12. 12
• Find all cloud apps and report on
enterprise-readiness of each cloud
app using 45+ criteria
• Find sensitive data in sanctioned
cloud apps and report on what is
being shared publicly or outside
your company
• Deployment options include logs,
TAP mode, or inline for app
discovery and Introspection / API
for data discovery
CASB Requirements
13. Use Case #2
Find data exfiltration
activities across
cloud apps and
remediate
Source: AT&T Cybersecurity Insights
14. 14
• Visibility into activities
across sanctioned and
unsanctioned apps
• Correlation of events and
anomaly detection
• Remediate with granular
policy enforcement and
DLP for unsanctioned
cloud apps
CASB Requirements
16. 16
• See detail about activities
across all cloud apps
• Support for category-level
policies such as ‘social media’
• DLP engine that can identify
specific text strings tied to
activities in unsanctioned
apps
• Ability to apply context to
your policies
CASB Requirements
17. Use Case #4
Provide granular
access control for
managed and
unmanaged
devices
18. 18
• Ability to classify
managed vs. unmanaged
devices
• Ability to set policies
based on device
classification
• Support for granular
policies based on device
classification
CASB Requirements
20. 20
• Ability to scan sanctioned cloud
apps for various malware types and
quarantine the files
• Ability to inspect cloud app traffic in
real-time for malware and
quarantine before it reaches target
• Ability to replace the eradicated
malware with a tombstone file,
letting the user know of the action
taken
CASB Requirements
21. 4:
Provide granular access
control for managed vs.
unmanaged devices
3:
Allow, don’t block cloud apps
like social media
2:
Find data exfiltration
activities across cloud apps
and remediate
5:
Find malware, remediate,
and reverse attack fan-out
1:
Discover cloud apps, find
sensitive data, and assess
risk