Cloud Access Security Brokers sit inline between users and cloud services to enforce data loss prevention, access policy, and threat protection across sanctioned and unsanctioned SaaS applications — giving security teams visibility into the shadow IT that conventional firewalls cannot see. CASB is a core pillar of SASE architecture and is specifically called out in frameworks such as FedRAMP and NIST SP 800-210 as a required control for agencies operating multi-cloud environments.
Related: SASE · Secure Web Gateway · Remote Browser Isolation · CNAPP · FedRAMP