Currently assisting an org that doesn’t have a CASB solution, but has an audit finding recommending it be implemented.
I have not heard “CASB” discussed recently or seen any big marketing campaigns but I might have been looking the other way. Perhaps everyone has bought one and the advertising has moved on.
Do you have one, and if so, can you share any feedback on the capability, effectiveness and operating overhead needed?
A CASB — cloud access security broker — is a security tool to secure SaaS services. They also provide some security to AWS, Azure and GCP environments. We use ProofPoint’s CASB, but it is quite limited though cheaper than the big players in this space. As a SaaS security tool, a CASB will give you some protection for Office 365, Workday, Salesforce and your other favourite SaaS services. Technically speaking, a CASB speaks directly to SaaS services via APIs. It will give you threat detection and data security. The threat detection is generally detection of suspicious logins and blocking of download/opening of malware-infected files. The data security is usually data loss prevention. Other capabilities vary by vendor. Regarding overhead, we have 60K users distributed globally, and CASB administration takes up the time of 2 FTEs. In general, CASBs are wrapped-up in broader “SASE” or “SSE” toolsets from vendors like Netskope and ZScaler (and, very recently, Microsoft). That is probably why you don’t hear “CASB” uttered so much these days. “Security Service Edge” is all the rage. If you have no protection for SaaS, then you should look at a CASB, for sure. However, another class of tools, so called SaaS Security Posture Management (SSPM) tools is arising, and these provide deep capabilities, particularly regarding entitlements/permissions and attack surface management for SaaS. Obsidian and AppOmni are good ones I’ve seen. Beyond all of the above, the best solution for you — nothing, other tools, CASB or SSPM — depends on your existing landscape and goals. If you provide more info, I can give a more detailed view. Happy to help.