Top 10 Cloud Access Security Brokers (CASBs)

Bitglass’ data protection features include real-time data leakage prevention, with data redaction and quarantine policies. The platform secure mobile access, allowing admins to wipe corporate data, enforce device policies and prevent unauthorized system access. It also secures sensitive data stored in the cloud with file and field-level data encryption. To manage access to cloud applications, Bitglass authenticates users across applications with single sign-on, with additional multi-factor authentication and contextual controls to limit unauthorized account access. Bitglass provides comprehensive threat protection capabilities. It leverages user and behavioral analytics to detect and remediate against suspicious user behaviors. Bitglass have partnered with multiple threat detection vendors to defend against known and unknown malware, powered by artificial intelligence engines. The service is also able to identity threats at rest, in uploads and downloads.

Bitglass’s CASB also features a portal that provides complete visibility and analytics, allowing admins to monitor all cloud apps from one location. From this dashboard, admins can conduct audits and identify and respond to unsanctioned applications. Bitglass’ comprehensive threat protection policies make it a great solution for those who are looking for complete control and visibility over their cloud-based data.

CipherCloud CASB+ provides visibility into your organizations cloud applications and cloud data storage. It allows security teams to conduct detailed risk assessments into these applications, so that you can detect and remediate against any potential issues quickly and efficiently. Alongside this, the solution provides auditing and intelligence over use behaviours and application usage, allowing you to identify suspicious behaviors. To ensure that access to cloud applications is compliant and properly governed, CipherCloud CASB+ provides a range of adaptive access controls. Adaptive access controls perform continuous risk assessment of users connecting to cloud applications, providing contextual access and ensuring that only that right people can connect to the right applications.

CipherCloud offers powerful threat protection to identify and remediate against threats within cloud-based applications. It provides real-time malware detection, sandboxing and user anomaly detection. CipherCloud CASB+ also offers strong data protection policies with tools to make managing data easier for IT teams. It provides data loss prevention, encryption and tokenization in one scalable platform to make managing data protection in cloud applications easier and more efficient. The platform enables IT teems to meet legal and regulatory compliance regulations when it comes to how data is stored. It allows organizations to manage cloud applications across multiple countries in one secure dashboard, with configurable controls and management policies.

Cisco helps to prevent account compromises and data breaches in the cloud by securing data and applications. It protects against data loss with configurable DLP policies that automate data protection and remediates against threats. The solution provides strong identity security, using user analytics to identify malicious insider threats and compromised accounts. Cisco’s Cloudlock Apps firewall detects, controls and protects cloud applications connected to the enterprise environment, assigning them a crowdsourced security score and allowing IT teams to easily ban or whitelist as needed.

Cloudlock is a simplified, open and automated CASB solution. It provides visibility into clou- based threats, providing add discovery and analytics. Admins are able to look into each vendor and application to view risk details aimed at securing cloud adoption. The service also helps organizations to meet legal compliance regulations, protecting data and managing access to cloud applications. Cisco Cloudlock is sold as a standalone service but is designed to integrate seamlessly with Cisco’s range of security solutions, in particular Cisco Umbrella. Umbrella is a market leading web security platform, and by combining this with Cloudlock, organizations can achieve powerful security against threats both within their cloud applications and beyond.

Forcepoint provides multiple features to enhance application visibility and risk. It provides cloud app discovery, which uses log files to automate discovery and categorization of cloud apps and provides aggregated discovery reports in the centralized discovery dashboard. Alongside automated discovery of cloud applications, Forcepoint provides advanced risk metrics, with detailed cloud application risks analysis with customizable ratings. This means IT teams can evaluate application risk security and collect activity logs for users and privileged users. Forcepoint also provides real-time activity monitoring and analytics, allowing admins to monitor users by group, location, device, application and more. This includes real-time activity monitoring of privileged users and automatic anomaly detection.

Forcepoint CASB provides multiple data loss protection policies. The system identifies and catalogues sensitive and regulated data to ensure that compliance regulations are followed. It also provides user and app governance, benchmarking security configurations against security threats. The service integrates with DLP solutions to provide unified data protection across both on-premises and cloud-based applications and offers granular policies for both mobile and endpoint devices to enable access control and data protection. Forcepoint CASB is a market leading CASB solution, strong on data protection policies and behavioral analysis.

MVISION Cloud protects data and stops threats across cloud applications. Key use cases include enforcing data loss prevention policies, preventing the unauthorized sharing of sensitive data, detecting compromised accounts and malware and giving organizations greater visibility into applications. The platform features a unified policy engine, which applies data-protection policies across all cloud services. The platform offers a number of pre-built policies and allows organizations to create and customize their own policies based on business regulations and industry compliance needs.

McAfee is a market leading CASB service, strongly suited to enterprise needs and use cases across a range of industries. The service has a comprehensive dashboard with granular and customizable data-protection policies that make it easier to manage and control cloud applications. McAfee MVISION Cloud is a powerful tool to enforce security policies and ensure threat protection and encryption are delivered across cloud services in one security solution.

