# Best Cloud Access Security Broker (CASB) Software - Page 2 *By [Lauren Worth](https://research.g2.com/insights/author/lauren-worth)* Cloud access security broker (CASB) software is used to provide a layer of protection and policy enforcement for employees accessing cloud-based software. CASB serves as a gateway through which companies can enforce their security requirements beyond on-premise and secure connections between employees and cloud service providers. Companies use CASB software to reduce risks related to cloud applications and network connections while simultaneously monitoring actions and behaviors. CASB solutions are also used to identify abnormal behaviors from internal actors and then alert administrators of potential shadow IT and noncompliant behaviors. These tools typically monitor and record the actions taken by an individual using the CASB, who can leverage the data collected for behavioral analysis and reporting. To qualify for inclusion in the Cloud Access Security Broker (CASB) category, a product must: - Secure connections between end users and cloud service providers - Enforce security policies beyond local networks and infrastructure - Protect data and connected devices from cloud-based threats and malware ## How Many Cloud Access Security Broker (CASB) Software Products Does G2 Track? **Total Products under this Category:** 51 ## How Does G2 Rank Cloud Access Security Broker (CASB) Software Products? **Why You Can Trust G2's Software Rankings:** - 30 Analysts and Data Experts - 2,000+ Authentic Reviews - 51+ Products - Unbiased Rankings G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category. ## Which Cloud Access Security Broker (CASB) Software Is Best for Your Use Case? - **Leader:** [Netskope One Platform](https://www.g2.com/products/netskope-one-platform/reviews) - **Highest Performer:** [Zscaler Zero Trust Cloud](https://www.g2.com/products/zscaler-zero-trust-cloud/reviews) - **Easiest to Use:** [Cato SASE Cloud](https://www.g2.com/products/cato-networks-cato-sase-cloud/reviews) - **Top Trending:** [Cato SASE Cloud](https://www.g2.com/products/cato-networks-cato-sase-cloud/reviews) - **Best Free Software:** [Netskope One Platform](https://www.g2.com/products/netskope-one-platform/reviews) --- **Sponsored** ### GoodAccess GoodAccess is a cybersecurity platform (SASE/SSE) that empowers medium-sized enterprises to easily implement Zero Trust Architecture (ZTA) in their infrastructure, regardless of its complexity or scale. By leveraging a Low-Code/No-Code approach, GoodAccess delivers a hardware-free, rapid deployment solution within hours or days, allowing companies to enhance their security without the need for in-house IT experts. Our platform ensures seamless integration with modern SaaS/cloud applications as well as legacy systems, protecting critical assets for remote and hybrid workforces. GoodAccess serves businesses with 50-5000 employees across diverse industries, particularly those adopting multi-cloud and SaaS environments. What does GoodAccess do? GoodAccess protects the customer’s infrastructure under one zero-trust umbrella, regardless of how complex, heterogeneous, or widespread it is. It is a good fit for companies supporting full-remote or hybrid modes of work using both company-issued and employees’ own devices. The low-code/no-code, cloud-based SASE platform allows medium-sized businesses to create and manage zero trust architecture easily. In today’s cybersecurity landscape, this is an essential part of any medium-sized organization’s security, and a highly effective enabler of regulatory compliance. The GoodAccess platform combines several latest technologies to tackle the most pressing cybersecurity challenges of today. ✅ Remote access and BYOD—Device security enforcement with device inventory and posture checks. ✅ Multi-factor authentication (MFA)---Unified MFA solution for all critical systems, including legacy applications. ✅ Identity-based access control (IAM/FwaaS)---Zero-Trust Architecture enabling control of all access by identity (SSO/SCIM). ✅ Network encryption and segmentation—Segmentation at maximum granularity radically reduces the attack surface. ✅ Full control and visibility—Security logs and reports from across the entire organization with SIEM integration. What makes GoodAccess unique? GoodAccess stands out by its usability-first design. It is an all-SaaS, zero-hardware platform that fits any infrastructure to deliver network-based Zero-Trust Architecture (SDP) without the need for an IT expert on staff. Our key uniquenesses include: ✅ Simplicity—Low-code/no-code/no-hardware platform for medium-sized organizations. ✅ Market-leading deployment time—GoodAccess takes hours to days to deploy. ✅ Infrastructure-agnostic—Deployable over any existing infrastructure. ✅ Easy management—No certified IT experts needed. ✅ Zero Trust on network layer—Allows for simple integration of legacy applications. ✅ Based in the EU—Ideal cybersecurity provider for NIS2 compliance. Interested in giving GoodAccess a shot? Book a Free Demo: https://calendar.goodaccess.com/meetings/eva-hisemova Start your Free Trial: https://app.goodaccess.com/free-trial/ [Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&secure%5Bad_slot%5D=category_product_list&secure%5Bcategory_id%5D=1860&secure%5Bdisplayable_resource_id%5D=1848&secure%5Bdisplayable_resource_type%5D=Category&secure%5Bmedium%5D=sponsored&secure%5Bplacement_reason%5D=neighbor_category&secure%5Bplacement_resource_ids%5D%5B%5D=1848&secure%5Bprioritized%5D=false&secure%5Bproduct_id%5D=130601&secure%5Bresource_id%5D=1860&secure%5Bresource_type%5D=Category&secure%5Bsource_type%5D=category_page&secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fcloud-access-security-broker-casb%3Fpage%3D2&secure%5Btoken%5D=30eaa1ed76228989dfdeb9931fae6e6272421c03c46946131fe53133663bd803&secure%5Burl%5D=https%3A%2F%2Fwww.goodaccess.com%2Flp%2Fenterprise-vpn&secure%5Burl_type%5D=custom_url) --- ## What Are the Top-Rated Cloud Access Security Broker (CASB) Software Products in 2026? ### 1. [CloudWize](https://www.g2.com/products/cloudwize-cloudwize/reviews) CloudWize is a no-code Cloud Security Center of Excellence that gives you maximum cloud compliance & security. Get 360° Protection from Architecture Design to Runtime. CludWize enforces cloud regulations with over 1K rules running continuously, scans your cloud vulnerabilities, and remediates them automatically. With our unique investigation graph engine, you can detect and fix cloud issues in minutes instead of days and weeks. This holistic solution offers a blackbox web app penetration test, evolved IAM (identity access management), IaC (infrastructure as code) risk scanning, Data Security Posture Management, and more. Why deal with many tools when you can have everything in one place? CNAPP + WAAP + KSPM – CSPM + CWPP + CIEM + CASB + DSPM + CNSP = CloudWize (CSCoE) **Average Rating:** 4.7/5.0 **Total Reviews:** 11 **How Do G2 Users Rate CloudWize?