Cloud App Security Broker

Cloud Security

Proofpoint Cloud App Security Broker (Proofpoint CASB) helps you secure applications such as Microsoft Office 365, Google Workspace, Box and more. It gives you people-centric visibility and control over your cloud apps, so you can deploy cloud services with confidence. What’s more, our powerful analytics help you grant the right levels of access to users and third-party add-on apps based on the risk factors that matter to you.

Features and Benefits

Protect your cloud app users from threats, data loss and compliance risks

People-Centric Visibility

Proofpoint CASB gives you granular visibility into your users and data at risk. You get a people-centric view of cloud access and sensitive-data handling. With Proofpoint CASB, you can:

  • Gain insight into cloud usage at a global, app and user level
  • Identify files at risk, including ownership, activity and who they were shared with
  • Check suspicious logins, activity and DLP alerts via drill-down dashboards

Cloud App Security Broker

Proven Advanced Threat Protection

Proofpoint CASB extends our people-centric security to the cloud. It allows you to detect, investigate and defend against cyber criminals who are accessing your sensitive data and trusted accounts. We combine user-specific risk indicators with threat intelligence across email, SaaS and others to detect anomalies in your cloud apps. These include account takeover, suspicious file activities and more.

If an unsafe file gets uploaded to a cloud-based collaboration app, it can spread to your entire organization in an instant. But with our sandboxing and analytics, you can contain those malicious files in the cloud through an automated quarantine and other mitigation steps.

Our robust policy capabilities alert you to issues in real time. And to prevent unauthorized or risky access, you can apply adaptive access controls. These include enforcing multi-factor authentication and restricting access from unmanaged devices.   

Cloud App Security

Risk-Aware Data Security

As more of your organization’s data is stored in the cloud, so is sensitive content. Proofpoint CASB has hundreds of built-in DLP classifiers, dictionaries, rules and templates to help you speed up PCI, PII, PHI and GDPR compliance. Custom contextual rules allow you to build your own DLP policies to control how your data is shared or downloaded. You can also quarantine, remove files or reduce sharing permissions for files discovered in cloud apps to stay in compliance. In real-time, you can control downloads from approved cloud apps to unmanaged devices through an integration with Proofpoint Browser Isolation. And you can prevent uploads from managed devices to unapproved cloud applications using our forward proxy.

Proofpoint CASB is part of our Information Protection platform. This platform delivers a unique people-centric approach to stopping data loss across your email, cloud apps and endpoints. It gives you coverage across all your DLP channels by using a common data classification framework. And it combines content, behavior and threat-based telemetry with sophisticated analytics. With its unified alerts, you can better prioritize warnings, respond faster, and get quick time to value. Security teams around the world rely on Proofpoint to address the full spectrum of data-loss scenarios across their malicious, negligent and compromised users.

Read the Customer Story

Third-Party App Controls and Shadow IT

Proofpoint CASB analyzes your log files to discover your cloud services. And it helps you assess their risk by using our catalog of 46,000 applications, with more than 50 attributes for each. This helps you determine vendor credibility, assess their vulnerabilities, and uncover any security and compliance gaps. With unmatched visibility and granular controls, you can govern access from corporate devices to all of your cloud applications and contain shadow IT.

Many third-party apps add more features to Microsoft 365, Google Workspace, Box and other platforms. But some are poorly built or overtly malicious. Attackers can use third-party add-ons and social engineering to trick your users into granting broad access to your SaaS apps and data. With Proofpoint CASB, you can discover, assess and control third-party add-ons, including the malicious ones. And with our powerful analytics, you can grant the right levels of access to these third-party, add-on apps based on the risk factors that matter to you.

With IaaS and SaaS security posture management capabilities, Proofpoint CASB makes it easy for you to monitor any risky administrative activities. It also helps you identify misconfigurations and compliance issues. 

What You Should Know About Third-Party OAuth Apps


Cloud App Security Broker

Gain visibility and control over your cloud apps, so you can deploy cloud services with confidence.

Watch the Demo