Forcepoint CASB Spots Suspicious User Behavior

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Forcepoint CASB (Cloud Access Security Broker) has been upgraded with new behavioral analytics capabilities that offer enterprise security teams with improved visibility into how their employees access and consume cloud applications and resources and the potential risk of those interactions to their organizations.

CASB solutions are becoming an increasingly important tool in enforcing security and protecting data in workplaces where its just as common to trade sensitive information on cloud collaboration platforms as local network drives. Today, the lines between local networks and the public cloud are completely blurred, making the jobs of IT security pros tougher.

With its new User Risk Dashboard, Forcepoint CASB analyzes user behavior and determines how their permissions can undermine an organization's security posture.

"Businesses today operate in a zero-perimeter world relying on multi-cloud environments to enable employees to get their job done from anywhere, on any device. Forcepoint's focus on the human point of contact with data helps organizations identify anomalies in behavior more quickly and mitigate business impact, be it critical IP or financial losses," Aaron Smith, senior product manager of Forcepoint's Cloud Security division, told eSecurity Planet.

"And, unique to Forcepoint CASB, it combines both anomalous behavior of users and endpoints and the potential business impact based upon their account permissions, into a user risk score and dashboard," continued Smith. "With this single-view User Risk Dashboard, security teams can quickly identify their highest risk-users, or malware posing as a user, at a glance," he explained.

By analyzing patterns of user behavior, spotting anomalies and reporting its findings, security teams can focus on the users, or malware masquerading as users, that can spill a company's secrets. Also new are new enhancements to Forcepoint Web Security that blocks shadow IT and provides more security teams with more control over cloud apps.

In eSecurity Planet's recent overview of Forcepoint CASB, it was described as…

"Full inline (proxy) and API-based capabilities allow Forcepoint CASB to support any cloud application in the market and provide blocking capabilities. Forcepoint CASB provides deep visibility into thousands of user activities, which enables security teams to understand user behavior and implement data loss prevention (DLP) capabilities. These can be designed to stop exfiltration of data for both managed and unmanaged BYOD devices and integrate with on premises DLP."

More information on Forcepoint CASB's new features are available here.