** - **Ease of Use:** 9.0/10 (Category avg: 8.8/10) **Who Is the Company Behind CloudWize?** - **Seller:** [CloudWize](https://www.g2.com/sellers/cloudwize) - **Year Founded:** 2019 - **HQ Location:** Netanya, IL - **Twitter:** @cloud_wize (94 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/cloudwize-io/about (5 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 50% Small-Business, 33% Mid-Market #### What Are CloudWize's Pros and Cons? **Pros:** - Security (7 reviews) - Ease of Use (6 reviews) - Cloud Integration (5 reviews) - Cloud Management (5 reviews) - Cloud Services (5 reviews) **Cons:** - Complex Implementation (1 reviews) - Complex Setup (1 reviews) - Customization Difficulty (1 reviews) - Difficult Navigation (1 reviews) - Excessive Customization (1 reviews) ### 2. [TrustLayer Cloud Application Security (CASB)](https://www.g2.com/products/trustlayer-cloud-application-security-casb/reviews) Censornet Cloud Application Security (CASB) enables your business to discover, analyse, secure and manage user interaction with cloud applications. Achieve complete visibility and control with a full-featured CASB solution and protect your modern mobile workforce. Integrated with Web Security for visibility and protection at every stage of an attack. **Average Rating:** 4.6/5.0 **Total Reviews:** 4 **How Do G2 Users Rate TrustLayer Cloud Application Security (CASB)?** - **Ease of Use:** 9.4/10 (Category avg: 8.8/10) - **Anomoly Detection:** 8.3/10 (Category avg: 8.5/10) - **Cloud Gap Analytics:** 8.3/10 (Category avg: 8.3/10) - **Cloud Registry:** 8.3/10 (Category avg: 8.5/10) **Who Is the Company Behind TrustLayer Cloud Application Security (CASB)?** - **Seller:** [TrustLayer](https://www.g2.com/sellers/trustlayer-b7906edd-9c0c-4ac2-826a-16f2975e68f4) - **Year Founded:** 2015 - **HQ Location:** Basingstoke, England - **LinkedIn® Page:** https://www.linkedin.com/company/trustlayer-ltd/ (50 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 100% Small-Business ### 3. [VeloCloud SASE](https://www.g2.com/products/velocloud-sase/reviews) VMware VeloCloud SASE, secured by Symantec, is a comprehensive cloud-delivered Secure Access Service Edge platform that integrates VMware's leading SD-WAN technology with Symantec's advanced Security Service Edge capabilities. This unified solution offers enterprises reliable, efficient, and secure access to applications and data from any device and location, ensuring consistent protection across edge locations, applications, users, and devices. Key Features and Functionality: - Enhanced User Experience: VeloCloud SD-WAN automatically recognizes over 4,300 applications, optimizing network performance based on local conditions to ensure seamless user experiences without IT intervention. - Comprehensive Threat Detection and Response: Integration with Symantec's security enforcement points provides proactive network security, including advanced threat intelligence, deep file inspection, sandboxing, and web isolation technologies to protect against sophisticated threats. - Automation for Branch and Edge Connectivity: The solution enables direct forwarding of internet-bound traffic from branch or edge locations to the nearest Symantec Enterprise Cloud location, simplifying the addition of new sites and policy modifications. - Streamlined Management and AI-Enabled Operations: A cloud-delivered architecture reduces IT burdens related to scalability and lifecycle management. Centralized configuration through VMware Edge Cloud Orchestrator and AI-powered analytics provide valuable insights into user experience and security operations. Primary Value and Problem Solved: VeloCloud SASE addresses the challenges of managing and securing distributed enterprise environments by combining networking and security into a single, cloud-delivered service. It enhances security, improves user experience, simplifies management, and streamlines operations, enabling organizations to protect sensitive data, ensure uninterrupted operations, and mitigate potential risks across their distributed infrastructure. **Average Rating:** 4.5/5.0 **Total Reviews:** 11 **How Do G2 Users Rate VeloCloud SASE?** - **Ease of Use:** 9.1/10 (Category avg: 8.8/10) - **Anomoly Detection:** 10.0/10 (Category avg: 8.5/10) - **Cloud Gap Analytics:** 10.0/10 (Category avg: 8.3/10) - **Cloud Registry:** 9.2/10 (Category avg: 8.5/10) **Who Is the Company Behind VeloCloud SASE?** - **Seller:** [Arista Networks](https://www.g2.com/sellers/arista-networks-39d4d864-54b5-4f9b-bebc-dc5cf72757ca) - **Year Founded:** 2004 - **HQ Location:** Santa Clara, US - **Twitter:** @arista_channels (2,447 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/80069/ (5,422 employees on LinkedIn®) - **Ownership:** NYSE:ANET **Who Uses This Product?** - **Top Industries:** Information Technology and Services - **Company Size:** 38% Mid-Market, 38% Small-Business ### 4. [CyberArk Secure Cloud Access](https://www.g2.com/products/cyberark-secure-cloud-access/reviews) CyberArk Secure Cloud Access provisions Zero Standing Privileges (ZSP) across multi-cloud environments, scoping just enough permissions to adhere to the principle of least privilege access. CyberArk is the only Identity Security Platform to apply ZSP across a sprawl of cloud infrastructure and entitlements. Whether operating in Google Cloud, AWS, or Azure, your team can confidently secure the cloud while delivering a user experience native to developers. **Average Rating:** 4.9/5.0 **Total Reviews:** 6 **How Do G2 Users Rate CyberArk Secure Cloud Access?** - **Ease of Use:** 8.7/10 (Category avg: 8.8/10) **Who Is the Company Behind CyberArk Secure Cloud Access?** - **Seller:** [CyberArk](https://www.g2.com/sellers/cyberark) - **Year Founded:** 1999 - **HQ Location:** Newton, MA - **Twitter:** @CyberArk (17,751 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/26630/ (2,893 employees on LinkedIn®) - **Ownership:** NASDAQ:CYBR **Who Uses This Product?