All news with #casb tag

🔒 Cloudflare has extended its Cloud Access Security Broker (CASB) to support the Claude Compliance API, enabling security and compliance teams to monitor Claude Enterprise activity directly in the Cloudflare dashboard without endpoint agents. The integration surfaces security findings for projects, attachments, chat files, messages, and provider-generated artifacts, and groups findings by category and severity. Customers can immediately convert findings into enforcement actions via Gateway policies and use existing detection and remediation workflows. Setup requires a Claude Enterprise account and Compliance API access, and the integration begins scanning and surfacing findings within minutes.

🔐 Cloudflare One reframes enterprise security around protecting sensitive data across networks, endpoints, SaaS, and AI interfaces. The post introduces new controls — clipboard restrictions for browser-based RDP, operation-level mapping surfaced in logs, on-device Endpoint DLP in the Cloudflare One Client, and Microsoft 365 Copilot scanning via API CASB. Together these features aim to give consistent visibility and enforcement so policy follows data rather than product boundaries.

🛡️ Cloudflare CASB now lets administrators remediate risky file-sharing directly from the Cloudflare One dashboard. The new Remediation feature supports one-click removal of public, organization-wide, and external shares in Microsoft 365 and Google Workspace, and can target files that match DLP profiles for sensitive content. Remediation only removes risky sharing settings — it does not delete files or change ownership — and every action is recorded in Admin logs for auditing and SIEM export. The system is built on Cloudflare Workers and Workflows for fast, durable execution at scale.

☁️ Cloud access security brokers (CASBs) act as gatekeepers between enterprise endpoints and cloud services, offering visibility into user activity, enforcement of access policies, and protection of sensitive data across SaaS, IaaS, and cloud-native apps. Deployments may be forward or reverse proxy, or API-driven, and vendors increasingly fold in DLP, SWG, CSPM, and UEBA capabilities. Key selection factors include supported deployment modes, agent strategy, application/API coverage, and alignment with an SSE or SASE roadmap.

🔒 Modern browsers include sandboxing, but attackers exploit expected behaviors to bypass protections. A new on-demand webinar from Keep Aware outlines the top three browser-layer threats—credential theft, malicious extensions, and lateral movement—and explains why tools like CASBs, SWGs, and EDRs often miss these attacks. It shows how real-time browser visibility, policy enforcement, and behavioral detection extend protection into everyday user activity. The session is aimed at CISOs and security leaders seeking practical steps to close this blind spot.

🔒 A Cloud Access Security Broker (CASB) sits between enterprise endpoints and cloud services to deliver visibility, enforce access controls and detect threats. This guide summarizes core CASB functions — visibility, control, data protection and compliance — and contrasts deployment modes (API vs proxy). It profiles major vendors such as Netskope, Microsoft Defender for Cloud Apps, Palo Alto Networks and others, and presents 16 practical questions to assess internal readiness and evaluate providers against SSE/SASE roadmaps.

🌐Cloudflare is prototyping a SaaS-to-SaaS proxy that consolidates SaaS connections through a single front door to improve monitoring, detection, and response. Two deployment models are proposed: a customer-controlled vanity hostname proxy that returns visibility to data owners, and a vendor-side reverse proxy that strengthens platform security. Both approaches use key splitting to avoid persisting full bearer tokens and enable instant revocation. Cloudflare is seeking feedback and offering early access.