All CASBs are NOT created equal


The confluence of cloud apps, BYOD, and mobility is moving at warp speed.  Thankfully though, so is Imperva.  Today, the company announced an integration between two of its product lines, Imperva Skyfence and Imperva Incapsula, the first of its kind in the Cloud Access Security Broker (CASB) space and one that truly is a game-changer.

Here’s the skinny:  Skyfence now sits within the Incapsula content delivery network, meaning Skyfence gets to leverage all the goodness that Incapsula brings to the table, specifically the optimization and securing of cloud app access.

First, a little backgrounder might come in handy here.  CASB solutions are often deployed as cloud proxies that inspect and manage user traffic to a cloud application.  While this proxy configuration offers many advantages to protect users and data, if not deployed securely, the CASB can actually introduce latency and become a potential attack vector (a single point of failure even) as hackers exploit the CASB proxy to bypass existing security controls implemented by the cloud provider.

Here’s a snapshot of how Skyfence has raised the bar in CASB performance and security.

Incapsula Advanced Cloud Architecture

Skyfence + Incapsula = Unified framework for the safe and productive use of cloud apps

Performance Optimization
Skyfence is able to tap into Incapsula’s world-class security and content delivery network (CDN), a globally distributed network of 25 data centers that delivers full site acceleration through intelligent caching and content optimization tools.  Incapsula’s application-aware CDN dynamically profiles website resources and identifies all cacheable content (dynamic and static), including content that other CDNs consider to be uncacheable.  The result for Skyfence customers is a mature, highly available cloud platform that accelerates access to cloud apps.

DDoS protection
Ask any CISO what types of security threats most cause him or her the most angst, and the vast majority would say “DDoS attacks.”  Organizations from every industry are subject to these types of attacks on a daily basis.  Like I mentioned earlier, when you put a proxy in front of your cloud app account, you bypass some of the security controls provided by the cloud app provider, increasing your risk.

However, thanks to Incapsula, Skyfence avoids being a threat risk itself since Incapsula mitigates all types of DDoS attacks, targeting any type of web or cloud-based service.  Combining a robust network backbone and industry-acclaimed traffic inspection solutions, Incapsula provides comprehensive protection against all application, network, and protocol-based DDoS attacks.  This ensures the CASB’s availability and, by extension, secures employee access to the cloud apps they need to get their jobs done.

Advanced Cloud Architecture
So, given that the cloud is here to stay, the above features are absolutely critical in a day and age where hackers are getting ever more sophisticated and dogged in their efforts to bring down networks and steal sensitive data.

Cloud architecture enhancements, such as those developed by Incapsula, make it more difficult for hackers to succeed and the reason why the Skyfence-Incapsula integration makes so much sense.  In essence, Incapsula has enabled Skyfence to set the new standard for securing cloud apps and data.