Message Image

Zero Trust

View Only

Back to discussions

Expand all | Collapse all

CASB Dissected

Sam AielloOct 12, 2022 11:30:00 AM

Hello All, Does anyone have a good resource that "dissects" the inner workings of a CASB offering (Zscaler, ...

Erik JohnsonOct 12, 2022 11:32:00 AM

Several of the CASB service providers are FedRAMP-authorized. Their FedRAMP packages include a full ...

1. CASB Dissected

2 Like
Sam Aiello
Posted Oct 12, 2022 11:30:00 AM

Reply Reply Privately
Hello All,

Does anyone have a good resource that "dissects" the inner workings of a CASB offering (Zscaler, Netskope, ProofPoint, iboss, etc)?

Seems like "kabuki theater" with not a whole lot of ways to validate controls (i.e.-NIST RMF).

If anyone has tried to peel back the onion and has some good insight/content, I am very interested.

Thanks,

Sam

------------------------------
Sam Aiello
Principal Security Architect
Verizon Business
------------------------------
2. RE: CASB Dissected

1 Like
Erik Johnson
Posted Oct 12, 2022 11:32:00 AM
Edited by Erik Johnson Oct 13, 2022 07:11:56 AM

Reply Reply Privately
Several of the CASB service providers are FedRAMP-authorized. Their FedRAMP packages include a full SSRM control ownership delineation, NITS RMF control responses and a 3PAO security assessment.

------------------------------
Erik Johnson CCSK, CCSP, CISSP, PMP
Senior Research Analyst
Cloud Security Alliance
Leesburg VA
------------------------------

Original Message

Powered by Higher Logic