** - **Company Size:** 67% Mid-Market, 33% Enterprise #### What Are CyberArk Secure Cloud Access's Pros and Cons? **Pros:** - Ease of Use (2 reviews) - User Interface (2 reviews) - Access Management (1 reviews) - Easy Setup (1 reviews) - Features (1 reviews) ### 5. [HPE Aruba Networking SSE](https://www.g2.com/products/hpe-aruba-networking-sse/reviews) Atmos is a modern Security Service Edge (SSE) platform powered by Axis. Atmos securely connects users to the business resources needed in order to get work done, regardless of application, device, or location. The platform artfully integrates ZTNA, SWG, CASB and Digital Experience monitoring into a single cloud-delivered platform, with one easy to use pane of glass to manage it all. With +350 cloud edges running across Amazon Web Services Global Accelerator, Google Cloud Platform, and Oracle networks, the Atmos platform helps security, networking, and IT leaders enable employees, partners, and customers to securely access business data - without the pitfalls of network-centric solutions or application limitations that every other zero trust service faces. Atmos sits inline, supporting all ports and protocols while inspecting all traffic. With agent and agentless support, Atmos brokers an orchestra of surgical, one-to-one, least-privileged connections based on identity and policy, and performs vital end user experience monitoring to track connections (hop-by-hop) and empower IT to pinpoint issues. Experience work in harmony with Atmos by Axis. **Average Rating:** 4.7/5.0 **Total Reviews:** 13 **How Do G2 Users Rate HPE Aruba Networking SSE?** - **Ease of Use:** 9.6/10 (Category avg: 8.8/10) - **Anomoly Detection:** 6.7/10 (Category avg: 8.5/10) - **Cloud Gap Analytics:** 4.2/10 (Category avg: 8.3/10) - **Cloud Registry:** 8.3/10 (Category avg: 8.5/10) **Who Is the Company Behind HPE Aruba Networking SSE?** - **Seller:** [HP Development Company](https://www.g2.com/sellers/hp-development-company) - **Year Founded:** 1939 - **HQ Location:** Palo Alto, CA - **Twitter:** @HPE (92,074 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/1025/ (85,438 employees on LinkedIn®) - **Ownership:** NYSE: HPQ **Who Uses This Product?** - **Top Industries:** Information Technology and Services - **Company Size:** 38% Mid-Market, 38% Enterprise ### 6. [Menlo Security](https://www.g2.com/products/menlo-security/reviews) Founded over a decade ago, Menlo Security is a global cybersecurity leader. Trusted by over 1,000 enterprises—including Fortune 500 companies and large government agencies—to protect eight million users, Menlo created the industry's first Browser Security Platform. Our platform transforms standard browsers into secure enterprise browsers using a synergistic architecture that combines local controls with the Menlo Secure Cloud Browser. Key capabilities include Adaptive Clientless Rendering (ACR) for safe cloud execution, H.E.A.T Shield AI to block zero-hour phishing, clientless Zero Trust access, and Data Loss Prevention (DLP) with Content Disarm and Reconstruction (CDR). Menlo delivers architectural immunity against evasive threats for both humans and autonomous AI agents. By solving the "Agentic Paradox," we prevent data exfiltration and block zero-day ransomware. Organizations can safely govern Generative AI, secure unmanaged BYOD endpoints, and replace costly VDI and VPNs—all without disrupting user productivity. **Average Rating:** 4.6/5.0 **Total Reviews:** 50 **How Do G2 Users Rate Menlo Security?** - **Ease of Use:** 9.4/10 (Category avg: 8.8/10) - **Anomoly Detection:** 10.0/10 (Category avg: 8.5/10) **Who Is the Company Behind Menlo Security?** - **Seller:** [Menlo Security](https://www.g2.com/sellers/menlo-security) - **Year Founded:** 2012 - **HQ Location:** Mountain View, California, United States - **Twitter:** @menlosecurity (16,957 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/menlo-security/ (445 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Banking, Financial Services - **Company Size:** 47% Enterprise, 24% Mid-Market #### What Are Menlo Security's Pros and Cons? **Pros:** - Security (26 reviews) - Protection (25 reviews) - Ease of Use (23 reviews) - Threat Protection (20 reviews) - Setup Ease (17 reviews) **Cons:** - Slow Performance (6 reviews) - Access Issues (5 reviews) - Performance Issues (5 reviews) - Slow Internet (5 reviews) - Technical Issues (4 reviews) ### 7. [StratoKey](https://www.g2.com/products/stratokey/reviews) StratoKey is a Cloud Access Security Broker (CASB) that specializes in securing cloud and SaaS applications with Encryption, Monitoring, Analytics and Defence (EMAD™). **Average Rating:** 4.2/5.0 **Total Reviews:** 3 **How Do G2 Users Rate StratoKey?** - **Ease of Use:** 8.3/10 (Category avg: 8.8/10) - **Anomoly Detection:** 8.3/10 (Category avg: 8.5/10) - **Cloud Gap Analytics:** 7.5/10 (Category avg: 8.3/10) - **Cloud Registry:** 9.2/10 (Category avg: 8.5/10) **Who Is the Company Behind StratoKey?** - **Seller:** [StratoKey](https://www.g2.com/sellers/stratokey) - **Year Founded:** 2012 - **HQ Location:** N/A - **Twitter:** @StratoKey (203 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/3721059 (5 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 67% Mid-Market, 33% Small-Business ### 8. [Zaperon Identity-centric SSE Platform](https://www.g2.com/products/zaperon-identity-centric-sse-platform/reviews) Today, enterprises are going through rapid transformation with their workforce becoming hybrid, applications moving to cloud and personal devices being allowed. Organizations expose themselves to cyberattacks while employees use VPN to connect to their corporate network from a remote location. Securing access to enterprise applications is “top-of-mind” for IT/Security admins. Moreover, stealing of employee credentials is a big concern for organizations. Zaperon directly addresses this need by providing a comprehensive security layer for application access and enabling zero trust in organizations. Key Features: 1) Passwordless Access to Applications 2) Seamless Single Sign-on to on-premise and cloud applications 3) Secure Remote Access without the need for VPN 4) Zero Trust Granular Access Control 5) Multi-factor Authentication 6) AI-based Continuous Risk Analysis 7) Monitoring Dashboards 8) Cross-platform Compatibility 9) Directory/LDAP Integration Zaperon Differentiators: 1) Streamline Security, Remove Silos – Zaperon Zero Trust streamlines your security operations by offering ‘all-inclusive’ features of identity & access management, passwordless application access, MFA, device binding, VPN, cloud security, single sign-on and password manager solutions. 2) True Passwordless – Unlike password management/vault solutions, Zaperon doesn’t store passwords. It truly makes application access passwordless with secure proprietary technology. 3) Device Binding – Zaperon establishes trust with user devices to ensure only authorized and secure devices connect to enterprise applications. 4) Secure MFA – Zaperon Verify app doesn’t send codes on SMS or emails that can be phished. It also doesn’t do push notification that may lead to MFA fatigue. 5) Continuous Protection – Zaperon performs continuous user behaviour analysis and anomaly detection on device security health parameters to alert admins in real-time. 6) Comprehensive Monitoring – Zaperon provides real-time application-level visibility to IT/security admins through pre-configured dashboards. **Average Rating:** 4.7/5.0 **Total Reviews:** 9 **How Do G2 Users Rate Zaperon Identity-centric SSE Platform?