Insider Threats, Machine Learning, and the Next-Gen CASB

113
casb-what-is-casb

This post was originally published here by  Kevin Gee.

One of the biggest dangers to application security is that of the insider threatThis ranges from users who unknowingly expose credentials and sensitive data to external parties, to disgruntled employees who act against the company’s interests. These threats are difficult to prevent with common security configurations and are big reasons why user and entity behavior analytics (UEBAis such a common buzzword within the security industry.  

It is absolutely critical for any security company to provide protection not only from outside attackers, but from internal dangers, as well. This can be done through a manual process with administrators who review users’ activities and spot suspicious behaviors. However, this requires extensive human resources and is not scalable for companies of any size in the long term.

The insider-threat problem requires something automated that can baseline and analyze users’ behaviors in order to identify suspicious activities. This is where machine learning comes into play. It can identify malicious or illicit behaviors in real time; for example, if a user suddenly downloads unusually large amounts of data or logs in and gains access to data outside of normal working hours.

Only cloud access security brokers (CASBs) complete with machine learning can defend against internal threats. They can baseline and analyze user behavior across all applications, generate real-time alerts, and take automated, corrective actions. While many cloud apps and service providers offer their own security features, they are often limited by the fact that they cannot identify suspicious activity across different applications. However, with a CASB, admins gain total cross-app visibility and control. This can help identify suspicious activity such as a user logging in to different applications from California and Portugal within an impossibly short window of time.

Bitglass’ next-gen capabilities provide comprehensive protection across all applications. Through machine learning and advanced analytics, admins can rest assured that they are protected from unseen internal threats.

To learn more about Bitglass’ next-gen capabilities, download the solution brief below.

Photo:Happiest Minds