In 2018, the top 10 CASB software vendors accounted for approximately 57% of the global Cloud Access Security Broker applications market which grew 34% to approach $2.1 billion.
Last year Symantec led the pack with 14.7% market share, while Microsoft was #2, followed by Forcepoint, Cisco and McAfee.
We ask the simple question: Who’s buying Cloud Access Security Broker (CASB) applications from whom and why? And we provide the answers – supported by decades of research – to our clients around the world. (Sample from our Apps Database)
Through our forecast period, the Cloud Access Security Broker (CASB) applications market size is expected to reach $15.7 billion by 2023, compared with $2.1 billion in 2018 at a compound annual growth rate of 49.0%.
| Exhibit 2: Worldwide Cloud Access Security Broker (CASB) Software Market 2018-2023 Forecast, $M | |||
|---|---|---|---|
| Year | 2018 | 2023 | 2018-2023 CAGR, % |
| Total | 2145 | 15728 | 49.0% |
Source: Apps Run The World, December 2019
Top 10 Cloud Access Security Broker (CASB) Software Vendors
Cloud Access Security Broker (CASB) eliminates cloud security issues by delivering a single solution to secure sensitive customer information across all cloud or on-prem applications. CASB acts as a gatekeeper, allowing organizations to extend the reach of their security policies beyond their own infrastructure. Cloud Access Brokers enforce a number of different security access controls, including encryption and device profiling. CASBs are particularly useful in organizations with shadow IT operations or liberal security policies that allow operating units to procure and manage their own cloud resources.
Here are the rankings of the top 10 Cloud Access Security Broker (CASB) software vendors in 2018 and their market shares.
| Rank | Vendor | 2017 Cloud Access Security Broker Apps Revenues, $M | 2018 Cloud Access Security Broker Apps Revenues, $M | YoY Growth, % | 2017 Cloud Access Security Broker Market Share, % | Recent Developments |
|---|---|---|---|---|---|---|
| 1 | Symantec CloudSOC Cloud Access Security Broker | Subscribe | Subscribe | 44,8% | Subscribe | Symantec unveiled Managed Cloud Defense and CloudSOC CASB offerings to provide greater protection for cloud applications and around-the-clock monitoring for cloud-based threats. |
| 2 | Microsoft Cloud App Security | Subscribe | Subscribe | 38,4% | Subscribe | The integration with Windows Defender ATP, extended the Discovery capabilities beyond customer’s corporate network. |
| 3 | Forcepoint Cloud Access Security Broker | Subscribe | Subscribe | 28,7% | Subscribe | Forcepoint acquired Skyfence CASB product from Imperva in 2017. |
| 4 | Cisco Cloudlock | Subscribe | Subscribe | 30,5% | Subscribe | Cisco acquired Cloudlock, extending its cloud security offerings. |
| 5 | McAfee MVISION Cloud | Subscribe | Subscribe | 26,5% | Subscribe | McAfee acquired Skyhigh Networks, securing its spot among top secure cloud applications vendors. |
| 6 | Oracle CASB | Subscribe | Subscribe | 38,1% | Subscribe | Oracle CASB automated capabilities for customers to monitor the security of their cloud infrastructure resources. |
| 7 | Palo Alto Networks Aperture | Subscribe | Subscribe | 33,3% | Subscribe | Palo Alto Networks acquired RedLock and integrated it with cloud workload protection capabilities from the Evident product line. |
| 8 | Proofpoint Cloud App Security Broker | Subscribe | Subscribe | 45,4% | Subscribe | Proofpoint CASB helps customers secure applications such as Microsoft Office 365, Google’s G Suite, Box, and more. |
| 9 | CipherCloud Cloud Security Broker (CSB) | Subscribe | Subscribe | 39,0% | Subscribe | CipherCloud Cloud Security Broker (CSB) eliminates cloud security issues by delivering a single solution to secure sensitive customer information across all cloud applications. |
| 10 | Netskope Security Cloud | Subscribe | Subscribe | 46,0% | Subscribe | Netskope extended its Infrastructure-as-a-Service (IaaS) security capabilities with continuous security assessment and monitoring capabilities for Google Cloud Platform (GCP). The enhancement builds on the company’s robust existing IaaS offerings. |
| Subtotal | Subscribe | Subscribe | 36,7% | Subscribe | ||
| Other | Subscribe | Subscribe | 30,7% | Subscribe | ||
| Total | Subscribe | Subscribe | 34,1% | Subscribe |
Source: Apps Run The World, December 2019
Other CASB software providers included in the report are: Avanan, BetterCloud Cloud Access Security Broker, Bitglass Cloud Access Security Broker (CASB), CensorNet Cloud Application Control (CAC), CyberArk, iboss, Jamcracker, Inc., ManagedMethods Cloud Access Monitor, Open Systems, Protegrity Cloud Gateway, Radware, Sangfor, Saviynt, Fortinet FortiCASB, StratoKey, SkyFormation, CloudCodes, Skyguard, and others.
