Hello All,
Does anyone have a good resource that "dissects" the inner workings of a CASB offering (Zscaler, Netskope, ProofPoint, iboss, etc)?
Seems like "kabuki theater" with not a whole lot of ways to validate controls (i.e.-NIST RMF).
If anyone has tried to peel back the onion and has some good insight/content, I am very interested.
Thanks,
Sam
------------------------------
Sam Aiello
Principal Security Architect
Verizon Business
------------------------------