Hello Jenna, Laura,
I joined here today and this is my first post too. :)
Laura is perfectly right in that CASB has far more granular controls compared to web proxies which are simpler devices. A few other differences that I could think of:
- CASBs could be implemented as forward proxies, reverse proxies or even using APIs. When implemented using APIs they could potentially help with Data Leakage Prevention to the extent of having the ability to protect 'data at rest' too.
- CASBs can detect and prevent malware from exfiltrating data
- CASBs also have an updated list of independent risk assessment for each cloud service. The strength of this database of information is what differentiates one CASB from another.
- CASBs could use machine learning for detecting threats
- CASBs can help prevent users from downloading data to unprotected devices
CASBs thus have a bunch of such functions which help implement the 'Zero Trust' network of today. They add on to and complement the web proxies of earlier days whose only function was to prevent users inside a network from accessing illicit content outside.
Hope this helps!!
------------------------------
Janit Vora
Enterprise Architect
Tata Consultancy Services Ltd
------------------------------
Original Message:
Sent: Sep 22, 2021 10:46:22 AM
From: Jenna Morrison
Subject: CASB vs. Web Proxies?
Welcome to Circle! I'm glad you joined this community and are already offering your insights :)
And thank you for your response it was very helpful!
------------------------------
Jenna Morrison
Training Department Intern
Cloud Security Alliance
Original Message:
Sent: Sep 21, 2021 06:23:58 AM
From: Laura Alvarez
Subject: CASB vs. Web Proxies?
Hi Jenna,
I just signed up here, so this is my first post :)
Related to your question, as far as I know, CASB is a specific solution to be integrated with Cloud environments. It analyze the traffic (maybe decrypt) to cloud providers to identify what kind of info is going out. You can apply some sec policies with CASB to take control of the communication between users and Cloud Provider.
On the other hand, a web proxy analyzes outgoing web traffic but it is not a specific solution for cloud traffic. For example, a web proxy could limit browsing to certain categories (eg "social networks", "videogames", "news"). Perhaps one of those categories is "cloud services", so you can realize if a user is connecting to "Dropbox" for example, but it cannot be as granular as CASB.
Regards!
------------------------------
Laura Alvarez
Sec Arquitect
Fluidra
Original Message:
Sent: Sep 13, 2021 03:16:30 PM
From: Jenna Morrison
Subject: CASB vs. Web Proxies?
In Domain 11 of the Security Guidance, they talk about CASBs. I was wondering, what are the differences between CASB and web proxies?
------------------------------
Jenna Morrison
Training Department Intern
Cloud Security Alliance
------------------------------