In 2018, the top 10 CASB software vendors accounted for approximately 57% of the global Cloud Access Security Broker applications market which grew 34% to approach $2.1 billion. 

Last year Symantec led the pack with 14.7% market share, while Microsoft was #2, followed by Forcepoint, Cisco and McAfee.

We ask the simple question: Who’s buying Cloud Access Security Broker (CASB) applications from whom and why? And we provide the answers – supported by decades of research – to our clients around the world. (Sample from our Apps Database)

Exhibit 1: 2018 Cloud Access Security Broker (CASB) Applications Market Shares Split By Top 10 Cloud Access Security Broker (CASB) Vendors and others, %
Exhibit 1: 2018 Cloud Access Security Broker (CASB) Applications Market Shares Split By Top 10 Cloud Access Security Broker (CASB) Vendors and others, %

Through our forecast period, the Cloud Access Security Broker (CASB) applications market size is expected to reach $15.7 billion by 2023, compared with $2.1 billion in 2018 at a compound annual growth rate of 49.0%.

Exhibit 2: Worldwide Cloud Access Security Broker (CASB) Software Market 2018-2023 Forecast, $M
Year201820232018-2023 CAGR, %
Total21451572849.0%

Source: Apps Run The World, December 2019

Top 10 Cloud Access Security Broker (CASB) Software Vendors

Cloud Access Security Broker (CASB) eliminates cloud security issues by delivering a single solution to secure sensitive customer information across all cloud or on-prem applications. CASB acts as a gatekeeper, allowing organizations to extend the reach of their security policies beyond their own infrastructure. Cloud Access Brokers enforce a number of different security access controls, including encryption and device profiling. CASBs are particularly useful in organizations with shadow IT operations or liberal security policies that allow operating units to procure and manage their own cloud resources.

Here are the rankings of the top 10 Cloud Access Security Broker (CASB) software vendors in 2018 and their market shares.

RankVendor2017 Cloud Access Security Broker Apps Revenues, $M2018 Cloud Access Security Broker Apps Revenues, $MYoY Growth, %2017 Cloud Access Security Broker Market Share, %Recent Developments
1Symantec CloudSOC Cloud Access Security Broker Subscribe Subscribe44,8% SubscribeSymantec unveiled Managed Cloud Defense and CloudSOC CASB offerings to provide greater protection for cloud applications and around-the-clock monitoring for cloud-based threats.
2Microsoft Cloud App Security Subscribe Subscribe38,4% SubscribeThe integration with Windows Defender ATP, extended the Discovery capabilities beyond customer’s corporate network.
3Forcepoint Cloud Access Security Broker Subscribe Subscribe28,7% SubscribeForcepoint acquired Skyfence CASB product from Imperva in 2017.
4Cisco Cloudlock Subscribe Subscribe30,5% SubscribeCisco acquired Cloudlock, extending its cloud security offerings.
5McAfee MVISION Cloud  Subscribe Subscribe26,5% SubscribeMcAfee acquired Skyhigh Networks, securing its spot among top secure cloud applications vendors.
6Oracle CASB Subscribe Subscribe38,1% SubscribeOracle CASB automated capabilities for customers to monitor the security of their cloud infrastructure resources.
7Palo Alto Networks Aperture Subscribe Subscribe33,3% SubscribePalo Alto Networks acquired RedLock and integrated it with cloud workload protection capabilities from the Evident product line.
8Proofpoint Cloud App Security Broker Subscribe Subscribe45,4% SubscribeProofpoint CASB helps customers secure applications such as Microsoft Office 365, Google’s G Suite, Box, and more.
9CipherCloud Cloud Security Broker (CSB) Subscribe Subscribe39,0% SubscribeCipherCloud Cloud Security Broker (CSB) eliminates cloud security issues by delivering a single solution to secure sensitive customer information across all cloud applications.
10Netskope Security Cloud Subscribe Subscribe46,0% SubscribeNetskope extended its Infrastructure-as-a-Service (IaaS) security capabilities with continuous security assessment and monitoring capabilities for Google Cloud Platform (GCP). The enhancement builds on the company’s robust existing IaaS offerings.
 Subtotal Subscribe Subscribe36,7% Subscribe 
 Other Subscribe Subscribe30,7% Subscribe 
 Total Subscribe Subscribe34,1% Subscribe 

Source: Apps Run The World, December 2019

Other CASB software providers included in the report are: Avanan, BetterCloud Cloud Access Security Broker, Bitglass Cloud Access Security Broker (CASB), CensorNet Cloud Application Control (CAC), CyberArk, iboss, Jamcracker, Inc., ManagedMethods Cloud Access Monitor, Open Systems, Protegrity Cloud Gateway, Radware, Sangfor, Saviynt, Fortinet FortiCASB, StratoKey, SkyFormation, CloudCodes, Skyguard, and others.

