Cloud access security broker (CASB) is a class of cloud-based information security software that operates at the application layer of an end-user computing device, restricting the flow of data to and from applications within the cloud. A CASB is different from a traditional firewall or IDS/IPS in that it uses software, rather than hardware, to enforce controls over cloud usage.
CASB provides visibility and control over the cloud access environment, such as SaaS (Software as a Service), PaaS (Platform as a Service), and IaaS (Infrastructure as a Service) applications, and content. Based on years of research and real-world customer deployments, it enables deep visibility and granular policy controls within the cloud without impacting user experience.
Cloud access security broker, better known as CASB, is a market segment that provides solutions to control cloud application usage for the enterprise workforce. A cloud access security broker (CASB) is a software solution that provides a holistic view across security and cloud applications.
Cloud access security brokers typically offer a multi-tenant architecture, eliminating the complexities of large enterprise policy management and infrastructure costs. With this architecture, cloud access security brokers can be configured with key security controls for monitoring and enforcement, including those mandated by the NIST SP 800-53 controls as well as those for DLP and GDPR. In addition, cloud access security brokers provide visibility into cloud applications including SaaS applications, IaaS solutions, PaaS solutions or more traditional on-premise.