** - **Ease of Use:** 9.1/10 (Category avg: 8.8/10) - **Anomoly Detection:** 8.3/10 (Category avg: 8.5/10) - **Cloud Gap Analytics:** 8.3/10 (Category avg: 8.3/10) - **Cloud Registry:** 8.3/10 (Category avg: 8.5/10) **Who Is the Company Behind Zaperon Identity-centric SSE Platform?** - **Seller:** [Zaperon](https://www.g2.com/sellers/zaperon) - **Year Founded:** 2021 - **HQ Location:** Delhi, IN - **LinkedIn® Page:** https://www.linkedin.com/company/securewithzaperon/ (6 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 56% Mid-Market, 44% Small-Business #### What Are Zaperon Identity-centric SSE Platform's Pros and Cons? **Pros:** - Security (8 reviews) - Secure Access (6 reviews) - Data Security (5 reviews) - Protection (5 reviews) - Access Centralization (4 reviews) **Cons:** - Complex Configuration (2 reviews) - Configuration Issues (2 reviews) - Difficult Learning (2 reviews) - Difficult Learning Curve (2 reviews) - Difficult Learning Process (2 reviews) ### 9. [CloudCodes](https://www.g2.com/products/cloudcodes/reviews) CloudCodes SSO1 is a platform that provides enterprises a simple and unified way to secure web access to all cloud applications. **Average Rating:** 4.0/5.0 **Total Reviews:** 2 **How Do G2 Users Rate CloudCodes?** - **Ease of Use:** 7.5/10 (Category avg: 8.8/10) - **Anomoly Detection:** 5.0/10 (Category avg: 8.5/10) - **Cloud Gap Analytics:** 5.0/10 (Category avg: 8.3/10) - **Cloud Registry:** 5.0/10 (Category avg: 8.5/10) **Who Is the Company Behind CloudCodes?** - **Seller:** [CloudCodes](https://www.g2.com/sellers/cloudcodes) - **Year Founded:** 2011 - **HQ Location:** Pune, IN - **Twitter:** @cloudcodes (373 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/cloudcodes-software-pvt-ltd (19 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 33% Enterprise, 33% Mid-Market ### 10. [DoControl](https://www.g2.com/products/docontrol/reviews) DoControl provides organizations with the automated, self-service tools they require for Software as a Service (SaaS) application data access monitoring, orchestration, and remediation. The solution uncovers all SaaS users, 3rd party collaborators, assets/metadata, OAuth apps, groups, and activity events. From there, security teams can create granular data access control policies to reduce the risk of data overexposure and exfiltration. We take a unique, customer-focused approach to the challenge of labor-intensive security risk management and data loss prevention (DLP) in SaaS. DoControl has no agents, no inline redirections, and no slow response times as commonly found in Cloud Access Security Broker (CASB) solutions. **Average Rating:** 4.5/5.0 **Total Reviews:** 3 **How Do G2 Users Rate DoControl?** - **Ease of Use:** 8.9/10 (Category avg: 8.8/10) - **Anomoly Detection:** 7.5/10 (Category avg: 8.5/10) - **Cloud Gap Analytics:** 7.5/10 (Category avg: 8.3/10) - **Cloud Registry:** 10.0/10 (Category avg: 8.5/10) **Who Is the Company Behind DoControl?** - **Seller:** [DoControl](https://www.g2.com/sellers/docontrol) - **Year Founded:** 2020 - **HQ Location:** New York, US - **LinkedIn® Page:** https://www.linkedin.com/company/do-control/ (55 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 67% Mid-Market, 33% Enterprise #### What Are DoControl's Pros and Cons? **Pros:** - Visibility (3 reviews) - Monitoring (2 reviews) - Real-time Monitoring (2 reviews) - Security (2 reviews) - Access Control (1 reviews) **Cons:** - Complexity (2 reviews) - Difficult Learning (2 reviews) - Access Control (1 reviews) - Complex Configuration (1 reviews) - Configuration Issues (1 reviews) ### 11. [Forcepoint Cloud Access Security Broker (CASB)](https://www.g2.com/products/forcepoint-cloud-access-security-broker-casb/reviews) Forcepoint Cloud Access Security Broker (CASB) enables zero trust access to business-critical SaaS applications with best-in-class data security and malware protection. Forcepoint’s multimode CASB secures any SaaS application with inline (forward and reverse proxy) and out-of-band scanning (API) capabilities. Built on an industry-leading hyperscaler platform for global access, true scalability, and 99.99% uptime, Forcepoint ONE CASB eliminates traditional network boundaries and improves user experience. Get full visibility and control across any SaaS application to give your organization more freedom and flexibility while securing the data from modern SaaS risks. Key product capabilities include: • Visibility into all the SaaS applications in use - including Shadow IT • Agentless, zero trust access to SaaS applications from BYOD and unmanaged devices • Industry-leading data and threat protection capabilities to keep critical data in and threats out • Seamless user experience with direct-to-app access from any location and device **Average Rating:** 4.5/5.0 **Total Reviews:** 2 **How Do G2 Users Rate Forcepoint Cloud Access Security Broker (CASB)?** - **Ease of Use:** 8.3/10 (Category avg: 8.8/10) - **Anomoly Detection:** 8.3/10 (Category avg: 8.5/10) - **Cloud Gap Analytics:** 9.2/10 (Category avg: 8.3/10) - **Cloud Registry:** 8.3/10 (Category avg: 8.5/10) **Who Is the Company Behind Forcepoint Cloud Access Security Broker (CASB)?** - **Seller:** [Forcepoint](https://www.g2.com/sellers/forcepoint) - **Year Founded:** 1994 - **HQ Location:** Austin, TX - **Twitter:** @Forcepointsec (65,452 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/forcepoint/ (1,658 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 50% Enterprise, 50% Small-Business ### 12. [Grip Security](https://www.g2.com/products/grip-security/reviews) Grip brings the industry’s most comprehensive visibility across all enterprise SaaS applications--known or unknown for apps, users, and their basic interactions with extreme accuracy to minimize false positives. Armed with deep visibility, Grip secures all SaaS application access regardless of device or location as well as mapping data flows to enforce security policies and prevent data loss across the entire SaaS portfolio. Finally, Grip complements any CASB deployment. With nominal resourcing, incremental deployment and no performance degradation, deploying Grip will complement your forward or reverse proxy SaaS solutions. Grip fills the hole left by today’s CASBs by providing comprehensive visibility, governance and data loss prevention to help enterprises painlessly secure a burgeoning and chaotic SaaS ecosystem. Grip secures SaaS from the edge with an endpoint-centric approach. The Grip client brings an endpoint-centric approach that gives enterprises an unprecedented SaaS security layer while remaining SaaS agnostic. Like VPN which is the only method to access networks remotely, Grip’s endpoint-centric approach becomes the only way to access your SaaS. **Average Rating:** 4.4/5.0 **Total Reviews:** 5 **How Do G2 Users Rate Grip Security?