Skip to main content
McAfee Enterprise MVISION Cloud

Infrastructure as a Service (IaaS)

Skyhigh CASB for Infrastructure as a Service (IaaS) provides a safety net for corporate resources and data in services such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform.

Secure Configuration Management

IaaS providers create an "easy button" for application developers that can sometimes lead to misconfigurations and vulnerabilities. Skyhigh CASB for IaaS helps to protect your resources and data by ensuring that standards are adhered to and security best practices are followed.

Skyhigh CASB Cloud’s built-in templates allow customers to check compliance against popular benchmarks such as CIS and identify vulnerable infrastructure or storage in minutes.

Data Protection

Cloud object storage provides unparalleled flexibility and opportunities for analytics. However, this presents the risk of data loss or misuse. Skyhigh CASB’s data protection can help ensure compliance and protect objects from unauthorized storage or disclosure.

When deployed as part of a Skyhigh Security Service Edge, data protection policies already defined for an endpoint, Shadow IT, or Sanctioned SaaS can be seamlessly applied to IaaS.

Activity Monitoring

Skyhigh CASB for IaaS provides activity monitoring similar described in the Sanctioned SaaS section. A near real-time feed of IaaS activity including API calls and configuration changes are streamed to Skyhigh CASB and analyzed for anomalous activity and compliance with configuration policies.

Code and Container Security

Posture Management (CSPM)

In addition to applying best practices and benchmarks to IaaS resources, Skyhigh CASB does the same for code and container orchestration tools such as Kubernetes and Docker.

Vulnerability Assessment

Skyhigh CASB for Containers automatically scans code checked into code automation tools such as Jenkins and causes builds with insecure configuration or components to fail.

Nano-segmentation

Skyhigh CASB for Containers includes a lightweight shim that is inserted into each container. This shim operates somewhat like a firewall, allowing Skyhigh CASB to baseline normal behavior for an application and alert and block abnormal activity.

  • Was this article helpful?