By Valéry Marchive and Azure Security News
Microsoft naturally does not hide its satisfaction, considering in particular that “this recognition occurs at an important point in [our] development”. The group built its CASB offer , Microsoft Cloud App Security (MCAS), on the basis of the acquisition of Adallom in 2015. But it did not stop there: it packaged it within the Microsoft offer. 365 which notably integrates Azure AD , Azure Information Protection, Advanced Threat Protection (ATP), and Intune. An all-in-one solution that, according to Gartner, seems attractive. What’s more, MCAS can now offer real-time, online inspection of Office 365 traffic, positioning itself as a reverse proxy.
The firm nevertheless has some reservations: the integration of SaaS applications in reverse proxy mode goes through Azure AD Conditional Access, and the integration of information flows on third-party threats is limited to the reputation of the IPs of the connections. incoming. In addition, integration with alternatives to Intune, for Unified Endpoint Management ( UEM ), does not limit to verifying the presence of a digital certificate.
CipherCloud, Forcepoint and Palo Alto Networks retain the positions assigned to them by Gartner last year. But Proofpoint joins the challengers. He continues to reap the benefits of the buyouts of Firelayers and Weblife in 2017, but also that of Meta Networks this year , even if the firm continues to deplore the lack of data encryption and tokenization capabilities.
The surprises of this 2019 edition of Gartner’s magic quadrant in the CASB market are to be found on the side of Cisco and Oracle. For the firm, the former simply dropped this segment: “the Umbrella brand focuses on DNS- based security and a Web Access Security Gateway (SWG)”.
Historically, Cisco entered the CASB market through acquisition: that of Cloudlock , in June 2016. In 2017, it launched Umbrella, a complete Internet access security offer , combining the fruits of multiple acquisitions, from Sourcefire to Cloudlock, via OpenDNS. And then add Duo Security to the building.
But already last year, Gartner did not hide its reservations. He explained that “Cisco’s plans to develop Umbrella into a secure Internet gateway are still largely under development at this stage. Other Cisco products that could increase the visibility of Cloudlock, such as the AnyConnect VPN agent, and the recently purchased Duo MFA application, are not yet integrated ”.
For Oracle, things are less clear. According to Gartner, it simply failed to meet “certain inclusion criteria” specific to this edition of the Magic Quadrant, related to the product configuration and its functional range.
As a reminder, Oracle entered the CASB market with the acquisition of Palerra in 2016 , acquiring a Secure Cloud Access Gateway (CASB) based on APIs offered by SaaS, PaaS and IaaS service providers, and offering a complete functional range: analysis of risks and user behavior, incident response, case management, integration of threat intelligence, or even management of remediation based on approvals.
At the time, Oracle clearly displayed its ambitions: to bring Palerra’s platform closer to its cloud-based identity and access management (IDaaS) offer – Oracle Identity Cloud Service – to “provide complete protection for users, applications, APIs, etc. data and infrastructure ”. Oracle has since driven the point home , first building an offer that combines SIEM , behavioral analysis (UEBA), identity management and CASB. And last year he put the whole thing to music, bringing it all together under the Trust Fabric brand ,
And this is perhaps particularly where Oracle found himself sanctioned. Because Gartner asks in particular that the product be sold in such a way as to respond alone to the main use cases of a CASB, without having to rely on related products.
But ultimately, this new magic quadrant above all highlights the ability that Microsoft has developed to shake up different segments of the cybersecurity market. In the current of the editor, Gartner had already classified it among the leaders in the protection of workstations . And we await, not without a certain curiosity, the look that will be reserved for Azure Sentinel on the segment of information management systems and security events (SIEM).