Cloud access security broker (CASB) applications really started to gather steam in the early 2010s. They were designed to provide cloud and software-as-a-service (SaaS) applications with the security controls and protections organizations were used to with internally run information systems.
They needed the same level of auditing, access control, data governance, threat detection and prevention they could enforce when building IT applications or contractually when buying perpetual site licenses.
But much has changed since then and other tools have emerged, such as cloud workload protection platforms (CWPP). Here are some of the top trends in CASB and CWPP categories:
1. Expanding attack surface
The network perimeter from the pre-cloud era is now just one of many areas of modern networks.
As enterprises move to the cloud, they must protect four additional perimeters, because one successful penetration on the right resource can lead to a major incident, as exploits can move farther, faster.
In fact, the security industry has many examples of damage that can be done in a mere 60 seconds or less:
- Data perimeters can allow unauthorized users to read, modify, delete, or download your private data directly from the internet.
- Compute perimeters can allow external entities to run code in your environment, exploiting software vulnerabilities to compromise workloads.
- Messaging perimeters can allow external entities to receive and send messages to private systems that can trigger code or transport malicious payloads to downstream applications.
- Identity perimeters can allow external entities full control over your virtualized data center when privileged identity access management (IAM) users, roles, and access keys are compromised.
“When thinking about how to protect cloud workloads, the overarching trend organizations need to consider is the expanding attack surface in the cloud and how to reduce it,” said Matt Ambroziak, director of sales engineering at Virsec.
2. CASB acquisitions
The initial goals of CASB applications meant that vendors in the market had to have every competence in the security playbook.
They needed broad security capabilities, SaaS applications support, and…