Cloud Access Security Brokers
These products won a Top Rated award for having excellent customer satisfaction ratings. The list is based purely on reviews; there is no paid placement, and analyst opinions do not influence the rankings. Read more about the Top Rated criteria.
Avanan connects leading security technologies to the most widely used enterprise cloud applications, in order to improve protection of sensitive corporate data and IP. According to the vendor, Avanan's one-click deployment allows customers to deploy a new security solution in seconds.…
Zscaler Internet Access is delivered as a security stack as a service from the cloud, and is designed to eliminate the cost and complexity of traditional secure web gateway approaches, and provide easily scaled protection to all offices or users, regardless of location, and minimize…
Microsoft Defender for Cloud Apps (formerly Microsoft Cloud App Security) is a multimode cloud access security broker.
The McAfee MVISION Cloud is a cloud access security broker (CASB), formerly known as Skyhigh CASB before McAfee acquired Skyhigh in January 2018.
CloudLock is a cloud security option acquired by Cisco in August 2016.
Forcepoint CASB promises to help eliminate security and compliance blindspots by providing visibility into users' devices and cloud apps. The vendor promises the following benefits: Discover and risk-prioritize all unsanctioned cloud use (Shadow IT) to quickly and easily determine…
CloudSOC CASB is a cloud access security broker developed by Elastica and now owned and supported by Broadcom, since Broadcom acquired Symantec, who acquired Elastica as part of Blue Coat in 2015.
Netskope cloud access security broker (CASB) enables the user to identify and manage the use of cloud applications, regardless of whether they are managed or unmanaged, and prevents sensitive data from being exfiltrated from your environment by risky insiders or malicious cybercriminals…
Oracle acquired Palerra in September 2016, a cloud security company. The Palerra platform is now offered as Oracle CASB Cloud Service.
WithSecure (formerly F-Secure) Cloud Protection for Salesforce is a cloud security option protecting enterprises using Salesforce.com services.
Versa SASE integrates a comprehensive set of services through VOS™ (Versa Operating System, formerly FlexVNF) delivering security, networking, SD-WAN, and analytics. Built to run in the most complex environments, Versa SASE provides the flexibility and elasticity for simple, scalable,…
Censornet gives mid-market organisations the confidence and control of enterprise-grade cyber protection. Its Autonomous Security platform integrates attack intel across email, web, and cloud to ensure cyber defences react at speed. The vendor states that their AI-driven, autonomous…
Proofpoint Cloud App Security Broker (CASB) secures applications such as Microsoft Office 365, Google’s G Suite, Box, and other services, providing visibility and control over cloud apps.
Cloud Access Security Broker (CASB) from Menlo Security in Mountain View aims to give organizations deep visibility and control over SaaS traffic—including sensitive data protection and read-only access.
Australian company Cogito Group offers the Jellyfish integrated access control based CASB, credential management / PKI solution, and digital identity solution.
A reverse proxy server is helpful in protecting systems against web vulnerabilities, which adds an extra degree of security. The reverse proxy provides protection between external clients and internal services. It provides various features like Rate Limiting, IP Restriction, Load…
Censornet Cloud Application Security (CASB) enables businesses to discover, analyse, secure and manage user interaction with cloud applications. The CASB solution provides visibility and control, and protects mobile workforce. It is integrated with Web Security for visibility and…
Log360 is a unified SIEM solution with integrated DLP and CASB capabilities that detects, prioritizes, investigates, and responds to security threats.
Prisma SaaS (formerly Aperture) from Palo Alto Networks is a CASB solution that looks directly into SaaS applications, providing full visibility into the activities of users and data while granular controls maintain policy to eliminate data exposure and threat risks.
Saviynt headquartered in El Segundo provides cloud access governance and protection for enterprise cloud apps.
CipherCloud is a cloud security option from the company of the same name in San Jose, California.
The iboss Zero Trust Edge, from iboss headquartered in Boston, aims to prevent breaches by making applications, data and services inaccessible to attackers while allowing trusted users to securely and directly connect to protected resources from anywhere.
What is Cloud Access Security Broker (CASB) Software?
Cloud Access Security Broker (CASB) Software is designed to allow organizations to extend their on-premise security policies to it’s interactions with a 3rd-party cloud provider's infrastructure. This software acts as a broker ensuring that network traffic between on-premises devices and the cloud provider complies with the organization's security policies.
The use of unauthorized cloud applications in large enterprises is growing as business units provision their own applications and bypass the IT organization. This practice is highly problematic in regulated industries. CASB can identify unauthorized cloud applications so that they can be brought under the security policies of the organization. This functionality provides organizations visibility into cloud service usage, ensures regulatory compliance, protects organization data, and mitigates some external threats.
CASB software most commonly uses a mix of APIs and proxy services to mediate systems and devices’ interactions with 3rd-party cloud providers. For instance, CASBs will forward proxy managed devices to control interactions to the device from the cloud provider server, and they will also reverse proxy unmanaged devices to control interactions for the unmanaged device to the cloud provider. This allows CASBs to both protect devices and systems from cloud provider vulnerabilities, as well as protecting cloud-based systems from certain device vulnerabilities and risks, particularly unmanaged devices.
CASB Solutions Comparison
When comparing cloud access security brokers, consider these factors:
Granularity of Policy Controls: How granular will each CASB allow administrators to get with security policies? Common factors include device type,
On-Premise and SaaS Integrations: How well does each CASB integration with the other systems the organization uses? Pay close attention to other security systems in particular, such as SIEM, firewalls, or other endpoint security systems. These systems collectively inform the organization’s broader security posture, and should be evaluated holistically.
Use Case: Is the business primarily concerned with maintaining compliance, granting better visibility for other security systems like SIEMs, or protecting data itself? Most CASBs should be able to serve each use case to some extent, but may offer special functions and capabilities for certain use cases, such as meeting specific requirements for highly-regulated industries.
Pricing varies depending on the kinds of access being brokered and the range of services offered by the CASB. Pricing usually starts at $2/month for a functional CASB deployment and scales up to $30+/user/month for more advanced systems and offerings. Budgeting should also account for IT administration and overhead for the CASB.