Custom data cuts related to the Cloud Access Security Broker (CASB) market are available:
- Top 50+ CASB Vendors 2018
- 2018 CASB Market By Industry (21 Verticals)
- 2018 CASB Market By Country (USA + 45 countries)
- 2018 CASB Market By Region (Americas, EMEA, APAC)
- 2018 CASB Market By Revenue Type (License, Services, Hardware, Support and Maintenance, Cloud)
- 2018 CASB Market By Customer Size (revenue, employee count, asset)
- 2018 CASB Market By Channel (Direct vs Direct)
- 2018 CASB Market By Product
CASB Vendor Overview
Symantec
Symantec Corporation is a global leader in cybersecurity. The company provides cybersecurity products, services and solutions to more than 350,000 organizations and 50 million individuals worldwide. The Integrated Cyber Defense Platform helps enterprise, business and government customers unify cloud and on-premises security to protect against threats and safeguard information across every control point and attack vector.
Symantec’s Blue Coat acquisition in 2016 turned out to be a success as their Elastica CASB solution CloudSOC moved Symantec beyond its legacy antivirus business. CASB revenues for Symantec in 2018 accounted for an estimated $315 million, which represented only 6.5% of its 2018 revenue. Just for comparison the overall revenue increased 20.28% from 2017, while CASB revenue showed a significant 44.8% growth.
Symantec’s CASB solution, CloudSOC provides real-time traffic analysis of granular user activities, machine learning based threat detection, content classification for compliance and enforcement of data governance and account activity based security policies.
In February 2019, Symantec acquired Luminate Security, a privately held company with pioneering Software Defined Perimeter technology. Luminate’s Secure Access Cloud technology further extends the power of Symantec’s Integrated Cyber Defense Platform to users as they access workloads and applications regardless of where those workloads are deployed or what infrastructure they are accessed through.
The acquisition of Luminate continues Symantec’s strategy of acquiring and building best-of-breed security across its portfolio, with a particular focus on “born in the cloud, for the cloud” innovations. Symantec made first-mover acquisitions in CASB (cloud access security broker) and web isolation technologies and has delivered a broad set of cloud innovations and integrations across its entire portfolio.
Microsoft
Microsoft CASB solution is based on the Adallom Cloud Access Security Broker which was acquired in 2015. The product (Microsoft Cloud Application Security (MCAS)) is now integrated with other Microsoft solutions and forms part of Microsoft Enterprise Mobility + Security suite. The suite includes MCAS, Azure Active Directory, Azure Information Protection, Advanced Threat Protection, Advanced Threat Analytics, and Intune.
Thanks to the native integration with other Microsoft products, it is used by many Microsoft customers. This perhaps gives the Microsoft CASB product a somewhat captive audience. In the end, features that touch each of the four pillars of CASB contribute to growth of Microsoft Cloud App Security (MCAS).
Forcepoint
Forcepoint was formed in 2016 as a combination of Raytheon Cyber Products, Websense and Stonesoft organizations. The next year, it acquired the Skyfence CASB product and business from Imperva. Forcepoint enables better decision-making and more efficient security at the human point for more than 20,000 government organizations and enterprises worldwide with the help of the company’s security-based technologies. Forcepoint CASB has a worldwide presence with 50+ data center locations.
Forcepoint CASB provides visibility and control over both sanctioned and unsanctioned cloud apps. It also extends traditional cloud app discovery information by providing details on risk factors that are unique to the organization. These include visibility into dormant accounts, orphaned accounts and external accounts that present a variety of security risks.
Cisco Systems
In 2016, Cisco Systems acquired CloudLock. Cisco Cloudlock CASB platform integrates with other Cisco products and Secure Web Gateway technologies to defend against cyber-threats and implement security control across on-premises and cloud environments. Now it is part of a larger offering by the company called Umbrella. Besides Umbrella and Cloudlock, the offering includes Cisco Stealthwatch that helps to identify threat activity in public cloud infrastructure.
The approximate number of CloudLock customers is 700. This is a notable number for a product in the market which is fairly new and its target market remains enterprises with more than 1,000 employees.
