CASB – cloud access security broker

A cloud access security broker, or CASB, is a type of software developed to help IT departments monitor cloud access and usage by employees and partners. CASBs are deployed to help ensure the company s cloud services are used securely and properly.

CASBs burst onto the scene in the last few years and have enjoyed significant growth as the cloud market has taken off as well. An October 2018 Gartner report reveals about one in five large enterprises are currently deploying a cloud access security broker to control or govern one or more of its cloud services.

How CASBs Operate

CASBs are deployed either directly on-premises or in the cloud, and are interjected between the corporation s cloud services and customers accessing these services through the cloud. Cloud access security brokers enforce security policies for customers and handle security functionality like authentication and authorization, encryption, logging and alerting, malware detection and prevention and more.

Whether set up on premises or in the cloud, CASBs are deployed either as a reverse proxy, a forward proxy, or in an API mode, with many multimode CASBs on the market today offering the ability to choose between these three modes.

Reverse Proxy vs. Forward Proxy vs. API Mode

In the reverse proxy mode, cloud access security brokers can manage user-owned devices without the need for configuration changes or special certificate installation, whereas forward proxies funnel all traffic from managed endpoints directly through the CASB. User-owned devices may not be under the management of CASB control with the forward proxy mode though.

One drawback with both proxy modes of CASBs is that they present a single point of failure, creating the possibility for all of an enterprise s cloud services to be compromised by a DDoS attack.

In the third method, the CASB doesn t operate in the data path to the cloud, which keeps it from being a single point of failure. However, not all cloud services offer API support at this time, which frequently creates the need to deploy one of the proxy modes as well.

Leading Cloud Access Security Broker Vendors

Some of the leading cloud access security broker vendors today include Forcepoint CASB, Microsoft Cloud App Security, Cisco Cloudlock, McAfee MVISION Cloud (formerly McAfee Skyhigh Security Cloud), Bitglass Cloud Security, and Netskope.

Forrest Stroud
Forrest Stroud
Forrest is a writer for Webopedia. Experienced, entrepreneurial, and well-rounded, he has 15+ years covering technology, business software, website design, programming, and more.

Top Articles

List of Windows Operating System Versions & History [In Order]

The Windows operating system (Windows OS) refers to a family of operating systems developed by Microsoft Corporation. We look at the history of Windows...

How to Create a Website Shortcut on Your Desktop

Website Shortcut on Your Desktop reviewed by Web Webster   This Webopedia guide will show you how to create a website shortcut on your desktop using...

What are the Five Generations of Computers? (1st to 5th)

Reviewed by Web Webster Each generation of computer has brought significant advances in speed and power to computing tasks. Learn about each of the...

Hotmail [Outlook] Email Accounts

Launched in 1996, Hotmail was one of the first public webmail services that could be accessed from any web browser. At its peak in...


SHA-256 is an algorithm used for hash functions and is a vital component...

Document Management System

A document management system is an automated software solution businesses and organizations use...

Conti Ransomware

Conti ransomware first emerged in 2020. It uses a ransomware as a service...