March 20, 2024
-
XX Minute Read

The Top 10 Cloud Access Security Broker (CASB) Solutions of 2024

Learn more about the best Cloud Access Security Broker (CASB) solutions — also known as Security Service Edge or SSE solutions — used by cybersecurity professionals to protect cloud applications and cloud data.

CASB Solution Overview

1. Netskope CASB

Netskope CASB is a robust cloud security platform that excels in monitoring SaaS usage, managing shadow IT, and providing basic Data Loss Prevention (DLP) functionality. It has made significant improvements in reporting and facilitates easier integrations. It is commended for its ability to monitor all traffic, protect end-user traffic, and provide visibility into cloud application usage and associated risks. Users appreciate the built-in website classification or safety ratings and the ability to build security policies based on these scores. Moreover, its advanced reporting and tracking mechanisms, easy initial setup, excellent detection capabilities, and cloud control features have been positively received. The solution also offers a unique Cloud Confidence Index that provides insights into the security confidence of providers and boasts of a resilient infrastructure. However, there are areas where Netskope CASB could improve. Users have reported issues related to the public IP, with users’ IP appearing as from a different country, and certain locations blocking Netskope IP ranges. There have been complaints about internet speed and growth and scalability issues. Third-party integration, particularly with other cloud applications, could be enhanced, and problems have been reported with the API. Some users have suggested the need for fine-tuning on core business sites, improving deployment and policy tweaking, and enhancing configuration and user behavior analytics. There were also suggestions for the CASB to work more like a VPN technology rather than a proxy, to improve endpoint device visibility. Lastly, there were calls to improve the dashboard performance, the subscription process, and support services.

2. McAfee Skyhigh Security CASB

McAfee’s CASB (formerly under the MVISION cloud brand) is currently known as Skyhigh Security CASB. It is a robust and detailed security solution known for its comprehensive analysis and excellent visibility into cloud applications. It integrates seamlessly with other applications, particularly Microsoft Office, which makes it a valuable tool for businesses leveraging cloud-based services. With its advanced features like Detokenization and alert systems for abnormal activities, Skyhigh CASB provides a reliable and secure environment for data management. The platform is exceptional at identifying high-risk services, enabling security teams to track and control unsanctioned services effectively. However, Skyhigh CASB does have some limitations. While its interface provides extensive functionality, it can be challenging for beginners to navigate. Users have reported bugs and slow performance at times, which could potentially impact the overall user experience. Additionally, there are also concerns about the timeliness of data reflection from integrated tools.

3. Zscaler CASB

Zscaler Cloud Access Security Broker (CASB) is a user-friendly and easy-to-deploy solution that has a strong zero-trust feature, which provides enhanced security by requiring all users, even those inside an organization’s enterprise network, to be authenticated, authorized, and continuously validating security configuration and posture, before granting access to applications and data​​. However, Zscaler CASB has some areas for improvement. The pre-defined dictionaries that come with the software could be enhanced, providing more out-of-the-box options for users. There are also concerns about the price and the quality of technical support. Users have noted that while Zscaler CASB has a competitive pricing model compared to similar products, the specifics about the cost and licensing model are not clearly outlined. Additionally, the quality of Zscaler’s technical support has room for improvement, according to some users.

4. Palo Alto Networks

Palo Alto is one of the oldest, legacy security solution providers. Under the banner of Prisma Cloud, Palo Alto Networks offers both Cloud Access Security Broker functionality along side Secure Access Service Edge (SASE) features. Its powerful application visibility allows for the identification and understanding of applications, protocols, and services, enabling quick issue detection and resolution. The solution excels in providing container and serverless security, filling a significant gap in the market. It simplifies compliance management by including checks for various standards, such as PCI, DSS, and HIPAA, and supports customizable compliance frameworks via the RQL language. Prisma Cloud is also known for its effective Cloud Security Posture Management (CSPM), offering robust alert and automation features. It is also cloud-agnostic, supporting most popular PaaS and IaaS cloud platforms. It also serves as a single source of truth for threat detection as it’s capable of identifying high or medium-severity threats within an organization. However, despite its capabilities, Prisma Cloud has some limitations. New users, particularly those transitioning from other security platforms, tend to find the learning curve steep and may require comprehensive training. Although it integrates multiple products in a single pane of glass, users report a need for better correlation between these products for enhanced usability and insights. The implementation phase can be challenging, particularly when it comes to coverage across multiple cloud service providers. Furthermore, the current pricing model has been flagged as a business acceptance challenge, suggesting the need for more flexible pricing options​.

5. Symantec CloudSOC CASB

Symantec CloudSOC CASB is a robust cybersecurity solution praised for its comprehensive data protection capabilities. It excels in the detection of a wide array of data types across multiple use cases, including GDPR-related, source code, designs, financial plans, SSN, IDs, etc., and provides coverage across all channels including cloud, email, and data at rest, in-use, and in-motion. This solution is particularly strong in its ability to handle various data formats, including described data, structured and unstructured data image forms, among others. Its machine learning capabilities, integration of UEBA, and extensive data loss prevention (DLP) features further enhance its detection capabilities and policy adaptation. The solution is well-equipped for hybrid environments, allowing for consistent policy application on-premises and in the cloud, and provides excellent cloud service discovery and usage functionalities. However, despite these strong points, Symantec CloudSOC CASB has some room for improvement. The solution could benefit from a stronger focus on data classification to help control false positives and negatives. There is also a need for better troubleshooting support, as users often have to rely on backend support to resolve issues. In addition, the impact of Broadcom’s acquisition of Symantec has had some effect on its market presence. Lastly, while it has been noted that Broadcom is focusing more on the SMB and Mid Enterprise markets, which are becoming increasingly aware of cybersecurity needs, it’s unclear how this focus might impact the development and support for other market segments. Overall, Symantec CloudSOC CASB provides robust and flexible data protection services but could improve in areas of data classification, troubleshooting, and strategic focus.