** - **Ease of Use:** 8.3/10 (Category avg: 8.8/10) - **Anomoly Detection:** 10.0/10 (Category avg: 8.5/10) - **Cloud Gap Analytics:** 10.0/10 (Category avg: 8.3/10) - **Cloud Registry:** 10.0/10 (Category avg: 8.5/10) **Who Is the Company Behind Grip Security?** - **Seller:** [Grip Security](https://www.g2.com/sellers/grip-security) - **Year Founded:** 2021 - **HQ Location:** Boston, US - **LinkedIn® Page:** https://www.linkedin.com/company/grip-security (145 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 40% Enterprise, 40% Small-Business ### 13. [SecureIdentity CASB](https://www.g2.com/products/secureidentity-casb/reviews) SecureIdentity CASB provides additional layers of security between your users as they embrace cloud based applications and services. Allowing organisations to understand the associated risks and what controls are required to allow a safe adoption of cloud. **Average Rating:** 4.0/5.0 **Total Reviews:** 2 **How Do G2 Users Rate SecureIdentity CASB?** - **Ease of Use:** 8.3/10 (Category avg: 8.8/10) - **Anomoly Detection:** 7.5/10 (Category avg: 8.5/10) - **Cloud Gap Analytics:** 8.3/10 (Category avg: 8.3/10) - **Cloud Registry:** 7.5/10 (Category avg: 8.5/10) **Who Is the Company Behind SecureIdentity CASB?** - **Seller:** [SecurEnvoy](https://www.g2.com/sellers/securenvoy) - **Year Founded:** 2003 - **HQ Location:** London, GB - **Twitter:** @securenvoy (654 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/securenvoy (22 employees on LinkedIn®) - **Phone:** 44 (0) 845 2600010 **Who Uses This Product?** - **Company Size:** 100% Small-Business ### 14. [Skyhigh Cloud Access Security Broker](https://www.g2.com/products/skyhigh-cloud-access-security-broker/reviews) Skyhigh Cloud Access Security Broker protects data and stops threats in the cloud across SaaS, and PaaS, and IaaS environments from a single, cloud-native enforcement point. It enables organizations to accelerate their business by giving them visibility and control over their data in the cloud and protection from threats with a frictionless deployment model. Skyhigh CASB is consolidated into a fully converged platform and managed from the same single console as the rest of the Skyhigh SSE services. **Average Rating:** 4.8/5.0 **Total Reviews:** 2 **How Do G2 Users Rate Skyhigh Cloud Access Security Broker?** - **Ease of Use:** 9.2/10 (Category avg: 8.8/10) - **Anomoly Detection:** 10.0/10 (Category avg: 8.5/10) - **Cloud Gap Analytics:** 8.3/10 (Category avg: 8.3/10) - **Cloud Registry:** 10.0/10 (Category avg: 8.5/10) **Who Is the Company Behind Skyhigh Cloud Access Security Broker?** - **Seller:** [Skyhigh Security](https://www.g2.com/sellers/skyhigh-security) - **Year Founded:** 2022 - **HQ Location:** San Jose, CA - **Twitter:** @skyhighsecurity (17,629 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/78449382 (735 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 50% Enterprise, 50% Small-Business ### 15. [Versa SASE](https://www.g2.com/products/versa-networks-versa-sase/reviews) Versa SASE is a cloud-native, multi-tenant, multi-service software for a software defined network. **Average Rating:** 4.7/5.0 **Total Reviews:** 10 **How Do G2 Users Rate Versa SASE?** - **Ease of Use:** 8.8/10 (Category avg: 8.8/10) - **Anomoly Detection:** 8.3/10 (Category avg: 8.5/10) - **Cloud Gap Analytics:** 8.9/10 (Category avg: 8.3/10) - **Cloud Registry:** 9.2/10 (Category avg: 8.5/10) **Who Is the Company Behind Versa SASE?** - **Seller:** [Versa Networks](https://www.g2.com/sellers/versa-networks) - **Year Founded:** 2012 - **HQ Location:** Santa Clara - **Twitter:** @versanetworks (27,866 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2746392 (873 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services - **Company Size:** 46% Mid-Market, 46% Enterprise #### What Are Versa SASE's Pros and Cons? **Pros:** - Ease of Use (1 reviews) - Efficiency (1 reviews) - Reliability (1 reviews) - Security (1 reviews) - Speed (1 reviews) **Cons:** - Connection Issues (1 reviews) - Performance Issues (1 reviews) - Technical Issues (1 reviews) ### 16. [Cloud Access Security Broker (CASB)](https://www.g2.com/products/cloud-access-security-broker-casb/reviews) A CASB or Cloud Access Security Broker is an advanced cloud solution that lets you configure detailed granular access policies and set security control over popular cloud apps such as Google Workspace, Microsoft 365, Atlassian apps, Dropbox, Salesforce, Slack, HubSpot, and a whole lot more. With a CASB in place, your Security Operations Centre (SOC) now has deep visibility into cloud app access controls, can track risky user behavior, check for compliance issues in real time, detect and mitigate potential threat vectors targeted towards your business, and importantly secure your data storage from unauthorized user access. miniOrange CASB was designed keeping in mind custom security requirements and compliance standards that enterprises need to follow at each step to stay ahead of the competition. It securely fits in with your existing cloud infrastructure and helps boost productivity throughout the enterprise **Average Rating:** 4.0/5.0 **Total Reviews:** 1 **How Do G2 Users Rate Cloud Access Security Broker (CASB)?** - **Ease of Use:** 6.7/10 (Category avg: 8.8/10) - **Anomoly Detection:** 10.0/10 (Category avg: 8.5/10) - **Cloud Gap Analytics:** 8.3/10 (Category avg: 8.3/10) - **Cloud Registry:** 8.3/10 (Category avg: 8.5/10) **Who Is the Company Behind Cloud Access Security Broker (CASB)?** - **Seller:** [miniOrange](https://www.g2.com/sellers/miniorange) - **Year Founded:** 2012 - **HQ Location:** Pune, India - **Twitter:** @miniOrange_it (28 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/miniorange/about (541 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 100% Small-Business ### 17. [Cyolo](https://www.g2.com/products/cyolo/reviews) Securely connecting any user from any device​. Trusted access to any system on any network and platform. **Average Rating:** 3.0/5.0 **Total Reviews:** 3 **How Do G2 Users Rate Cyolo?** - **Ease of Use:** 7.2/10 (Category avg: 8.8/10) **Who Is the Company Behind Cyolo?** - **Seller:** [Cyolo](https://www.g2.com/sellers/cyolo) - **Year Founded:** 2020 - **HQ Location:** Ramat Gan, IL - **LinkedIn® Page:** https://www.linkedin.com/company/26244228 (87 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 50% Enterprise, 25% Mid-Market ### 18. [Rezonate Cloud Identity Protection Platform](https://www.g2.com/products/rezonate-cloud-identity-protection-platform/reviews) Rezonate is the Cloud Identity Protection Platform (CIPP) CISOs rely on to eliminate an adversary’s opportunity to breach cloud identity and access. Built for security and loved by DevOps teams, Rezonate transforms the way we protect identities – human or machine – across clouds and identity providers. Our agentless platform combines continuous identity posture, identity detection and response (ITDR) and operational visibility, from build time to real time, to provide security that is as dynamic and automated as the infrastructure it is protecting. **Average Rating:** 5.0/5.0 **Total Reviews:** 1 **How Do G2 Users Rate Rezonate Cloud Identity Protection Platform?