CASB Channel Pitch Card June 2018

Target Customers Sales Messages

Ideal Prospects • Subject to security & Decision Makers (General message) Forcepoint CASB allows organizations to safely embrace the cloud by providing visibility and control for
• Moving to Office 365 and compliance requirements • Security Architect (rolemay cloud applications. Forcepoint CASB provides both the ability to discover the use of unsanctioned cloud applications and
other tier II SaaS (e.g. HIPAA, SOX, PCI DSS, not be the title) assess associated risk, as well as the ability to control how sanctioned cloud applications such as Office 365, Google Suite,
FFIEC, CIIS, etc.) Salesforce, Box, Dropbox and others are used in order to prevent the loss of critical intellectual property. Unlike other CASB
application(s) • VP IT Infrastructure
products on the market, Forcepoint CASB can be deployed in both API and inline (proxy), allowing Forcepoint CASB to
• Employee BYOD policy in Industries • IT Operations Leader
quickly add custom or obscure cloud applications as well as detect user actions at a very granular level.
place • Healthcare, Financial Buyers
(Shadow IT Visibility concerns) Forcepoint CASB discovers and reports risky cloud applications, Shadow IT, in use within an
• Size (in users): >2,000 users Services, Business Services, • VP of IT or IT Security
organization as well as the users of those applications. A risk score is assigned to every cloud application* and controls are
• LE and VLE and Entertainment/Media. • CIO / CISO enabled to prevent the further use of those applications. Additional analytics are provided to understand usage trends by
user, department, and application category.
(Cloud Access Anomaly Detection concerns) Forcepoint CASB detects Brute Force attacks, Account Takeover, and other
Questions to Ask malicious or compromised insider threats and detects suspicious activity by privileged users. Forcepoint CASB provides User
and Endpoint Behavior Analysis (UEBA) to display analytics in a unique User Risk Scoring dashboard that helps security teams
• Do you use, or are you planning to use, Office 365, Box, Dropbox, Salesforce, etc.? focus on the most urgent threats based on likelihood of breach and potential impact to the organization. Forcepoint CASB
• Do you have visibility into the cloud applications your users are using? remediates risks in real-time by alerting, blocking an action or blocking account altogether, or enforcing risk-based multi-
• Are you worried about securing usage and access to cloud apps? factor authentication (MFA).
• Are you concerned about data proliferation or leakage via thecloud? (Data Security and Protection concerns) Streamline compliance to data privacy laws and residency requirements in different
• How do you currently protect sensitive data in the cloud? jurisdictions by granularly controlling how cloud applications are accessed and used. Forcepoint CASB provides DLP
• Are mobile devices a weak point in your cloudsecurity? capabilities for data at rest and in motion, as well as integration with Forcepoint DLP viaICAP.
• Does your organization have custom or industry specific cloud applications that need to be secured? (Incident Detection & Investigation concerns) Some CASB products rely exclusively on Service Provider API’s. This can be a
• Do you use cloud file sharing applications? Are you concerned about sensitive information on those problem as many API’s have a SLA that allows significant reporting latency (if they have a published API at all). Other SaaS
leaking out? providers do not have the API’s published to report user activities. Forcepoint CASB is a multimodal solution that uses both
API reported incidents as well as REAL TIME incident reporting when deployed inline.
(Zero-day Malware Threat Detection concerns) File sandboxing is an important tool to counter the growing amount of zero-
Business Value day malware being introduced, often using vulnerabilities we may not even be aware of. Unfortunately, today’s malware can
identify the virtual environments typically used for malware sandboxing, allowing them to evade these defenses.
• Enable corporate cloud-first objectives and initiatives like transitioning to Office 365 or GoogleSuite, Forcepoint’s Advanced Malware Defense (AMD), powered by Lastline technology, integrates with Forcepoint CASB to
or creating/deploying apps on AWS and Microsoft Azure. provide ‘Full System Emulation’ to eliminate ‘virtual sandbox’ indicators, and drive malware to reveal its true behavior.
• Drive agility and innovation through secure adoption of SaaS, IaaS and PaaS. In a recent Breach Detection Systems test by NSS Labs, they awarded Lastline, the technology behind AMD, a score of 100%
• Control Shadow IT and Secure Sanctioned Cloud Use – Organizations likely have a mix of sanctioned detection with ZERO False-Positives. While security is never a 100% guarantee, there is no stronger recommendation.
Cloud applications and other unsanctioned, Shadow IT applications. Forcepoint discovers and blocks (Centralized Cloud Workload Security concerns) Organizations are looking for a centralized platform that provides
unsanctioned applications and provides security controls for sanctioned cloud use. protection for SaaS, IaaS and PaaS. Forcepoint CASB provides a common, multimodal platform that provides malware
• Protect Every User, Anywhere – Forcepoint CASB is designed to protect users as they access cloud protection (see Zero-day Malware Detection above), privilege monitoring and other important features with a combination
applications on any device, from any location. Customers benefit through understanding user rhythm of (inline) proxy, agents and API’s. In addition to deep support of tier I SaaS applications like Salesforce.com, Office 365,
(behavior analysis) as they access data flowing through your cloud apps, from both managed and ServiceNow, Slack, and others, Forcepoint CASB has the architecture to support tier II niche cloud applications as well as
unmanaged devices. Extend existing insider threat programs to thecloud. custom applications deployed in Azure and AWS.

