A CASB provides enterprises with a critical control point for the secure use of
cloud services across multiple cloud providers software as a service (SaaS) apps
are becoming pervasive in enterprises, A CASB can consolidate multiple types
of security policy enforcement security policies enforced by a CASB include
authentication, single sign-on, authorization, credential mapping, device
profiling, encryption, tokenization, logging, alerting, and malware detection
A CASB has multiple use cases for the enterprise:
Secure shadow IT
Continuous security compliance of critical resources in OCI
Automated anomalous behavior detection with smart policies
Governance of privileged activities
Vulnerability detection by monitoring configuration drifts
Proactive remediation and unified incident management
BEHAVIOR ANALYTICS & THREAT PROTECTION
Detect anomalous behavior of users that may result in insider threat
Compromised accounts that may result in malicious resource usage
Oracle CASB provides a robust built in incident management functionality. This ensures that any alert that is generated by CASB is tracked and appropriate action taken. Additional integrations with incident management solutions such as Service Now are also provided.
Oracle CASB helps detect misconfiguration of various OCI components such as:
Compute Images and Compute Instances
Networking and Load Balancers
Identity Users and Groups
Database Systems and Object Storage
Further, with Smart Policies, customers benefit from the abundance of security
expertise built by experts. These policies are automatically turned off for each
customer to ensure predictable and consistent security across all OCI
A Tour of the Oracle CASB Cloud Service Console:
Get familiar with the major screens and the functions they provide in the
Oracle CASB Cloud Service console.
Incident Management Provider
Threat Intelligence Provider
Manage IP Addresses
How CASBs work:
There are two key ways that a CASB can work. It can be set up as a proxy -
either a forward or a reverse proxy - or it can work in API mode using cloud
providers' APIs to control cloud access and apply corporate security policies.
Increasingly CASBs are becoming "mixed mode" or "multi-mode," using both
proxy and API technology. Both of the approaches have its own pros and cons.
A forward proxy can be used for all types of cloud applications and all data
passes through the proxy, but to use a forward proxy you need to install
self-signed certificates on every single device that accesses the proxy. This can
be difficult to deploy in a distributed environment or one with a large number
of employee-owned mobile devices.
A reverse proxy system is easier in that respect because it is accessible from
any device irrespective of the location, without the need for special
configuration or certificate installation. The drawback is that a reverse proxy
can't work with client-server type apps, which have hard-coded host names.
API-based systems are also easy to deploy. However, there is a drawback and
that is the range of cloud applications. These systems work adequately with
limited resources because not all cloud applications provide API support Proxy
or API architectures. The CASB has ability to perform different actions with
various implications as how it delivers the four pillars of the specific cloud
About Vast Edge - Simplified Cloud Solutions
Founded in the year 2004, Vast Edge is a leading IT Consulting Company and Global Service provider of Business Intelligence, big data analytics, cloud ERP, IoT platform, enterprise backup, and disaster recovery, Blockchain, Cassandra, AI/ML, and Integration solutions. We perform Application modernization, follow continuous change management, and implement advanced practices while working on the key areas of enhancing methodologies of project development.