** - **Ease of Use:** 10.0/10 (Category avg: 8.8/10) **Who Is the Company Behind Rezonate Cloud Identity Protection Platform?** - **Seller:** [Rezonate](https://www.g2.com/sellers/rezonate) - **Year Founded:** 2022 - **HQ Location:** Boston, US - **LinkedIn® Page:** https://www.linkedin.com/company/rezonatesec/ (22 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 100% Enterprise ### 19. [Atmosec](https://www.g2.com/products/atmosec/reviews) Atmosec takes a holistic approach to securing your ever evolving SaaS ecosystem. Focusing not only on individual services or specific users, Atmosec also understands how different services communicate with each other, how users interact with the ecosystem as well as what data might be passing between different services. Our unique platform monitors the behavior of an unlimited number of SaaS services, as they interact with users and each other and automates the mitigation of actual and potential risks, proactively flagging any anomalies or misconfigurations so that CIOs and CISOs can address them with better visibility and confidence. With advanced Machine Learning capabilities Atmosec alerts on abnormal activity of credentials, over-privileged accounts and API usage as well as stopping SaaS Supply Chain attacks. **Average Rating:** 4.0/5.0 **Total Reviews:** 2 **How Do G2 Users Rate Atmosec?** - **Ease of Use:** 6.7/10 (Category avg: 8.8/10) **Who Is the Company Behind Atmosec?** - **Seller:** [Atmosec](https://www.g2.com/sellers/atmosec) - **Year Founded:** 2021 - **HQ Location:** Tel Aviv, IL - **Twitter:** @Atmosec_ (58 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/atmosec/ (5 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 50% Enterprise, 50% Mid-Market ### 20. [DefenseX](https://www.g2.com/products/defensex/reviews) Isoolate protects users from sophisticated cybersecurity attacks by isolating threats from reaching end-point devices, such as desktops, laptops, smart phones and tablets. Its transformational "application to content protection" technology gives an immediate boost to security posture on any device, anywhere, and over any network. **Who Is the Company Behind DefenseX?** - **Seller:** [Secure Industries](https://www.g2.com/sellers/secure-industries) - **Year Founded:** 2020 - **HQ Location:** New York, US - **LinkedIn® Page:** https://www.linkedin.com/company/defensxy/ (25 employees on LinkedIn®) ### 21. [iboss](https://www.g2.com/products/iboss/reviews) iboss is a leading Zero Trust Secure Access Service Edge (SASE) cloud security platform that consolidates network and security technologies into a single cloud-based service. By integrating VPN, Secure Web Gateway (SWG), SD-WAN, branch firewalls, Browser Isolation, and Cloud Access Security Broker (CASB) capabilities, iboss replaces legacy solutions to enhance security, reduce complexity, and lower costs. Utilizing Zero Trust Network Access (ZTNA), iboss grants users access only to the applications they need based on their identity, minimizing risks of breaches and data loss. As a unified network and security service with a single-pane-of-glass management console, iboss empowers organizations to enhance security, improve user experience, and support a distributed workforce in today's evolving digital landscape. Leveraging a purpose-built cloud architecture backed by 230+ issued and pending patents and more than 100 points of presence globally, iboss processes over 150 billion transactions daily, blocking 4 billion threats per day. More than 4,000 global enterprises trust the iboss platform to support their modern workforces, including a large number of Fortune 50 companies. iboss was named a Leader in the IDC MarketScape for Worldwide ZTNA, one of the Top 25 Cybersecurity Companies by The Software Report, one of the 25 highest-rated Private Cloud Computing Companies to work for by Battery Ventures, CRN’s top 20 Coolest Cloud Security Companies, and is one of Inc.’s 2024 Best Workplaces. To learn more, visit http://www.iboss.com **Average Rating:** 4.0/5.0 **Total Reviews:** 15 **How Do G2 Users Rate iboss?** - **Ease of Use:** 7.9/10 (Category avg: 8.8/10) **Who Is the Company Behind iboss?** - **Seller:** [iboss](https://www.g2.com/sellers/iboss) - **Year Founded:** 2003 - **HQ Location:** Boston, MA - **Twitter:** @iboss (45 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/3520250/ (357 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services - **Company Size:** 50% Mid-Market, 31% Small-Business ### 22. [LTS Secure Cloud Access Security Broker](https://www.g2.com/products/lts-secure-cloud-access-security-broker/reviews) LTS Secure Cloud Access Security Broker has proven itself to be indispensable for cloud security. These days, nearly every organization has fully integrated the cloud in its day-to-day operations. This has led to a large amount of data flowing to and from the cloud, which has made it prone to various security threats. It becomes difficult for the IT department to keep a track of all the apps, cloud providers and data employees are accessing and hence, there is a need to implement a unified security control like CASB Solution. **Who Is the Company Behind LTS Secure Cloud Access Security Broker?** - **Seller:** [LTS Secure](https://www.g2.com/sellers/lts-secure) - **Year Founded:** 2012 - **HQ Location:** Pune, IN - **LinkedIn® Page:** https://www.linkedin.com/company/ltssecure-adaptive-soc-platform-for-cyber-security (10 employees on LinkedIn®) ### 23. [Plurilock](https://www.g2.com/products/plurilock/reviews) Plurilock AI is an award-winning Cloud Access Security Broker (CASB), Data Loss Prevention (DLP) and Single Sign-On (SSO) platform built for small to medium businesses, and priced to meet their budgets. The DLP capabilities protect against loss of sensitive data such as personal information, credit card or company data through email, as well as from your cloud suites such as Google Workspace and Microsoft 365 -- reducing the risk of accidental or deliberate exposure, helping you comply with current legislation, regulations, or cyber insurance requirements. CASB allows you to govern the use of cloud applications, such as preventing the use of personal accounts (Gmail, Hotmail etc.) on protected endpoints, effectively extending your security controls to the cloud. Our SSO provides comprehensive access control features such as the ability to restrict by network, location, device or time of day, ensure that only authorized users are able to access your cloud applications, while the SSO capabilities allow you to streamline access across your cloud applications making it easier for your users, and for you to manage. Our system is easy to configure, many policies allow simple one-click configurations, making it fast to deploy and easy to operate without requiring in-depth knowledge or investments in internal resources. We support Windows, MacOS, Linux and Chromebook environments. If you are considering an upgrade to Google Enterprise, or Microsoft 365 Business Premium, take a look at Plurilock and see how we compare. **Average Rating:** 4.0/5.0 **Total Reviews:** 1 **How Do G2 Users Rate Plurilock?