Cloud Access Security Broker (CASB)
A Cloud Access Security Broker (CASB) is a security enforcement point positioned between cloud service consumers and providers that monitors activity, enforces security policies, and provides visibility into cloud application usage across the organization.
Cloud Access Security Brokers (CASBs) serve as a critical control point for organizations that rely on multiple cloud services. As employees adopt SaaS applications for productivity, collaboration, and data storage, CASBs provide the visibility and governance needed to ensure that sensitive data is protected and organizational security policies are enforced consistently.
CASBs deliver four primary pillars of functionality: visibility, compliance, data security, and threat protection. Visibility features discover and catalog all cloud services in use, including unsanctioned shadow IT applications. Compliance capabilities map cloud usage against regulatory requirements and internal policies. Data security features include data loss prevention (DLP), encryption, and tokenization to protect sensitive information as it moves to and from cloud services.
Threat protection capabilities detect compromised accounts, insider threats, and malicious activity within cloud applications through user and entity behavior analytics (UEBA). CASBs can be deployed in multiple modes: as forward proxies that intercept traffic, reverse proxies that protect specific applications, or API-based connectors that integrate directly with cloud service APIs. Many organizations are now adopting CASBs as part of broader Secure Access Service Edge (SASE) architectures that converge network and security functions in the cloud.