Businesses are increasingly relying on cloud applications for critical day-to-day activities, in communication, accounting, marketing, file management and more. Many businesses carry out almost all of their business processes on cloud-hosted applications.
Powerful cloud-based tools like Office 365, Salesforce and Hubspot empower employees to be more productive and have more control over their work, while also allowing businesses to run more efficiently. The SaaS nature of cloud applications also makes billing easier, giving businesses more control over the applications that are working, and those that aren’t.
As more businesses take advantage of these cloud benefits, they’re also relying more on the security of these cloud systems to protect their personal data. Everything from employee details, to customer data, to financial statements are stored in third party cloud-based systems.
To ensure that these systems are secured and that businesses have the control and visibility over their data that they need, businesses are using Cloud Access Security Brokers (CASBs). These services are designed to sit between cloud service users and cloud applications, monitoring activity and ensuring that security policies are properly enforced.
Key features of CASB solutions include enhancing visibility into cloud applications, ensuring companies meet compliance needs with data loss protection policies, enforcing data security policies with access controls and encryption, and providing a strong level of threat protection across cloud accounts.
In this article, we’ll cover the top 10 Cloud Access Security Brokers on the market. We’ll compare the four key features outlined above, as well as other considerations such as ease of use and pricing, to help you find the service that’s right for your organization.
The Top Cloud Access Security Brokers include:
- Bitglass CASB | Lookout (CipherCloud) | Cisco Cloudlock | Forcepoint CASB | McAfee Enterprise | Microsoft Cloud App Security | Netskope Cloud Security Platform | Proofpoint CASB | Symantec CloudSOC | Trend Micro Cloud App Security
Bitglass is an all-in-one CASB solution that provides end-to-end data for across all managed and unmanaged cloud applications. This means it can protect enterprise applications like Office 365 and AWS, while also protecting data and access to unmanaged applications through company devices, including personal file sharing and social media accounts. Bitglass protects critical application data in real time, providing greater admin control and visibility over cloud applications. Bitglass combines key data protection, threat protection, access controls and visibility functionality into one CASB platform.
Bitglass’ data protection features include real-time data leakage prevention, with data redaction and quarantine policies. The platform secure mobile access, allowing admins to wipe corporate data, enforce device policies and prevent unauthorized system access. It also secures sensitive data stored in the cloud with file and field-level data encryption. To manage access to cloud applications, Bitglass authenticates users across applications with single sign-on, with additional multi-factor authentication and contextual controls to limit unauthorized account access. Bitglass provides comprehensive threat protection capabilities. It leverages user and behavioral analytics to detect and remediate against suspicious user behaviors. Bitglass have partnered with multiple threat detection vendors to defend against known and unknown malware, powered by artificial intelligence engines. The service is also able to identity threats at rest, in uploads and downloads.
Bitglass’s CASB also features a portal that provides complete visibility and analytics, allowing admins to monitor all cloud apps from one location. From this dashboard, admins can conduct audits and identify and respond to unsanctioned applications. Bitglass’ comprehensive threat protection policies make it a great solution for those who are looking for complete control and visibility over their cloud-based data.
Lookout CASB (formerly CipherCloud) allows organizations to secure data stored in the cloud. The platform provides visibility into cloud threats, with end-to-end data protection, threat protection and compliance capabilities. It’s designed to improve your IT team’s control over data stored in the control with a range of policies and controls to protect cloud applications. The service can be deployed in the cloud or as a hybrid service, integrating with major enterprise cloud applications to provide threat protection. Lookout CASB provides continuous layers of security; deep visibility, adaptive access controls, data protection, risk compliance, and zero-day threat protection.
Lookout CASB provides visibility into your organizations cloud applications and cloud data storage. It allows security teams to conduct detailed risk assessments into these applications, so that you can detect and remediate any potential issues quickly and efficiently. Alongside this, the solution provides auditing and intelligence overuse behaviors and application usage, allowing you to identify suspicious behaviors. To ensure that access to cloud applications is compliant and properly governed, Lookout CASB provides a range of adaptive access controls. Adaptive access controls perform a continuous risk assessment of users connecting to cloud applications, providing contextual access and ensuring that only the right people can connect to the right applications.
