Cloud Access Security Brokers (CASB), also known as Cloud Security Gateways, were created to address the increasing cloud security problems facing organizations as cloud and application usage increased over the last decade. Many of the trends that made CASB a requirement have been amplified significantly by the COVID-19 pandemic (including the increase to 70% of employees working remotely, up from 33% prior to the pandemic), which, along with an increase in threats and attacks (with 90% of companies reporting an increase in cyber attacks during COVID), is forcing organizations to improve their cloud security.
Understanding these cloud trends, and solving the security needs of organizations, are critical requirements for today’s Cloud Security Gateway. With the release of the 2021 IDC Marketscape for Cloud Security Gateways (Doc # US48334521), Netskope is proud to announce Netskope Security Cloud is recognized as the undisputed Leader in the CSG space, surpassing all vendors in IDC’s criteria for both Strategies and Capabilities. In the new report, IDC specifically points out Netskope’s ability to handle “advanced use cases,” including “compromised account, data exfiltration, and malicious/accidental insider threat detection.”
Netskope’s longtime leadership and innovation in CASB technology has led to key feature additions and improvements that are important to highlight, including improvements around UEBA anomaly detection, along with the addition of AI and ML across Netskope security technologies, and the ability to apply Netskope’s advanced technologies across any and all instances of applications.
Adoption of the cloud by organizations reached record high rates (the number of cloud apps in use by organizations increased by 20% just in 2020 alone) during the pandemic, meaning more corporate data moved to cloud repositories to make data accessibility by work-from-home users easier. That same move also made data more accessible to hackers and threat actors. With cloud adoption, data protection is perhaps the most important requirement of a Cloud Security Gateway solution, and Netskope’s capability in data protection is praised by IDC as having “rare and advanced functionality in key [DLP] functions.” Some of Netskope’s existing data protection features include detection of over 1,500 file types (documents, images, database files, executables, etc.), over 3,000 data identifiers out-of-the-box, over 40 compliance templates including PCI DSS, HIPAA, and GDPR, Exact Data Matching (EDM), Optical Character Recognition, granular DLP controls, encrypted/password protected file recognition, and policy.
More recently Netskope has added advanced AI and ML-based document classification models to improve its recognition of sensitive information (with an improvement of up to 10x in internal testing), including patent, M&A-related content, and PII content. AI and ML-based models also have the benefit of improving false-positive rates.
Equally important as data protection is threat protection, especially with the increased attacks and threats facing organizations. In the new report, IDC also recognizes Netskope’s superior threat protection, noting “In terms of threat detection efficacy, Netskope boasts an unusually high blocking mode rate (versus simple alerting) that indicates a low rate of false positives” and also stated “the solution goes beyond basic blocking, offering alerting, encrypting, redirecting, and other responses to violations, depending on extensive contextual information (e.g., user, application, data, device, and location).”
In addition to the capabilities that IDC points out, Netskope has been improving its threat protection capabilities by adding improvements and features, including in-house threat detection engines, anti-malware, cloud sandbox, ML-based threat detection classifiers, Yara engine for malicious binaries, DGA ML classifiers, and ML-based file behavior analysis.
Shadow IT, the original use case for Cloud Security Gateways, still remains and is another security risk that was amplified during the pandemic. Shadow IT is about understanding how users utilize the cloud, both in approved and unapproved use of applications, and also in understanding the behavior as well as the riskiness of applications in use. In addition to detection cloud use, Netskope has several technologies to detect anomalous user behavior including UEBA machine learning, user trust scores, sequential anomaly rules, dynamic peer grouping and event correlation, and user activity visualization.
In addition to these features that are part of Netskope’s CASB solution, last week was the launch of Netskope Cloud Exchange. The Cloud Exchange gives customers the ability to share threat intelligence (including the ability to automate bidirectional IOC sharing between defenses), exchange risk scores, consolidate logs, and automate alert ticketing.
The momentum continues on the heels of earlier enhancements to Netskope Security Cloud back in August to further Netskope’s leadership in providing a Secure Access Service Edge (SASE) solution and the Security Service Edge (SSE) offerings that are critical to SASE success. With enterprises rapidly adopting SASE architecture and applying Zero Trust principles in support of digital transformation efforts, Netskope’s goal is to provide a comprehensive SASE-ready platform solution. The announcement included the availability of Cloud Firewall, Remote Browser Isolation, SaaS Security Posture Management (SSPM), enhancements to Zero Trust Network Access (ZTNA), and improvements to our SLA agreements for NewEdge, Netskope’s private cloud.
A Cloud Security Gateway, as part of a SASE architecture, also needs the fastest, most scalable, most reliable connectivity possible. Netskope Security Cloud services run on NewEdge, the world’s largest, highest-performing, and most well-connected security private cloud, allowing security to be deployed at the edge as close to the user as possible. Today, NewEdge is powered by data centers in nearly 50 regions globally, with every data center offering full compute, all services available with no need to rely on the unpredictable performance of public cloud connectivity, and accessibility to every customer without surcharges.
Remember: a CASB, or Cloud Security Gateway, solution is more important than ever, and as the leader in this space, Netskope offers a market-leading solution as part of a full SSE and SASE offering, with some of the most advanced data protection, threat protection, and application discovery and policy features available in the industry.
Source: https://www.netskope.com/blog/leading-the-evolution-of-casb-and-cloud-security