Copyright © 2018 Forcepoint – For Partner and Internal Use Only *Cloud applications are not simple web portals, wiki pages, or airline portals but SaaS productivity and file sharing applications.
 CASB Channel Pitch Card June 2018

CASB Related Offerings Sales Tools Case Studies

CASB add-ons Complimentary solutions
• Advanced Malware • Forcepoint DLP
Detection powered by • Forcepoint Web Security
Lastline. Technical Support
• Premium & Mission-
Critical plan options
• Customer Presentation, Brochures, Datasheets, Ebook
• White papers – On Shadow IT, ROI, Best Practices, etc.
• Webcasts – Safely Embrace Cloud
• Confidential Competitive Battle Cards – Proofpoint, Cisco
• Other: Security Labs blogs, podcasts, Security Predictions,
On-Demand eLearning library, etc.
Market Recognition
2016 Market Guide for Cloud Access Security
Brokers (listed as Imperva Skyfence)
2017 Best Cloud Computing Security Solution
finalist
• Undisclosed – Financial
“With Forcepoint CASB, Metro Bank colleagues can now securely access Office 365
and Yammer out of the office. Forcepoint CASB has given us the visibility and control
that we need in order to fully leverage the potential of cloud applications on mobile
devices.”
• Undisclosed – Global Airline
“We needed to hedge against the business risk of users and business lines taking up
cloud apps faster than IT could discover, monitor and protect them. We needed a
solution that automated the process and put us back in control – Forcepoint CASB
was the best solution to meet these goals.”
• Undisclosed – Business Consulting
“Forcepoint CASB starts with true visibility into the cloud. None of the other products
we reviewed came close.”

CASB Player Their Strengths Their Weaknesses How Forcepoint Wins

Netskope • Monitoring of both managed and • Netskope lacks monitoring capabilities for tier II and custom SaaS • Forcepoint CASB protects ANY cloud app and can usually add tier II or industry
unmanaged SaaS apps. applications. They offer broad yet shallow coverage of tier I apps. specific apps in a few hours.
• More application coverage of tier I • Aside from Salesforce, Netskope can only manage 50 user • Forcepoint CASB has more granular mapping of user actions than Netskope
apps activities for tier I SaaS apps. (compare Netskope 200 Salesforce activities to >2000 for Forcepoint CASB).
• Good Cloud DLP • Netskope has not invested in behavior analytics (UBA/UEBA). Forcepoint maps all user actions against the managed application.
• Netskope does not have a strategy for extending on premise DLP • Forcepoint CASB will introduce integrations with Forcepoint DLP in 2017.
policies to the cloud.
Microsoft Cloud • Positioning with Microsoft Office 365 • API only deployment means they will only work with small set of • Comprehensive cloud app coverage from a multimodal platform
App Security • CASB is bundled with SaaS apps, primarily focused on O365. • Strong BYOD device control
(Adallom) Microsoft Enterprise Mobility • Weak DLP capabilities • Strong cloud DLP
+ Security E5 • Not comprehensive - unlikely to support AWS usage • Forcepoint CASB activity monitoring and anomaly detection.
Symantec + Blue • Cloud DLP capability • No real-time coverage of mobile and desktop apps • Forcepoint CASB provides more granular activity monitoring and device controls
Coat + Elastica • Ability to extend existing (on premise) • Monitoring of any cloud app + modules than Symantec.
DLP policy to Cloud Apps. • Lacks device control • Forcepoint CASB protects ANY cloud app and can usually add tier 2 or industry
specific apps in a few hours.

Skyhigh • Encryption capabilities which Forrester
Wave for CSG weighted highly.
• Discovery capabilities and mindshare
in the CASB market
• Data-at-rest encryption can break cloud app functionality and the
industry is moving away from this approach towards BYOK.
• Securing mobile access to cloud apps. Skyhigh cannot support
mixed environments with managed and unmanaged use cases.
• Skyhigh lacks the industry leading advanced malware detection
solution that Forcepoint CASB and Forcepoint AMD provide.
• Forcepoint CASB provides more granular enablement and device controls (agentless
and agent) for Office 365 than Skyhigh.
• Skyhigh has very limited ability to prevent account takeovers. Forcepoint CASB with
UEBA excels here.
• Skyhigh lacks the industry leading advanced malware detection solution that
Forcepoint CASB and Forcepoint AMD provide.