After a year of significant product innovations, we are proud to see that Proofpoint Cloud App Security Broker (CASB) jumped into the “Challenger” position in the Magic Quadrant. Proofpoint was recognised for its excellent product and services capabilities and customer experience. Specifically, Gartner called attention to our ability to execute on cloud threat protection, data security and CASB integrations with leading Proofpoint solutions. We are committed to bringing our people-centric approach to cloud security.
If you have existing email security investments in Proofpoint, you’ll be happy to know that we build our CASB with value-add integrations in mind. These integrations address compromised accounts and DLP – what we hear are the most important to our Proofpoint customers regarding cloud security. This means you get better visibility to cloud security and compliance risks, automate response faster, and simplify deployment and operations.
In fact, Proofpoint CASB provides out of the box security integrations with:
- Targeted Attack Protection (TAP)
- Threat Response Auto Pull (TRAP)
- Data Loss Prevention (DLP)
- Browser Isolation
Let’s dive deeper into how these unique integrations enhance Proofpoint’s ability to address our customers’ primary CASB use cases.
Cloud Threat Protection
As you move messaging and collaboration platforms from the corporate network to the cloud, your people become vulnerable to attack. Cybercriminals target popular SaaS applications like Microsoft Office 365 and Google G Suite. They use password spray attacks, phishing attacks, and malicious file shares to compromise cloud accounts and trick your people into wiring money to them or releasing corporate data. All these attacks require human interaction to find their marks. The path to better security lies in an integrated approach that puts people at the centre.
Proofpoint CASB provides people-centric threat protection. We detect Email Account Compromise and automate response with contextual and actionable alerts. Our customers can leverage a number of CASB integrations to minimise their users’ exposure to cloud threats:
- Send TAP Very Attacked People (VAP) data to CASB to automate adaptive access controls for people who are more at risk
- Access TAP email threat intelligence from within CASB to connect phishing attacks to email account compromise, determine source of attack and take appropriate action
- Leverage CASB integration with TRAP to automatically orchestrate security response (e.g. suspend user, change password) between CASB and Microsoft Active Directory on-premises
- Apply CASB’s risk-based authentication or Browser Isolation to authenticate, block or isolate risky cloud sessions for an agentless architecture that can help you accelerate migration to the cloud.
Cloud Data Security
With the adoption of cloud apps, your people can share high-value content—including
sensitive content, like employee or client records, source code, formulas, and other confidential documents—through multiple channels: email, link sharing, and messaging.
Proofpoint can help you quickly discover sensitive and regulated data in the cloud, especially if you are already a Proofpoint Email DLP customer. Proofpoint CASB shares DLP classifiers—including built-in smart identifiers, dictionaries, rules and templates—with other Proofpoint products. Having done the hard work of tuning your DLP detection rules for email, you can:
- Use the same detection rules for cloud DLP (SaaS, IaaS and mailboxes) and cut down on time to identify and protect sensitive cloud data
- Unify DLP incident management for cloud apps, email, and on-premises file shares on one console to simplify day-to-day operations
Cloud App Governance
In today’s cloud-first word, governing cloud apps has become a priority. The average enterprise has an estimated 1,000 IT-authorised and unauthorised cloud apps in use. And some of these have serious security and compliance gaps that can potentially put organisations at risk and violate regulations and corporate mandates.
Proofpoint CASB gives you visibility into unauthorised apps (Shadow IT) across your organisation. We help you automatically audit network traffic logs, discover cloud apps and categorise them by type and risk score. The scoring helps you determine security risks, data loss vulnerabilities and noncompliance. From there, you can extend CASB capabilities to contain Shadow IT by:
- Granting users read-only access to tolerated apps or applying DLP policies to uploads and downloads using integrations with Browser Isolation.
Proofpoint CASB also detects and assesses OAuth permissions for third-party apps and scripts that access IT-approved core cloud services. Controls allow you to define or automate actions based on risk score and context, such as automatically denying requests from third-party apps that exceed defined thresholds.
Conclusion
With smart integrations across the Proofpoint platform, Proofpoint CASB is the only Cloud Access Security Broker to increase the return on your existing Proofpoint investments in email security and security awareness training. As the Gartner Magic Quadrant states: “Proofpoint has a large installed base for its email security product; the target market for Proofpoint’s CASB is as an add-on for this installed base, plus new customers not using Proofpoint products… Proofpoint’s CASB, email security and remote browser isolation products offer useful synergies, which may be an attractive integration and bundle for some customers.” As you move to the cloud, you can consolidate security across email, cloud and web with Proofpoint.
For more on Proofpoint Cloud App Security Broker, visit us here.
--
Gartner, “Magic Quadrant for Cloud Access Security Brokers,” Craig Lawson and Steve Riley, October 22, 2019
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organisation and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.