McAfee Enterprise CASB Connect is an API framework used for onboarding long-tail SaaS applications. This section provides an overview of CASB Connect, use cases, pre-requisites, and approach/process for requesting and adding new cloud (SaaS) applications to CASB Connect.
The CASB Connect framework supports any of the following use cases for SaaS applications:
- Enforce Data Loss Prevention (DLP) policies to protect sensitive and regulated data.
- Enforce internal and external collaboration policies.
- Inspect login, data upload, data download, and administrator activity to maintain an audit trail for forensic investigation.
- Detect any anomalous behavior.
CASB Connect API
The CASB Connect API platform is a unique solution developed with the vision of letting cloud service providers (SaaS vendors) build API connectors for their REST APIs to join McAfee Enterprise's CASB Connect catalog, so that mutual customers of McAfee Enterprise and cloud service providers can mutually benefit from the security use cases supported by McAfee Enterprise's CASB while continuing to leverage productivity gains from using the SaaS application.
CASB Connect API FAQ
- Who provides APIs? Is it McAfee Enterprise or the SaaS application provider?
- APIs are always provided by SaaS application provider. McAfee Enterprise will only write connectors to consume those APIs
- What kind of APIs are supposed to be provided by the SaaS application?
- REST APIs with support for OAuth 2.0 (or other ways of third party application authentication/authorization), monitoring activities (logins, downloads, uploads, admin activity, sharing activity), download content, modify content/delete content (will be called based on response action configured in DLP policies)
- Detailed API pre-requisites are provided in the attachments section (refer to CASB Connect API Requirements Overview.pdf, McAfee Enterprise CASB Connect Detailed API Requirements.pdf, CASB Connect API Checklist.xlsx)
- Can I share the API pre-requisites with the customer?
- Yes, but please note that these documents are intended for cloud service provider (CSP). It would be helpful to share CASB Connect API Checklist.xlsx with the cloud service provider by taking help from the customer and attach the filled document with the support request being filed for new cloud service (SaaS) support through CASB Connect.
- What is a connector file?
- A connector file is a JSON file that describes what APIs cloud service provider has, in what order those APIs have to be called by McAfee Enterprise, and how to map response structure returned by SaaS APIs with the structure expected by McAfee Enterprise.
- Is the format of JSON connector file standard?
- No, this is a format developed by McAfee Enterprise engineering.
- Who develops these connector files?
- It is recommended for cloud service providers to take the ownership of building and maintaining the API connectors. However, depending on priority and cloud service provider's ability to take the ownership, McAfee Enterprise engineering can build these API connectors. This needs to be prioritized by product management.
- How long does it take for McAfee Enterprise to build API connector using CASB Connect?
- This depends on the maturity of APIs from cloud service provider, current backlog McAfee Enterprise engineering team has, and the priority of the cloud service provider as determined by the PM team.
- Is there any guide that contains the detailed steps for creating this connector file and can it be shared with the SaaS application provider who is willing to build connector?
- Yes, please reach out to PM team to get this document. This document/guide for creating JSON connector files is confidential and is shared with cloud serivce provider or customer on NDA. Soon, this guide will be available for registered partners from the McAfee Enterprise CASB Connect portal.
- How do I know which cloud services are in backlog for CASB Connect API?
- Contact PM
Request new CSPs
Create a support ticket and attach the following two documents
- Use Case Checklist - to be filled by customer
- CASB Connect API Checklist - to be filled by CSP (request customer's help in getting this filled by CSP)