{{ promo }}

6. Cisco Cloudlock

Cisco Cloudlock is a robust and reliable cloud security platform designed to monitor and safeguard sensitive data stored in the cloud. The platform is particularly well-regarded for its comprehensive feature set, including Zero Trust, Cloud Discovery, Data Loss Prevention, User Behavior Analytics, Record Management, Encryption/Tokenization, Web Content Filtering, Access Control, Inspect Data in Authorized App, IAM Integration, and Policy Management. These features enable businesses to have extensive control and oversight of their data, ensuring that it remains secure and compliant with regulatory standards. Notably, Cloudlock’s capabilities extend to monitoring data ownership and sharing, providing valuable insight into how data is being handled within a network. Furthermore, the tool’s administrative console is seen as seamless and user-friendly, with straightforward alerts that provide necessary information when issues arise. However suggested that vendor support for the platform as well as usability and clear business value might be areas of improvement for the platform.

7. Proofpoint CASB

Proofpoint CASB helps businesses seeking to secure their cloud-based applications and services. Notably, it provides strong threat protection for Microsoft 365, helping to mitigate cyber threats and cyberattacks from phishing and malicious emails. The solution closely monitors cloud storage applications and can identify potentially malicious files, providing an added layer of data protection with its Data Loss Prevention (DLP) services. Its unique feature is the ability to identify users at high risk of account compromise, combining contextual data, such as device, location, and login time, with user behavior analytics and global threat intelligence. This, in conjunction with machine learning, allows for the detection of unusual access attempts and suspicious activities after an account has been compromised. Furthermore, Proofpoint CASB’s API integration is swift and efficient, claiming to allow customers to enable their application APIs to access the service in mere minutes. It also boasts visibility across a staggering 46,000 applications with more than 50 attributes per app, providing a comprehensive view of an organization’s cloud environment.

8. Forcepoint CASB

Forcepoint CASB is a robust Cloud Access Security Broker solution that offers a variety of features designed to safeguard data and regulate access in cloud environments. Users appreciate its web and content filtering capabilities, behavior-based live scrutiny, and its robust integration with Forcepoint’s own Data Loss Prevention (DLP) solution. The solution excels in monitoring shadow IT and provides excellent reporting on this, along with API integration for cloud apps. Its User and Entity Behavior Analytics (UEBA) feature is well-received, despite lacking the capability for more granular analysis. The software supports a zero trust architecture, providing device authentication and user contextual risk-based authentication. Users also commend its reliability, constant improvements, and its role in enhancing performance. However, users have also reported certain limitations of Forcepoint CASB. The solution is considered a bit pricey compared to other similar products on the market. The customer service has been critiqued, with some users finding it lacking. The implementation process has been described as a concern and is considered time-consuming by some. Issues have been noted with syncing the solution with local DLP solutions. The software reportedly lacks the ability to scan for unsanctioned applications, a feature that some users miss.

9. Microsoft Defender for Cloud Apps

Microsoft Defender for Cloud Apps (MCAS) is a Cloud Access Security Broker (CASB) solution that provides robust capabilities in detecting sensitive information being shared, particularly within Microsoft environments like SharePoint, Teams, and OneDrive. It offers a more unified reporting structure compared to other similar solutions and integrates well with technologies such as Azure Information Protection. This makes it a unified solution for organizations looking to secure their cloud-based data and applications or for simply enabling Microsoft cloud app security. Scalability is another strength of MCAS, making it suitable for enterprise-level use. Moreover, the customer support and help desk are reported to be efficient, with the solution largely operating autonomously post-implementation​. However, the solution is not without its limitations. There can be a delay in scanning and applying policies when sensitive information is involved, which might hinder timely response to potential risks. Also, MCAS may not be able to detect all the features required by certain standards, necessitating the use of additional security solutions. It currently lacks the ability to scan Microsoft Teams for the external exchange of images, and the absence of an Optical Character Recognition (OCR) capability was noted. Its reporting capabilities could also be improved, as generating reports currently requires Power Automate, which brings its own monitoring and governance concerns.

10. Lookout CASB

Lookout CASB is a robust and flexible Cloud Access Security Broker solution known for its comprehensive data security features and efficient access control across both cloud and on-premises systems. It provides complete control over access management and security, enabling data protection regardless of the location of the endpoint or the data itself. Users appreciate the system’s simplicity and ease of use, with a straightforward interface and functionality that runs seamlessly in the background. Key features include proactive vulnerability detection and alerts, advanced data searching capabilities in multi-cloud environments, and an option for users to self-remediate security issues, which enhances privacy and reduces the need for backend intervention. While Lookout CASB is highly regarded for its broad set of features and capabilities, there are a few areas identified for improvement. Users have requested enhancements to the system’s APIs to enable more direct querying of data and its use within their own clouds. The activation process for Android and iOS devices could also be more streamlined, with a preference for a simpler, one-click process to reduce the multiple prompts currently required. Additionally, some users have noted the inconvenience of managing multiple apps within the system.

Checklist
The ultimate data protection program checklist
Download now
Research report
Insider Risk Report Q1 2024: The Cubicle Culprits
Download now