CASB upgrades highlight enhancements to Forcepoint cloud security portfolio

In addition to upgrading the CASB solution recently acquired from Imperva, Forcepoint is also introducing new cloud migration tools and extending its LastLine sandbox technology to Web and Email security.

Austin-based cybersecurity vendor Forcepoint has announced significant new capabilities to their cloud security portfolio. The key innovation here is the strengthening of their cloud access security broker [CASB] offering that they recently  acquired from Imperva. The enhanced product now has analytics that assess both employee behavior and the potential business impact based on user account permissions, as well as block such behavior.

Forcepoint was formed in 2015 when Raytheon Cyber Products, a Raytheon company, was combined with Websense. The cloud is one of the company’s four core areas, with the others being network security, insider threats and government.

“The new company reorganized Websense  so that Web and email security are now part of the cloud security business,” said Aaron Smith, Senior Product Marketing Manager for the Cloud at Forcepoint. “The CASB business was Imperva Skyfence.” Forcepoint purchased it from Imperva in February of this year.

“The CASB market was originally focused on discovering shadow IT, but the market has shifted beyond that, to cloud application control which differentiates between applications which an organization has deemed it will support, and those which it won’t,” Smith said. “Using behavior analytics around sanctioned cloud applications, we have enabled the product to block those cloud applications that an organization has deemed to be too risky to be used.”

Smith said that Forcepoint’s CASB provides a fuller understanding of user behavior than competitive products, which creates a very large opportunity for the company and its channel partners. A new single-view User Risk Dashboard assesses both employee behavior and the potential business impact of the behavior, based on user account permissions.

“What makes this such a big jump forward is the expanded use case,” Smith said. “Organizations are increasing their use of sanctioned cloud applications. What makes our CASB unique is that it doesn’t just look at the cloud being accessed from a specific location, but is also aware of permissions and the impact because of the status of a person. The dashboard shows a score with relative impact, and the  most risky users show up on the dashboard. The security person can see who they need to spend their time with. There are other CASB vendors who can do one part of the equation, but we do the whole span, and show both the behaviour and the impact on the dashboard.”

In addition to the enhanced CASB, Forcepoint made additional upgrades to its Forcepoint Web Security and Forcepoint Email Security cloud.

“The good news here for our partners is that the news is more than just the CASB,” Smith said. “New cloud migration tools for Forcepoint Web Security Cloud let them help that very sizable proportion of customers transitioning to cloud. These tools make it easy to keep their policies intact as they migrate from on-prem to be 100 per cent cloud. There are two camps of customers – those just dipping their toes in the water on which apps to allow and which not to allow, and those already embracing cloud, and this lets them help both. It gives more control over users and data as they move to the cloud.”

Finally, the sandbox technology of Advanced Malware Detection Powered by Lastline has now been extended to both on-premises and cloud Forcepoint Web Security and Forcepoint Email Security platforms.

“This was available before in our next-generation firewalls and CASB, but is now also available to our Web and Email Security customers,” Smith said.