Lookout CASB offers powerful threat protection to identify and remediate threats within cloud-based applications. It provides real-time malware detection, sandboxing and user anomaly detection. Lookout CASB also offers strong data protection policies with tools to make managing data easier for IT teams. It provides data loss prevention, encryption and tokenization in one scalable platform to make managing data protection in cloud applications easier and more efficient. The platform enables IT teams to meet legal and regulatory compliance regulations when it comes to how data is stored. It allows organizations to manage cloud applications across multiple countries in one secure dashboard, with configurable controls and management policies.
Cisco Cloudlock is a comprehensive, cloud-native CASB solution that protects users, data and cloud-applications. It provides key features to improve user, data and application security. These include machine learning systems to detect behavioral anomalies and policies to govern access management. Cloudlock’s data loss prevention secures sensitive information in the cloud, with customizable policies for IT teams to detect and secure information. The platform is fully API based, providing a simplified way to secure access and manage security in cloud applications.
Cisco helps to prevent account compromises and data breaches in the cloud by securing data and applications. It protects against data loss with configurable DLP policies that automate data protection and remediates against threats. The solution provides strong identity security, using user analytics to identify malicious insider threats and compromised accounts. Cisco’s Cloudlock Apps firewall detects, controls and protects cloud applications connected to the enterprise environment, assigning them a crowdsourced security score and allowing IT teams to easily ban or whitelist as needed.
Cloudlock is a simplified, open and automated CASB solution. It provides visibility into clou- based threats, providing add discovery and analytics. Admins are able to look into each vendor and application to view risk details aimed at securing cloud adoption. The service also helps organizations to meet legal compliance regulations, protecting data and managing access to cloud applications. Cisco Cloudlock is sold as a standalone service but is designed to integrate seamlessly with Cisco’s range of security solutions, in particular Cisco Umbrella. Umbrella is a market leading web security platform, and by combining this with Cloudlock, organizations can achieve powerful security against threats both within their cloud applications and beyond.
Forcepoint offer a powerful CASB service that provides enhanced security for cloud applications, allowing organizations to analyze risks and enforce controls. The service allows IT teams to discover, assess and protect applications in the cloud. IT teams get enhanced visibility into what cloud applications are being used inside their organization. Forcepoint uses contextual risk-assessment to assess the security of these applications, alert in admins about risky users and configurations. Forcepoint protects these apps from malware and cloud-based threats with threat protection and context-aware policy enforcement. Combining these three steps with a powerful admin dashboard with enterprise reporting and role-based controls, Forcepoint provides a comprehensive CASB solution.
Forcepoint provides multiple features to enhance application visibility and risk. It provides cloud app discovery, which uses log files to automate discovery and categorization of cloud apps and provides aggregated discovery reports in the centralized discovery dashboard. Alongside automated discovery of cloud applications, Forcepoint provides advanced risk metrics, with detailed cloud application risks analysis with customizable ratings. This means IT teams can evaluate application risk security and collect activity logs for users and privileged users. Forcepoint also provides real-time activity monitoring and analytics, allowing admins to monitor users by group, location, device, application and more. This includes real-time activity monitoring of privileged users and automatic anomaly detection.
Forcepoint CASB provides multiple data loss protection policies. The system identifies and catalogues sensitive and regulated data to ensure that compliance regulations are followed. It also provides user and app governance, benchmarking security configurations against security threats. The service integrates with DLP solutions to provide unified data protection across both on-premises and cloud-based applications and offers granular policies for both mobile and endpoint devices to enable access control and data protection. Forcepoint CASB is a market leading CASB solution, strong on data protection policies and behavioral analysis.
McAfee MVISION Cloud
McAfee are a world leading security company, offering a full enterprise suite of CASB and data security services to protect organizations around the world. McAfee MVISION Cloud is their comprehensive CASB service that helps customers improve visibility, compliance, data security and protection against threats within cloud applications. The service offers powerful data security for cloud apps, automating threat detection and protecting sensitive data stored in the cloud.