Cisco Cloudlock is a cloud-native cloud access security broker (CASB), the solution uses advanced machine learning algorithms to detect anomalies based on multiple factors. The simple pricing model, which is appealing to the clients, is based on number of applications and number of users.
McAfee MVISION Cloud
McAfee provides advanced security solutions to consumers, small and large businesses, enterprises, and governments. Security technologies from McAfee use a unique, predictive capability that is powered by McAfee Global Threat Intelligence, which enables home users and businesses to stay one step ahead of the next wave of, viruses, malware, and other online threats.
Recently, McAfee stepped up its push into the CASB market with the acquisition of Skyhigh Networks, which already had a strong customer base. Since the product is selling under the McAfee MVISION Cloud. McAfee Security Cloud was one of the first CASB products to raise awareness of shadow IT. Over time, the product expanded to provide thorough coverage of all four CASB pillars across a broad range of cloud services and now includes significant CSPM capabilities.
In August 2019, McAfee acquired NanoSec, a multi-cloud, zero-trust application and security platform. The acquisition will enable organizations to improve governance and compliance and to reduce risk of their cloud and container deployments. NanoSec will strengthen the container security capabilities of McAfee MVISION Cloud and MVISION Server Protection products, giving its customers the ability to speed up application delivery while enhancing governance, compliance and security of their hybrid, multi-cloud deployments. NanoSec’s security capabilities will be applied to applications and workloads deployed in containers and Kubernetes and will be integrated into McAfee MVISION Cloud and MVISION Server Protection offerings.
Oracle
In September 2016 Oracle acquired Palerra to enter into the CASB market. Since then Oracle has invested significantly in Oracle CASB Cloud Service, which was formerly called Palerra LORIC, by adding DLP and malware scanning, forward and reverse proxy deployment topologies, in conjunction with strong integration with Oracle’s Identity SOC that was an early entrant into this market and has a mature product with a strong and still growing user base.
The user behavior analytics features in Oracle CASB incorporate data from access and in-application activity, support threat intelligence feeds, and provide threat modeling to assist with threat detection. Oracle CASB offers features that allow organizations to centrally control the native security configurations of SaaS applications and IaaS consoles. Oracle CASB is delivered as SaaS or sold through a managed security service provider.
Palo Alto Networks
Palo Alto Networks acquired CirroSecure in 2015, which was later launched as Aperture after integration into the Palo Alto Networks Security Operating Platform which added to the Palo Alto Networks Next-Generation Security Platform. Their platform’s CASB capabilities were extended in 2017 to include forward and reverse proxy CASB capabilities through its GlobalProtect cloud service.
The intended market for Aperture is existing Palo Alto Networks customers seeking cloud visibility and governance not available through Palo Alto Networks’ firewall alone. For Shadow IT Palo Alto Networks GlobalProtect cloud service and Next-Generation Firewall provide inline capabilities to detect, monitor and report on access to and risk of a range of external cloud services and applications. Aperture extends these capabilities via SaaS provider APIs to provide visibility and enforcement across all user, folder and file activity for sanctioned cloud apps.
Proofpoint
In late 2016 Proofpoint acquired FireLayers, an Israeli company with a solid CASB product, enriching the Proofpoint Nexus platform. After the acquisition, Proofpoint continued to evolve the product, adding capabilities for improved DLP, advanced threat detection, threat intelligence, and built-in two-factor authentication.
Proofpoint has a large installed base for its email security product, the target market for Proofpoint’s CASB is as an add-on for its installed base plus net new customers. The CASB provides insight into cloud usage at global, app, and user level.
In May 2019, Proofpoint acquired Meta Networks, an innovator in zero trust network access (ZTNA). With this acquisition, Proofpoint will strengthen its cloud-based architecture and people-centric security platform, enabling customers to better protect their people and the applications and data they access beyond the traditional perimeter. Proofpoint intends to integrate Meta Networks’ ZTNA technology with its cloud access security broker (CASB) and web isolation product lines to offer customers a comprehensive cloud access and security platform.
Later in November 2019, Proofpoint acquired ObserveIT, the insider threat management platform. With this acquisition, Proofpoint will extend its data loss prevention (DLP) capabilities with endpoint joining email, CASB, and data-at-rest to form an enhanced enterprise DLP offering.
CipherCloud Cloud Security Broker (CSB)
CipherCloud was founded in 2010 with a focus on enabling enterprises in a wide range of private and public sectors to secure their data and adopt the use of cloud services with confidence and compliance. The CASB solution was an early entrant in the Cloud Access Security Broker market with a thriving customer base.
