Cloud App Security Broker

Cloud Security

Proofpoint Cloud App Security Broker (Proofpoint CASB) helps you secure applications such as Microsoft Office 365, Google G Suite, Box, and more. Our solution gives you people-centric visibility and control over your cloud apps, so you can deploy cloud services with confidence. Our powerful analytics help you grant the right levels of access to users and third-party add-on apps based on the risk factors that matter to you.

Features and Benefits

Protect users of cloud apps from threats, data loss, and compliance risks

People-Centric Visibility

Proofpoint CASB solution provides granular visibility into users and data at risk. You get a people-centric view of cloud access and sensitive-data handling. With Proofpoint CASB, you can

  • Gain insight into cloud usage at global, app and user level
  • Identify SaaS files at risk, including ownership, activity and who they were shared with
  • Check suspicious logins, activity, and DLP alerts via drill-down dashboards

Cloud App Security Broker

Proven Advanced Threat Protection

Proofpoint CASB extends our people-centric security to the cloud.  It allows you to detect, investigate and defend against cyber criminals accessing your sensitive data and trusted accounts. We combine user-specific risk indicators with our rich cross-channel threat intelligence, which spans email, SaaS and more. By connecting these dots, CASB analyses user behaviour and detects anomalies in cloud apps. These include account takeover, suspicious file activities and more.

An unsafe file uploaded to a cloud-based collaboration app can spread instantly to your entire organisation. Our sandboxing and analytics detect the potential risks of SaaS apps in your cloud environment. Then we help you contain those risks through automated quarantine and other mitigation steps.

Our robust policy capabilities alert you to issues in real time. And they apply adaptive access controls, such as enforcing multi-factor authentication and restricting access from unmanaged devices. These risk-based access controls protect your SaaS cloud apps from unauthorised or risky access.

Cloud App Security

Risk-Aware Data Security

As more of your organization’s data is stored in the cloud, so is sensitive content. Proofpoint CASB shares DLP classifiers with other Proofpoint products, including built-in smart identifiers, dictionaries, rules and templates. Custom contextual rules allow you to build your own DLP policies to control how your data is shared or downloaded. You can prevent uploads to and downloads from approved apps through an integration with Proofpoint Browser Isolation. You can also quarantine, remove files or reduce sharing permissions for files discovered in cloud apps to stay in compliance. And you can centralize cloud and email DLP incident management on the Proofpoint CASB console.

Proofpoint CASB helps you identify and protect data that’s at risk because of broad permissions and unauthorized data sharing. Our user-centered visibility and behavior monitoring quickly reveals activity on orphaned and compromised accounts. And CASB correlates user-level risk indicators with DLP detection. This insight provides you with more useful DLP alerts and access-level changes.

Proofpoint CASB solution enables IT teams to:

  • Stop employees from sharing sensitive company data broadly or with personal accounts
  • Speed up securing PCI, PII, PHI and GDPR compliance data with built-in smart identifiers and templates
  • Uncover orphaned and compromised accounts to protect corporate data

See the Product Demo

Third-party Apps Controls and Shadow IT

Our in-depth analysis helps you understand your risks on a per-app and per-user view.

Proofpoint CASB analyzes log files to discover your cloud services. We help you profile them for risk using our catalog of 46,000 applications with 50+ attributes per app. This helps you identify vendor credibility, vulnerabilities and security and compliance gaps.  Many useful third-party apps add more features to Office 365, G Suite, Box and other platforms. But some are poorly built or overtly malicious. Attackers use third-party add-ons and social engineering to trick users into granting broad access to your SaaS apps. Once an OAuth token is authorized, access continues until it’s manually revoked.

Proofpoint CASB solution helps you discover and control third-party add-ons, including malicious ones. Our powerful analytics allow you to grant the right levels of access to third-party add-on apps based on the risk factors that matter to you.

Proofpoint CASB protection app controls let IT teams:

  • Define or automate actions based on analysis results for each app
  • Create policies for privileged users, defining read and write permissions for an access token
  • Deny a request from an app that exceeds defined thresholds

What You Should Know About Third-Party OAuth Apps


Cloud App Security Broker

Gain visibility and control over your cloud apps, so you can deploy cloud services with confidence.

Watch the Demo