CASB allow administrators to get with security policies? Common factors include device type,

  2. On-Premise and SaaS Integrations: How well does each CASB integration with the other systems the organization uses? Pay close attention to other security systems in particular, such as SIEM, firewalls, or other endpoint security systems. These systems collectively inform the organization’s broader security posture, and should be evaluated holistically.

  3. Use Case: Is the business primarily concerned with maintaining compliance, granting better visibility for other security systems like SIEMs, or protecting data itself? Most CASBs should be able to serve each use case to some extent, but may offer special functions and capabilities for certain use cases, such as meeting specific requirements for highly-regulated industries.

Start a CASB comparison here

Pricing Information

Pricing varies depending on the kinds of access being brokered and the range of services offered by the CASB. Pricing usually starts at $2/month for a functional CASB deployment and scales up to $30+/user/month for more advanced systems and offerings. Budgeting should also account for IT administration and overhead for the CASB.

Cloud Access Security Brokers Products

(1-16 of 16) Sorted by Most Reviews


Avanan connects leading security technologies to the most widely used enterprise cloud applications, in order to improve protection of sensitive corporate data and IP. According to the vendor, Avanan's one-click deployment allows customers to deploy a new security solution in seconds.…

Key Features

  • Anti-malware (31)
  • Management Tools (33)
  • Cusomizability (33)
McAfee MVISION Cloud (formerly Skyhigh CASB)

The McAfee MVISION Cloud is a cloud access security broker (CASB), formerly known as Skyhigh CASB before McAfee acquired Skyhigh in January 2018.

Forcepoint CASB

Forcepoint CASB promises to help eliminate security and compliance blindspots by providing visibility into users' devices and cloud apps. The vendor promises the following benefits: Discover and risk-prioritize all unsanctioned cloud use (Shadow IT) to quickly and easily determine…

Broadcom CloudSOC CASB, formerly from Symantec

CloudSOC CASB is a cloud access security broker developed by Elastica and now owned and supported by Broadcom, since Broadcom acquired Symantec, who acquired Elastica as part of Blue Coat in 2015.

Netskope CASB

Netskope cloud access security broker (CASB) enables the user to identify and manage the use of cloud applications, regardless of whether they are managed or unmanaged, and prevents sensitive data from being exfiltrated from your environment by risky insiders or malicious cybercriminals…

Cisco CloudLock

CloudLock is a cloud security option acquired by Cisco in August 2016.

Microsoft Cloud App Security

Microsoft Cloud App Security (MCAS) is a multimode cloud access security broker.


Saviynt headquartered in El Segundo provides cloud access governance and protection for enterprise cloud apps.

Menlo Security CASB

Cloud Access Security Broker (CASB) from Menlo Security in Mountain View aims to give organizations deep visibility and control over SaaS traffic—including sensitive data protection and read-only access.

Cogito Jellyfish

Australian company Cogito Group offers the Jellyfish integrated access control based CASB, credential management / PKI solution, and digital identity solution.


CipherCloud is a cloud security option from the company of the same name in San Jose, California.


Wiz is a Tel Aviv based, cloud risk visibility solution for enterprise security. It provides a 360° view of security risks across clouds, containers and workloads.

Oracle CASB Cloud Service (formerly Palerra)

Oracle acquired Palerra in September 2016, a cloud security company. The Palerra platform is now offered as Oracle CASB Cloud Service.

Proofpoint Cloud App Security Broker (Proofpoint CASB)

Proofpoint Cloud App Security Broker (CASB) secures applications such as Microsoft Office 365, Google’s G Suite, Box, and other services, providing visibility and control over cloud apps.


Bitglass secure corporate data on mobile devices and tracks sensitive documents on the Internet.

Frequently Asked Questions

What does a CASB do?

Cloud access security brokers act as an intermediary between devices and cloud providers, as well as the systems hosted by the cloud providers. CASBs enforce security policies and protocols in accordance with on-premise systems security.

Who uses CASBs?

CASBs are most commonly used by larger organizations with a mix of on-premise and cloud-based systems.

How does CASB protect the business’s systems and data?

CASBs protect the business by controlling who has access to what cloud-based systems based on predefined policies and controls, preventing unauthorized and vulnerable access to systems.

How much do CASBs cost?

CASBs range from a couple dollars a month per user to $30/user/month, depending on how fully-featured and customizable the CASB is.