Cloud Access Security Brokering
WORLD OF CLOUD ACCESS SECURITY BROKERING
Confidently adopt cloud applications and services without sacrificing security. Manage the unintentional or unapproved movement of sensitive data between cloud app instances and in the context of app risk and user risk, while streamlining security workflows with intuitive policy controls and incident response management.
SECURE YOUR DIGITAL TRANSFORMATION JOURNEY
Quickly identify and manage the use of cloud applications, regardless of whether they are managed or unmanaged. Prevent sensitive data being exfiltrated from your environment by risky insiders or malicious cybercriminals who have breached your perimeter. Provide unrivalled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device. Provide a data-centric approach that empowers security teams with the right balance of protection and speed they need to secure their digital transformation journey.
FEATURES & BENEFITS
Granular Approach
Customisable view of all SaaS, IaaS, and web, activities, users, and devices. Granular enough to differentiate between instances of the same SaaS or IaaS service.
Enterprise-Readiness
The enterprise-readiness of SaaS and IaaS services based on 50+ criteria i.e. security, auditability, and business continuity. Serves as a guidepost to mitigate risk, influence usage and reduce costs.
Deep visibility
Deep visibility to understand user activities in SaaS, IaaS, and web. Drill down into granular details including identity, device, browser, time, location, activity (e.g., ‘share’), content, and more for a full audit trail.
Perform Ad Hoc Queries
Perform ad-hoc queries for on-demand analytics and reports, save queries as custom search results, or generate detailed custom reports using natural language inputs and Boolean operators.
Security and access policies
Security and access policies in context (e.g., service, activity, device). Policies can block, alert, bypass, encrypt, quarantine, and coach. Works with web and managed and unmanaged SaaS and IaaS services.
Simplify deployment and ongoing management
Simplify deployment and ongoing management by orchestrating all SaaS, IaaS, and web policies from one interface. Leverage cloud performance to inspect encrypted traffic including TLS 1.3 natively.
Best-in-class URL database
Govern web use with comprehensive web classification and content filtering. Best-in-class URL database covers 99.9% of the web, intelligence that comes from a dedicated in-house web and cloud application research team, and machine learning-based content analysis for classification of uncategorized URLs.
Built-in Workflows
Use built-in workflows such as quarantine, legal hold, and user coaching with custom messages. Workflows are specific to policies and capabilities, like automatic tombstoning of malware.
Encrypt structured data
Encrypt structured data at rest or in real time in managed services through native format-preserving encryption .w/ AES-256 encryption and a FIPS 140-2 Level 3-certified KMS and the option of using your on-prem HSM.
Leverage pre-built integrations
Leverage pre-built integrations with CSP’s bring your own key (BYOK) capabilities with AES-256 encryption and a FIPS 140-2 Level 3-certified KMS and the option of using your on-premises HSM.
Encrypt unstructured data
Encrypt unstructured data at rest in managed services or in real-time activities with AES-256 encryption and a FIPS 140-2 Level 3-certified KMS and the option of using your on-premises HSM.