Microsoft Defender for Cloud Apps

In my organization we use Microsoft Defender for Cloud Apps as a CASB and also to investigate security events. As a CASB we use it primarily to detect Shadow IT, over permissive applications, risky application and blocked content from being downloaded onto non-managed corporate devices. The integration to Microsoft Entra ID is seamless which allows Conditional Access to redirect session to Microsoft Defender for Cloud Apps for it to take actions (Block or Monitor).

• Microsoft Defender for Cloud Apps has had a positive impact on your overall business objectives in the area of security. With the investment in Microsoft E5 licenses it comes as a part of the package. No additional investment for a separate tool and reduces risk which is one of our key business objectives.

Netskope CASB

Netskope CASB, CrowdStrike Falcon

We utilize Microsoft Defender for Cloud apps for several functions including web filtering, SaaS app management and control, and Data Loss Prevention. The cloud inventory works well and provides a simple interface with all of the discovered SaaS apps accessed by the organization. By utilizing the sanctioned and unsanctioned tags, we are able to control the SaaS apps by blocking outright or allowing with controls and monitoring. For DLP, we utilize the alerting to report on suspicious or unusual file transfers.

• Included in the E5 license making total cost of ownership lower compared with competitors and providing greater value for the organization.

Zscaler Internet Access, Zscaler Private Access and Netskope CASB

Zscaler Internet Access, Zscaler Private Access, Jamf Connect, Jamf Protect, Jamf Pro, Infosec IQ, Tenable Lumin, Tenable Vulnerability Management, BindPlane, Google Security Operations, Microsoft Sentinel

• Detail threat detection report
• Inspection on a periodic basis
• Integration with Azure

• it has a positive impact
• less spend on security for clients
• easy apply and less efforts

McAfee MVISION Cloud (formerly Skyhigh CASB)

McAfee MVISION Cloud (formerly Skyhigh CASB), Oracle CASB Cloud Service (formerly Palerra), Jellyfish Dynamix

• There are certain regulatory requirements in our bank for personal data and confidential information that need to be monitored from a security standpoint. It is a regulatory and standard requirement to have such a solution in place.
• From a security monitoring perspective, there is a productivity improvement and fewer human errors.
• In terms of user experience, if users mistakenly put PI information or some kind of data, it can detect and alert them. From that aspect, it is doing the job, but we are using it from a security standpoint. I'm more from a regulatory environment, and there are security requirements that are enforced by regulators

• It has good features which helps our organization to quickly fix challenges.
• It depends on the requirements. Certain requirements are really complex.
• The deployment itself is quite fast because [Microsoft Cloud App Security] is on the cloud, but there are a lot of requirements from the regulations and the bank's standards perspective.

AWS Certificate Manager and McAfee Cloud Workload Security

AWS Security Hub, AWS WAF, McAfee Cloud Workload Security

The entire organization depends on Microsoft Defender for Cloud Apps to protect all our Cloud Apps that we normally use and helps to identify those Apps our employees are using which are risky and does not comply to our organizational needs, in order to keep our organizations Cloud assets secure from external attacks and shield us from internal accidents with excellent reporting capabilities.

• Secure protection to sensitive Cloud data.
• Suspicious activity monitoring.
• Easy management to compliance threats.

• Up-to--date information about every Cloud compliance requirement.
• DLP alerts and activity from suspicious IP address.
• Block downloads to avoid data leaks.

Google Cloud Storage, Salesforce Service Cloud and AWS CloudTrail

IBM Cloudant, SAP on IBM Cloud