AWS is a vital service for many companies. The pricing structure of AWS means that there can be a small cost for using Skyhigh CASB for AWS. Below, you'll find information on the three functions of Skyhigh CASB for AWS that may incur increases in your AWS billing.
Security Configuration Audit
For Security Configuration Audit policies, Skyhigh CASB uses the AWS API to scan AWS instances. AWS limits the number of API requests made at any given point, so Skyhigh CASB usage of these is extremely minimal since the scans are once a day and is a trivial percentage of the limit permitted by AWS. As a reference point, developers generally use 10x-50x the number of calls Skyhigh CASB uses. You can learn more here: http://docs.aws.amazon.com/apigateway/latest/developerguide/limits.html#api-gateway-limits.
Activity Monitoring and Anomaly Detection
For Activity Monitoring and Anomaly detection, Skyhigh CASB reads CloudTrail logs incrementally from an S3 bucket, incurring S3 read pricing as listed here: https://aws.amazon.com/s3/pricing/. Skyhigh CASB performs one request every ten minutes, using GET calls you'll find on the pricing page (called "GET and all other Requests $0.004 per 10,000 requests” and “Data Retrievals $0.01/GB”). The CloudTrail logs are very small, limiting retrieval costs.
IMPORTANT: Amazon prices are subject to change.