Proofpoint Cloud App Security Broker (Proofpoint CASB)

Additional Info

Company size (employees)1,000 to 4,999
Type of solutionCloud/SaaS


Proofpoint provides the only CASB to meet the needs of security people serious about cloud threats, data loss and app governance. Proofpoint CASB protects you from account compromise, oversharing of data and compliance risks in the cloud. Our multi-mode solution combines:

Compromised account detection and automated response
Protection against malicious files uploaded or created within cloud apps
Data security including real-time DLP
Cloud and third-party apps governance including third-party OAuth apps
IaaS protection
Real-time detection of malicious files
Adaptive access controls
Controls over IT-approved and tolerated cloud apps that are used in the browser or within native clients

We secure AWS, Azure, Google Cloud, and Okta cloud environments as well as cloud apps using AWS services. People-centric visibility to email and cloud threats helps organizations identify at-risk users and protect their accounts and data.

With Proofpoint, organizations can deploy consistent DLP policies across cloud, email and endpoint. You can also centralize alert management across these channels on a single console. Our powerful analytics and adaptive controls help companies grant the right levels of access to users and third-party apps based on the risk factors that matter most.

To protect your IaaS environments and ensure compliance, Proofpoint CASB IaaS Protection (IaaS Protection) provides:

IaaS discovery
Cloud Security Posture Management (CSPM)
Data security, including DLP for IaaS buckets and containers
Threat protection, including cloud account compromise detection
Adaptive access controls

With our IaaS Protection add-on module, you can:

Identify misconfigurations in IaaS environments
Monitor and control privileged user activity
Discover all IaaS resources and unprovisioned IaaS accounts
Discover sensitive data in cloud storage and remediate excessive sharing of buckets with sensitive data
Prevent unauthorized access to IaaS environments

How we are different

Proofpoint CASB differentiates from competitors with people-centric and high-efficacy security analytics that excel at protecting users from threats, such as account compromise, malicious files, malicious apps, abuse of third-party OAuth app access, abuse of IaaS resources and initial access and preparation of ransomware attacks. Competitors fall short in the following areas: shallow depth in detecting account compromise, inability to correlate compromise with post-compromise activity that dramatically slows down security response and incomplete account takeover remediation capabilities across Microsoft, Google and Okta federated applications

Data loss originates with people. They can be negligent, compromised, or malicious. Understanding user intent enables you to apply the appropriate DLP response to mitigate risk. Proofpoint is the only vendor that brings together the telemetry of content, user-behavior and threats across the most critical DLP channels – cloud (SaaS and IaaS storage), email, endpoint and web. Competitors fall short in either their inability to bring together the DLP channels into one console for triage and response or can’t correlate threat and user behavior to the data movement.

With Proofpoint CASB, you can govern SaaS apps and IaaS services in a centralized management console with prioritized context into the apps with the most app vulnerabilities, the most attacked or abused and contain the most sensitive data or accessed by the privileged users. This includes first-party cloud apps (such as Microsoft OneDrive and Salesforce) as well as third-party (such as those created within Google Workspace, Microsoft appStore or federated through OAuth tokens). Competitors fall short by either missing the context of which apps are most abused or attacked in the real-world or lack the depth of detection capabilities in third-party apps such as OAuth authenticated apps.