MVISION Cloud protects data and stops threats across cloud applications. Key use cases include enforcing data loss prevention policies, preventing the unauthorized sharing of sensitive data, detecting compromised accounts and malware and giving organizations greater visibility into applications. The platform features a unified policy engine, which applies data-protection policies across all cloud services. The platform offers a number of pre-built policies and allows organizations to create and customize their own policies based on business regulations and industry compliance needs.
McAfee is a market leading CASB service, strongly suited to enterprise needs and use cases across a range of industries. The service has a comprehensive dashboard with granular and customizable data-protection policies that make it easier to manage and control cloud applications. McAfee MVISION Cloud is a powerful tool to enforce security policies and ensure threat protection and encryption are delivered across cloud services in one security solution.
Microsoft Cloud App Security
Microsoft Cloud App Security is Microsoft’s own CASB solution, which is designed to enhance visibility, protection and control over cloud applications. It integrates natively with Microsoft’s own cloud apps and is designed to provide visibility into threats and user behaviors, greater control over data and sophisticated analytics to combat cyber threats across cloud applications. The service is built to support Microsoft’s cloud suite, providing centralized management and automation of security processes. Pricing for Microsoft Cloud App Security varies by program region and agreement type.
Cloud App Security provides multiple features to help protect Microsoft’s cloud application suite. It provides analytics to give IT admins more visibility over the cloud applications used by their organization, which includes usage patterns and business readiness, supporting more than 16,000 SaaS apps. It also allows you to manage data loss with pre-built policies and controls to protect access to sensitive information stored in cloud applications. Microsoft’s automated engines can detect unusual behavior across cloud applications to identify malicious activities, including signs of ransomware and malicious applications.
Cloud App Security helps organizations to meet compliance requirements by preventing data leaks and limiting access to regulated data. The service helps to integrate visibility into your cloud platforms, using Microsoft’s Cloud Discovery technology to map and identify the applications your organization is using across your cloud environment. The service offers granular policy controls for organizations to manage threat detection and remediation, as well as data gathering. Microsoft’s CASB is a good option for Office 365 customers as the service integrates natively with Microsoft’s applications and provides a strong level of control and security. This solution is a leading CASB service and has one of the largest customer bases on this list, leveraging the Microsoft brand and integrations with Office 365.
Netskope Security Cloud Platform
Netskope is a market leading CASB service that enables IT teams to more efficiently manage the use of cloud applications. Netskope prevents data loss from both insider threats and external cybercriminals by allowing admins to set granular security policies and gain visibility into their organizations’ threat landscape. It’s designed to secure cloud services such as Office 365, G Suite, Box and AWS, providing comprehensive security across these cloud services to protect against cloud threats and malware.
Netskope Security Cloud Platform allows IT teams to discover and assess risk across their SaaS and cloud applications, providing deep visibility into threats from their cloud dashboard. The service allows users to target and control activities across thousands of cloud services and millions of websites, with enhanced data protection policies and controls. Netskope offer strong threat protection features, using 40 threat intelligence feeds to identify malicious sites, detect anomalous user behavior, and remediate against cloud-based malware.
Netskope provides multiple risk assessment and web discovery features, which are incorporated in their custom dashboard. The service provides enhanced visibility and control over web threats, as well as encryption and tokenization policies. Admins can set granular and customizable data loss protection policies to meet compliance and protect sensitive data, including rule-based access controls enforceable across cloud applications. Netskope deploys 100% in the cloud, with an on-premises appliance and a hybrid option.
Proofpoint’s CASB platform protects cloud applications and users from malware threats, data loss and compliance risks. It secures access and data within cloud apps like Office 365, G Suite, Box and more. The solution provides visibility and control over cloud applications, with analytics to help IT teams grant the right levels of access to users. This is also achieved through built in two-factor authentication and integration with third part identity management applications. Proofpoint are one of the world’s leading email security vendors, with a range of services including email security, threat response and browser isolation. Proofpoint’s CASB platform is popular with their email security customers, and the service is sold as an add-on for this group as well as a standalone product.
