Cloud Access Security Broker (CASB)
Product category for monitoring and enforcing security policies on SaaS application usage. Discovers shadow IT, enforces DLP in-stream, detects risky behavior. Often part of SSE platforms now.
More from Network & Cloud
Zero Trust Network Access (ZTNA)
Product category replacing traditional VPN with identity-aware per-application access policies. No network-wide trust. Major vendors: Zscaler, Cloudflare Access, Netskope, Palo Alto Prisma Access, Cato Networks, Tailscale, Twingate.
Security Service Edge (SSE)
Gartner category combining ZTNA + Secure Web Gateway (SWG) + Cloud Access Security Broker (CASB) + sometimes DLP and browser isolation. Delivered as cloud service. Major vendors: Zscaler, Netskope, Cloudflare, Palo Alto Prisma, Cisco Umbrella, Cato.
Cloud Security Posture Management (CSPM)
Tools that continuously evaluate cloud infrastructure configurations (AWS, GCP, Azure) against security best practices and compliance frameworks. Major vendors: Wiz, Prisma Cloud, Orca, Lacework. Native: AWS Security Hub, Azure Defender, GCP Security Command Center.
Cloud-Native Application Protection Platform (CNAPP)
Integrated platform combining CSPM + CWPP (workload protection) + CIEM (cloud infrastructure entitlement management) + DSPM (data security posture management). Wiz, Prisma Cloud, Orca Security are the leading CNAPP vendors.
Instance Metadata Service (IMDS)
Cloud metadata endpoint providing credentials and instance information to workloads. AWS IMDSv1 is exploitable via SSRF; IMDSv2 requires session tokens and prevents common SSRF-to-credential-theft patterns. The Capital One breach (2019) exploited IMDSv1 and resulted in $190M in settlements.
Kubernetes
Container orchestration platform. Common security concerns: RBAC misconfiguration, admission controllers missing, container escape via privileged pods, compromised service accounts with broad permissions, secrets mismanagement.
Apply this to your environment
Our engagements address concepts like cloud access security broker (casb) in practice — not just definitions, but how the attack patterns apply to your stack and how to remediate.