** - **Ease of Use:** 8.3/10 (Category avg: 8.8/10) **Who Is the Company Behind Plurilock?** - **Seller:** [Plurilock](https://www.g2.com/sellers/plurilock) - **Year Founded:** 2016 - **HQ Location:** Victoria, CA - **Twitter:** @plurilock (973 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/615435 (56 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 100% Small-Business #### What Are Plurilock's Pros and Cons? **Pros:** - Access Control (1 reviews) - Secure Access (1 reviews) - Single Sign-On (1 reviews) - Threat Detection (1 reviews) **Cons:** - Integration Issues (1 reviews) ### 24. [Savvy SaaS Security Platform](https://www.g2.com/products/savvy-saas-security-platform/reviews) Savvy is the identity-first security platform built for the way work happens today — in the browser, across hundreds of SaaS apps, on devices you don’t always control. We protect the layer where risk begins and other tools are blind to. Gaps like SSO bypass, unmanaged app usage, risky credentials and MFA misconfigurations. Our patent-pending Enterprise Browsing System combines a secure browser, a lightweight extension, and cloud-based automation to deliver real-time visibility and enforcement — without breaking the way users work. From discovering every app and account, to enforcing your security policies using just-in-time guardrails, Savvy turns identity security into a continuous, proactive layer of protection. Whether you're a CISO, IAM, or IT leader — Savvy gives you control, visibility, and assurance where it matters most: the browser. **Average Rating:** 5.0/5.0 **Total Reviews:** 1 **How Do G2 Users Rate Savvy SaaS Security Platform?** - **Ease of Use:** 8.3/10 (Category avg: 8.8/10) **Who Is the Company Behind Savvy SaaS Security Platform?** - **Seller:** [Savvy Security](https://www.g2.com/sellers/savvy-security) - **Year Founded:** 2021 - **HQ Location:** Palo Alto, US - **LinkedIn® Page:** https://www.linkedin.com/company/savvy-security (71 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 100% Enterprise ### 25. [Symantec Enterprise Cloud](https://www.g2.com/products/symantec-enterprise-cloud/reviews) Symantec Integrated Cyber Defense (ICD is a comprehensive cybersecurity platform designed to unify and streamline security across an organization's entire digital infrastructure. By integrating advanced threat protection, information security, identity management, and compliance solutions, ICD effectively safeguards enterprises against sophisticated cyber threats. This unified approach reduces the complexity and cost associated with managing multiple security products, while enhancing the organization's overall security posture. Key Features and Functionality: - Endpoint Security: Provides multi-layered protection across all endpoints—including desktops, servers, mobile devices, and cloud workloads—ensuring robust defense against emerging threats. - Network Security: Offers both cloud and on-premises solutions to secure network traffic, utilizing advanced proxy architecture to defend against complex threats and ensure secure use of web applications. - Identity Security: Enforces granular security policies to prevent unauthorized access, protecting user identities and their associated privileges from exploitation. - Information Security: Integrates data loss prevention, encryption, and analytics to protect sensitive information across various platforms, including endpoints, cloud services, and on-premises systems. - Cloud Security: Delivers advanced solutions to secure cloud access, infrastructure, and applications, providing visibility and threat protection across public and private cloud environments. - Threat Intelligence: Leverages a global intelligence network that analyzes vast amounts of security data, enabling proactive identification and blocking of advanced targeted attacks. Primary Value and Problem Solved: Symantec Integrated Cyber Defense addresses the challenge of managing disparate security solutions by providing a unified platform that integrates various security technologies. This integration reduces operational complexity and costs, while enhancing the effectiveness of threat detection and response. By offering comprehensive protection across endpoints, networks, applications, and cloud environments, ICD enables organizations to proactively mitigate evolving cyber threats and maintain a robust security posture. **Average Rating:** 4.4/5.0 **Total Reviews:** 27 **How Do G2 Users Rate Symantec Enterprise Cloud?** - **Ease of Use:** 8.8/10 (Category avg: 8.8/10) **Who Is the Company Behind Symantec Enterprise Cloud?** - **Seller:** [Broadcom](https://www.g2.com/sellers/broadcom-ab3091cd-4724-46a8-ac89-219d6bc8e166) - **Year Founded:** 1991 - **HQ Location:** San Jose, CA - **Twitter:** @broadcom (63,400 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/broadcom/ (55,707 employees on LinkedIn®) - **Ownership:** NASDAQ: CA **Who Uses This Product?** - **Top Industries:** Information Technology and Services - **Company Size:** 38% Mid-Market, 38% Enterprise #### What Are Symantec Enterprise Cloud's Pros and Cons? **Pros:** - Ease of Use (3 reviews) - Integrations (3 reviews) - Monitoring (3 reviews) - Security (3 reviews) - Centralized Management (2 reviews) **Cons:** - Complexity (2 reviews) - Difficult Learning (2 reviews) - Expensive (2 reviews) - Complex Configuration (1 reviews) - Complex Implementation (1 reviews) ## What Is Cloud Access Security Broker (CASB) Software? [Security Software](https://www.g2.com/categories/security) ## What Software Categories Are Similar to Cloud Access Security Broker (CASB) Software? - [Zero Trust Networking Software](https://www.g2.com/categories/zero-trust-networking) - [Cloud Edge Security Software](https://www.g2.com/categories/cloud-edge-security) - [Secure Service Edge (SSE) Solutions](https://www.g2.com/categories/secure-service-edge-sse-solutions) --- ## How Do You Choose the Right Cloud Access Security Broker (CASB) Software? ### What You Should Know About Cloud Access Security