Cloud App Security provides multiple features to help protect Microsoft’s cloud application suite. It provides analytics to give IT admins more visibility over the cloud applications used by their organization, which includes usage patterns and business readiness, supporting more than 16,000 SaaS apps. It also allows you to manage data loss with pre-built policies and controls to protect access to sensitive information stored in cloud applications. Microsoft’s automated engines can detect unusual behavior across cloud applications to identify malicious activities, including signs of ransomware and malicious applications.

Cloud App Security helps organizations to meet compliance requirements by preventing data leaks and limiting access to regulated data. The service helps to integrate visibility into your cloud platforms, using Microsoft’s Cloud Discovery technology to map and identify the applications your organization is using across your cloud environment. The service offers granular policy controls for organizations to manage threat detection and remediation, as well as data gathering. Microsoft’s CASB is a good option for Office 365 customers as the service integrates natively with Microsoft’s applications and provides a strong level of control and security. This solution is a leading CASB service and has one of the largest customer bases on this list, leveraging the Microsoft brand and integrations with Office 365.

Netskope Security Cloud Platform allows IT teams to discover and assess risk across their SaaS and cloud applications, providing deep visibility into threats from their cloud dashboard. The service allows users to target and control activities across thousands of cloud services and millions of websites, with enhanced data protection policies and controls. Netskope offer strong threat protection features, using 40 threat intelligence feeds to identify malicious sites, detect anomalous user behavior, and remediate against cloud-based malware.

Netskope provides multiple risk assessment and web discovery features, which are incorporated in their custom dashboard. The service provides enhanced visibility and control over web threats, as well as encryption and tokenization policies. Admins can set granular and customizable data loss protection policies to meet compliance and protect sensitive data, including rule-based access controls enforceable across cloud applications. Netskope deploys 100% in the cloud, with an on-premises appliance and a hybrid option.

Proofpoint’s CASB offers a strong level of threat protection powered by multiple sources of threat intelligence including their own market-leading systems, which span email, web and cloud- based threats. This allows IT teams to detect, investigate and remediate against cloud cyber-attacks and data breach attempts. Their sandboxing and analytics can also detect and remediate against unsafe files uploaded to cloud accounts, giving organizations real-time file protection. In addition, Proofpoint CASB provides comprehensive Data Loss Protection policies, with customizable rules and templates to help IT reams control how data stored in cloud applications is shared and downloaded. Proofpoint allows IT teams to prevent uploads and downloads with browser isolation, as well as enforcing file quarantines and permissions to ensure that data stored in the cloud meets compliance regulations.

Alongside DLP, Proofpoint CASB provides deeper visibility into access to cloud applications through behavioral monitoring, so IT teams can identify malicious activity and compromised accounts. The solution provides a comprehensive overview of cloud access, with visibility at the global, app and user level. It also allows admins to check suspicious logins, activities and DLP alerts using the cloud-based dashboard. Proofpoint CASB profiles 46,000 applications in their catalogues for risk identifiers, helping organizations to identify vendor credibility, vulnerabilities and security gaps. This helps IT teams to manage third-party applications, with policies to automatically give users access or deny access apps that do not meet defined thresholds. Proofpoint’s CASB is a strong solution, especially for existing customers of Proofpoint’s email security solutions.

CloudSOC provides admins with greater visibility and control over cloud IT applications. The platform protects against malicious threats, using Symantec’s threat intelligence and machine learning systems to automatically trigger policy responses. From the admin dashboard, SOC teams can analyze all of their cloud apps, manage data governance, threat protection and policy controls and implement data loss protection policies. CloudSOC enables safer usage and control over cloud applications, securing confidential data in SaaS platforms, with DLP and threat protection. CloudSOC helps to prevent security incidents with API integration and real-time inline controls. Enhanced user behavioral analytics ensure secure use of cloud emails and file sharing. This is augmented by integrations with Symantec Email Security.

Symantec’s CASB solution is comprised of features from two prior acquisitions they made of CASB vendors Blue Coat Systems and FireGlass. Symantec themselves were recently acquired by Broadcom, which some analysts are predicting could cause disruption to partners, customer-support and product roadmaps. However, Symantec CloudSOC has been named a market leader by a range of analyst firms including Gartner, Forrester and Radicatti.

Trend Micro protects Office 365 and G Suite accounts from advanced malware threats including phishing and account compromise. The service uses machine learning and sandboxing analysis to detect threats, allowing it to identify and remediate against advanced email attacks such as business email compromise and spear-phishing attempts. It also detects credential phishing, scanning links within emails for signs of malicious URLs in real-time. Alongside threat protection, Trend Micro enforces compliance for cloud-file sharing services. It provides data loss protection policies for cloud file-sharing applications and simplifies compliance set-up with 240 pre-built compliance templates and policies to manage users and group policies.

This CASB solution has a focus on simplicity and creating a minimal admin overhead for IT teams. The system deploys via API integration, ensuring there is a high-level of performance and scalability. It integrates seamlessly with other Trend Micro solutions such as their Apex One endpoint protection platform, which can be managed from the same threat detection dashboard. Trend Micro Cloud App security deploys easily, without requiring any complex set up of email MX record changes or web proxies. Trend Micro also offers a managed detection and response service for this solution, with 24/7 alert monitoring, prioritization, investigation and threat hunting. Trend Micro Cloud App Security is a strong CASB solution for mid-sized organizations looking to detect unknown threats in cloud environments and enforce legal compliance.