Proofpoint’s CASB offers a strong level of threat protection powered by multiple sources of threat intelligence including their own market-leading systems, which span email, web and cloud- based threats. This allows IT teams to detect, investigate and remediate against cloud cyber-attacks and data breach attempts. Their sandboxing and analytics can also detect and remediate against unsafe files uploaded to cloud accounts, giving organizations real-time file protection. In addition, Proofpoint CASB provides comprehensive Data Loss Protection policies, with customizable rules and templates to help IT reams control how data stored in cloud applications is shared and downloaded. Proofpoint allows IT teams to prevent uploads and downloads with browser isolation, as well as enforcing file quarantines and permissions to ensure that data stored in the cloud meets compliance regulations.
Alongside DLP, Proofpoint CASB provides deeper visibility into access to cloud applications through behavioral monitoring, so IT teams can identify malicious activity and compromised accounts. The solution provides a comprehensive overview of cloud access, with visibility at the global, app and user level. It also allows admins to check suspicious logins, activities and DLP alerts using the cloud-based dashboard. Proofpoint CASB profiles 46,000 applications in their catalogues for risk identifiers, helping organizations to identify vendor credibility, vulnerabilities and security gaps. This helps IT teams to manage third-party applications, with policies to automatically give users access or deny access apps that do not meet defined thresholds. Proofpoint’s CASB is a strong solution, especially for existing customers of Proofpoint’s email security solutions.
Symantec CloudSOC is a multi-featured CASB platform offering cloud application assessments, cloud usage analytics, malware analysis and remediation. CloudSOC is a comprehensive platform for cloud application security, which includes auditing, real-time threat detection, protection against data loss and compliance violations and post-incident analysis. The platform allows organizations to more effectively safeguard data, respond to security incidents and protect against threats across their cloud applications.
CloudSOC provides admins with greater visibility and control over cloud IT applications. The platform protects against malicious threats, using Symantec’s threat intelligence and machine learning systems to automatically trigger policy responses. From the admin dashboard, SOC teams can analyze all of their cloud apps, manage data governance, threat protection and policy controls and implement data loss protection policies. CloudSOC enables safer usage and control over cloud applications, securing confidential data in SaaS platforms, with DLP and threat protection. CloudSOC helps to prevent security incidents with API integration and real-time inline controls. Enhanced user behavioral analytics ensure secure use of cloud emails and file sharing. This is augmented by integrations with Symantec Email Security.
Symantec’s CASB solution is comprised of features from two prior acquisitions they made of CASB vendors Blue Coat Systems and FireGlass. Symantec themselves were recently acquired by Broadcom, which some analysts are predicting could cause disruption to partners, customer-support and product roadmaps. However, Symantec CloudSOC has been named a market leader by a range of analyst firms including Gartner, Forrester and Radicatti.
Trend Micro Cloud App Security
Trend Micro Cloud App Security is a CASB solution that provides advanced threat and data protection, as well as email security, for Office 365, G Suite and cloud file-sharing services. The platform offers a range of security controls to protect against ransomware, business email compromise and other forms of cyberattack. This CASB solution enforces compliance across cloud file-sharing services including Box, Dropbox, Google Drive, OneDrive and Teams. Trend Micro’s service is aimed at mid-sized organizations who need broad protection against cloud-based threats.
Trend Micro protects Office 365 and G Suite accounts from advanced malware threats including phishing and account compromise. The service uses machine learning and sandboxing analysis to detect threats, allowing it to identify and remediate against advanced email attacks such as business email compromise and spear-phishing attempts. It also detects credential phishing, scanning links within emails for signs of malicious URLs in real-time. Alongside threat protection, Trend Micro enforces compliance for cloud-file sharing services. It provides data loss protection policies for cloud file-sharing applications and simplifies compliance set-up with 240 pre-built compliance templates and policies to manage users and group policies.
This CASB solution has a focus on simplicity and creating a minimal admin overhead for IT teams. The system deploys via API integration, ensuring there is a high-level of performance and scalability. It integrates seamlessly with other Trend Micro solutions such as their Apex One endpoint protection platform, which can be managed from the same threat detection dashboard. Trend Micro Cloud App security deploys easily, without requiring any complex set up of email MX record changes or web proxies. Trend Micro also offers a managed detection and response service for this solution, with 24/7 alert monitoring, prioritization, investigation and threat hunting. Trend Micro Cloud App Security is a strong CASB solution for mid-sized organizations looking to detect unknown threats in cloud environments and enforce legal compliance.