Cloud Access Security Broker
The CASB service consists of three parts: Cloud Risk Discovery, Cloud Risk Assessment and Introspection (API).
Cloud Risk Discovery
Discovery is used to recognize and monitor the use of sanctioned and unsanctioned cloud applications in your environment. Discovery is typically deployed to further analyze Mission Control Web Proxy logs for cloud application usage and risk analytics.
Cloud Risk Assessment
Performing a Cloud Risk Assessment (CRA) will help you understand which cloud services are in use in your organization. The assessment will provide you with an overview of the apps, how enterprise ready they, are and how risky they are for your organization. It will additionally provide recommendations for mitigating the identified risk.
By linking the CASB with the API of the cloud applications – called Introspection – policies can be enforced and detect violations in configured cloud apps. Introspection provides access to the data at rest within your sanctioned cloud apps, and using this access, the CASB can apply policies to report, alert and remediate after data security violations. As examples, Introspection can detect the presence of publicly shared files in cloud storage applications, or detect documents containing personal identifying data (PII) in a collaboration app. In both cases, policies can take action to remediate the risk if required.