Broker (CASB) Software ### What is Cloud Access Security Broker (CASB) Software? Cloud access security broker (CASB) technology secures data stored within or processed by cloud-based applications, typically software as a service (SaaS) solutions. Cloud security access brokers focus on protecting cloud applications. Users of CASB can launch and access their cloud applications in a secured environment.These tools utilize multiple security technologies that help prevent unapproved parties from accessing applications while also preventing data loss and data breaches. They provide a single, secure location for users to access applications. Many platforms support single sign-on for easier access once operating in the CASB environment. Some CASB tools provide users with a sandboxed environment. The sandbox is a resource-isolated working environment that ensures files and data are transferred directly to the cloud application provider. Other CASB tools utilize firewall and malware detection features, along with security policy enforcement mechanisms to protect information connected to SaaS applications. These tools can be utilized across devices and operated locally, regardless of the user’s physical location. Individual users can be isolated and cut off from the network. These tools can function across a variety of SaaS applications and software vendors. They can be integrated directly or chosen from a marketplace. Many tools have centralized access through a single sign-on portal. Users can log in to a secure portal and have access to all of the cloud applications they use. Key Benefits of CASB Software - Improves cloud application and data security - Simplifies management to improve compliance-related operations - Improves identity management and user governance - Increases visibility of users, activities, and anomalies ### Why Use Cloud Access Security Broker (CASB) Software? These tools make it easier for businesses to provide secure access to cloud-based applications for their employees. Almost all the benefits of using a CASB system pertain to information security. The majority of benefits can be classified into three categories: threat protection, data security, and governance. **Threat protection —** Threats come in multiple forms and CASB products are prepared to defend against them from any direction. Common threat protection features are designed to prevent phishing, malware, account takeover, and malicious content. Phishing can be prevented by securing cloud-based email applications. Malicious attachments and urls can be flagged or sent to spam. Malware can come from emails, downloads or any other kind of malicious content; if malware is present, CASB software can alert users and prevent them from engaging with it. Account takeover can be discovered by monitoring functionality designed to detect abnormal behavior, policy violations, and unexpected configuration changes. **Data security and loss prevention —** All data requires security, but some information requires more protection than others. CASB tools help users discover sensitive data within cloud-based applications. Most CASB tools allow for user permission policy enforcement, this helps prevent unauthorized parties from viewing or downloading sensitive information. Many sensitive datasets require increased encryption; these files must be classified as such and CASB solutions will enforce stronger encryption and anomaly monitoring on those specific files. **Governance and compliance —** Compliance goes hand in hand with data security and loss prevention. However, increased visibility is a key benefit of CASB solutions. This makes it easier to discover non-compliant datasets and audit systems for policy requirements. They improve a company’s ability to delegate user permissions, enforce security policies and alert security teams of both cloud-based and insider threats. ### What are the Common Features of Cloud Access Security Broker (CASB) Software? **Single sign-on (SSO) —** SSO features provide a single access point for users to access multiple cloud products without multiple logins. This reduces the time users spend finding applications and logging onto them, improving productivity and user experience. **User analytics —** User analytics and monitoring allow companies to view and document individual behaviors and report suspicious activities. They can also alert security teams to compromised accounts by flagging anomalous behaviors. **Cloud gap analytics —** Cloud gap analysis features examine data associated with denied entries and policy violations. This helps provide security teams with information that can be used to improve authentication and security protocols. **Anomaly detection —** Anomaly detection identifies abnormal behavior by monitoring activity related to user behavior and comparing it to benchmarked patterns. **Cloud registry —** Cloud registries provide a list or marketplace of SaaS applications compatible with a CASB solution. Users can access this list to explore integrations or new applications. **Mobile device management (MDM) —** MDM functionality offers users the ability to set standards for types of mobile devices and networks capable of accessing data. This allows security teams to customize access requirements and permissions of off-premise and mobile device users. **Access control —** Access control features typically refers to support of lightweight directory access protocol (LDAP). This simplifies an administrator’s ability to edit or update application availability and information access. **Data encryption —** Data encryption features might refer to data-centric policy enforcement for sensitive information or encompassing encryption for any information stored or accessed through the CASB system. ### Software and Services Related to Cloud Access Security Broker (CASB) Software [**Secure web gateways**](https://www.g2.com/categories/secure-web-gateway) **—** Secure web gateways are similar to CASB products. However, secure web gateways focus on browser security and cloud security access brokers focus on protecting cloud applications. With a CASB, users launch and access their cloud applications within a secured environment. [**Secure email gateways**](https://www.g2.com/categories/secure-email-gateway) **—** Like secure web gateways, secure email gateways operate similarly to CASB technology, but serve a different purpose. Instead of protecting information in cloud-based apps, these tools protect email, text, data, and attachments. [**Firewall software**](https://www.g2.com/categories/firewall) **—** Firewall software is one of the many technologies that allow CASB systems to function securely. While a firewall is necessary for CASB usage, firewalls can be used to secure anything from an entire network to a single endpoint as well.