Skyhigh CASB for Infrastructure as a Service (IaaS) provides a safety net for corporate resources and data in services such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform.
Secure Configuration Management
IaaS providers create an "easy button" for application developers that can sometimes lead to misconfigurations and vulnerabilities. Skyhigh CASB for IaaS helps to protect your resources and data by ensuring that standards are adhered to and security best practices are followed.
Skyhigh CASB Cloud’s built-in templates allow customers to check compliance against popular benchmarks such as CIS and identify vulnerable infrastructure or storage in minutes.
Cloud object storage provides unparalleled flexibility and opportunities for analytics. However, this presents the risk of data loss or misuse. Skyhigh CASB’s data protection can help ensure compliance and protect objects from unauthorized storage or disclosure.
When deployed as part of a Skyhigh Security Service Edge, data protection policies already defined for an endpoint, Shadow IT, or Sanctioned SaaS can be seamlessly applied to IaaS.
Skyhigh CASB for IaaS provides activity monitoring similar described in the Sanctioned SaaS section. A near real-time feed of IaaS activity including API calls and configuration changes are streamed to Skyhigh CASB and analyzed for anomalous activity and compliance with configuration policies.
Code and Container Security
Posture Management (CSPM)
In addition to applying best practices and benchmarks to IaaS resources, Skyhigh CASB does the same for code and container orchestration tools such as Kubernetes and Docker.
Skyhigh CASB for Containers automatically scans code checked into code automation tools such as Jenkins and causes builds with insecure configuration or components to fail.