CipherCloud initially emphasized field-level encryption and tokenization of structured data in popular enterprise cloud services via an on-premises gateway. Since then, it has added more cloud-based visibility and control of a broader set of SaaS applications that process and store both structured and unstructured data.
In March 2019, CipherCloud launched its new Secure SaaS Workspace solution as part of its CASB+ platform. CipherCloud’s new solution leverages contextual and behavior analytics, integrated with identity and mobile security, to secure user access to data in any enterprise cloud application, extending the enterprise security controls all the way to the cloud data on the user devices. This solution eliminates the need to route SaaS access back through the enterprise’s infrastructure, simplifying and streamlining secure access to cloud applications.
Netskope Security Cloud
Netskope was founded in 2012 and it began selling the CASB product in 2013. Netskope Security Cloud uses a patented technology called Netskope Cloud XD. It is intended to target and control activities across both SaaS and IaaS cloud services as well as websites.
In 2017, Netskope added features that include better user behavior analytics and alerting including in SaaS applications. They also provide a DLP engine and this is a key feature desired by many enterprises. It supports 22,000 cloud services from sanctioned services like Office365 and Box to unsanctioned ones like DocuSign. The target market for Netskope Security Cloud are enterprises, the number of customers is approximately 400.
Cloud Access Security Broker (CASB) Win/Loss Analysis As Part Of Enterprise Applications Buyer Insight Customer Database
On the buyer side, customers are investing in Cloud Access Security Broker (CASB) systems based on new features and capabilities that are expected to replace their existing legacy systems. In many cases, competitive upgrades and replacements that could have a profound impact on future market-share changes will become more widespread.
Since 2010, our global team of researchers have been studying the patterns of the latest Cloud Access Security Broker (CASB) software purchases by customers around the world, aggregating massive amounts of data points that form the basis of our forecast assumptions and perhaps the rise and fall of certain vendors and their products on a quarterly basis.
Updated continuously, our database features extensive Cloud Access Security Broker (CASB) win/loss analysis. Each quarter our research team identifies tens of thousands of these Cloud Access Security Broker (CASB) customer wins and losses from public and proprietary sources.
The research results are being incorporated into regular updates in our Enterprise Applications Buyer Insight Customer Database. You can access the Cloud Access Security Broker (CASB) Quarterly Win/Loss Analysis Scoreboard and our Enterprise Applications Buyer Insight Customer Database by becoming a subscriber.
List of CASB Customers
Source: Apps Run The World, December 2019
Further Readings
An expanded version of this report covers the top 50+ Cloud Access Security Broker (CASB) software vendors, offering in-depth analysis of the market dynamics, vendors’ Strengths, Customers, Opportunities, Risks and Ecosystems as well as their ability to gain Shares (SCORES) within their respective space.
We also offer win-loss analysis of the quarterly wins of these top 10 Cloud Access Security Broker (CASB) software vendors and whether incumbents and upstarts pose any real threat to their standing amid shifting market requirements and user preferences.
More Enterprise Applications Research Findings
Based on the latest annual survey of 3,000+ enterprise software vendors, Apps Run The World is releasing a number of dedicated reports, which profile the world’s 500 largest Enterprise Applications Vendors (Apps Top 500) and the world’s 500 largest Cloud Applications Vendors (Cloud Top 500) ranked by their 2015-2018 product revenues.
Their 2018 results are being broken down, sorted and ranked across 16 functional areas (from Analytics and BI to Treasury and Risk Management) and by 21 vertical industries (from Aerospace to Utility), as shown in our Taxonomy. Further breakdowns by subvertical, country, company size, etc. are available as custom data cuts per special request.
Research Methodology
Each year our global team of researchers conduct an annual survey of thousands of enterprise software vendors by contacting them directly on their latest quarterly and annual revenues by country, functional area, and vertical market.
We supplement their written responses with our own primary research to determine quarterly and yearly growth rates, In addition to customer wins to ascertain whether these are net new purchases or expansions of existing implementations.
Another dimension of our proactive research process is through continuous improvement of our customer database, which stores more than one million records on the enterprise software landscape of over 100,000 organizations around the world.
The database provides customer insight and contextual information on what types of enterprise software systems and other relevant technologies are they running and their propensity to invest further with their current or new suppliers as part of their overall IT transformation projects to stay competitive, fend off threats from disruptive forces, or comply with internal mandates to improve overall enterprise efficiency.
The result is a combination of supply-side data and demand-generation customer insight that allows our clients to better position themselves in anticipation of the next wave that will reshape the enterprise software marketplace for years to come.
