What is a CASB?

A CASB (cloud access security broker) is a cloud security tool that enforces security policies between users in an organization and cloud services. CASBs are one of five major security functions in the increasingly popular SASE (Secure Access Service Edge) security model, alongside software-defined wide area network (SD-WAN), firewall-as-a-service (FWaaS), secure web gateway (SWG), zero-trust network access (ZTNA).

How Do CASBs Work?

CASB’s functions are categorized by Gartner into four pillars:

1. Visibility

2. Compliance

3. Data Security

4. Threat Protection

CASB Types

CASBs are categorized by their method of deployment.

There are three main types of CASB:

1. API-based CASB

2. Agent-based CASB (Reverse proxy)

3. Agentless CASB (Forward proxy)

Key takeaways

  • Check icon
    CASBs consolidate security policies across all cloud services an organization uses.
  • Check icon
    They are fundamental to SASE, an emerging Gartner concept that converges network and security functions into a cloud-based model.
  • Check icon
    CASBs can be deployed through APIs or proxies.
  • Check icon
  • Check icon
Reviewed by
No items found.
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

See UpGuard In Action

Book a free, personalized onboarding call with one of our cybersecurity experts.

More from our blog

Learn more about the latest issues in cybersecurity.
Deliver icon

Sign up for our newsletter

Stay up-to-date on everything UpGuard with our monthly newsletter, full of product updates, company highlights, free cybersecurity resources, and more.
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Website Security scan resultsWebsite Security scan rating