Custom data cuts related to the Cloud Access Security Broker (CASB) market are available:

  • Top 50+ CASB Vendors 2018
  • 2018 CASB Market By Industry (21 Verticals)
  • 2018 CASB Market By Country (USA + 45 countries)
  • 2018 CASB Market By Region (Americas, EMEA, APAC)
  • 2018 CASB Market By Revenue Type (License, Services, Hardware, Support and Maintenance, Cloud)
  • 2018 CASB Market By Customer Size (revenue, employee count, asset)
  • 2018 CASB Market By Channel (Direct vs Direct)
  • 2018 CASB Market By Product

CASB Vendor Overview

Symantec

Symantec Corporation is a global leader in cybersecurity. The company provides cybersecurity products, services and solutions to more than 350,000 organizations and 50 million individuals worldwide. The Integrated Cyber Defense Platform helps enterprise, business and government customers unify cloud and on-premises security to protect against threats and safeguard information across every control point and attack vector.

Symantec’s Blue Coat acquisition in 2016 turned out to be a success as their Elastica CASB solution CloudSOC moved Symantec beyond its legacy antivirus business. CASB revenues for Symantec in 2018 accounted for an estimated $315 million, which represented only 6.5% of its 2018 revenue. Just for comparison the overall revenue increased 20.28% from 2017, while CASB revenue showed a significant 44.8% growth. 

Symantec’s CASB solution, CloudSOC provides real-time traffic analysis of granular user activities, machine learning based threat detection, content classification for compliance and enforcement of data governance and account activity based security policies.

In February 2019, Symantec acquired Luminate Security, a privately held company with pioneering Software Defined Perimeter technology. Luminate’s Secure Access Cloud technology further extends the power of Symantec’s Integrated Cyber Defense Platform to users as they access workloads and applications regardless of where those workloads are deployed or what infrastructure they are accessed through.

The acquisition of Luminate continues Symantec’s strategy of acquiring and building best-of-breed security across its portfolio, with a particular focus on “born in the cloud, for the cloud” innovations. Symantec made first-mover acquisitions in CASB (cloud access security broker) and web isolation technologies and has delivered a broad set of cloud innovations and integrations across its entire portfolio.

Microsoft

Microsoft CASB solution is based on the Adallom Cloud Access Security Broker which was acquired in 2015. The product (Microsoft Cloud Application Security (MCAS)) is now integrated with other Microsoft solutions and forms part of Microsoft Enterprise Mobility + Security suite. The suite includes MCAS, Azure Active Directory, Azure Information Protection, Advanced Threat Protection, Advanced Threat Analytics, and Intune. 

Thanks to the native integration with other Microsoft products, it is used by many Microsoft customers. This perhaps gives the Microsoft CASB product a somewhat captive audience. In the end, features that touch each of the four pillars of CASB contribute to growth of  Microsoft Cloud App Security (MCAS). 

Forcepoint 

Forcepoint was formed in 2016 as a combination of Raytheon Cyber Products, Websense and Stonesoft organizations. The next year, it acquired the Skyfence CASB product and business from Imperva. Forcepoint enables better decision-making and more efficient security at the human point for more than 20,000 government organizations and enterprises worldwide with the help of the company’s security-based technologies. Forcepoint CASB has a worldwide presence with 50+ data center locations.

Forcepoint CASB provides visibility and control over both sanctioned and unsanctioned cloud apps. It also extends traditional cloud app discovery information by providing details on risk factors that are unique to the organization. These include visibility into dormant accounts, orphaned accounts and external accounts that present a variety of security risks.

Cisco Systems

In 2016, Cisco Systems acquired CloudLock. Cisco Cloudlock CASB platform integrates with other Cisco products and Secure Web Gateway technologies to defend against cyber-threats and implement security control across on-premises and cloud environments. Now it is part of a larger offering by the company called Umbrella. Besides Umbrella and Cloudlock, the offering includes Cisco Stealthwatch that helps to identify threat activity in public cloud infrastructure. 

The approximate number of  CloudLock customers is 700. This is a notable number for a product in the market which is fairly new and its target market remains enterprises with more than 1,000 employees.  

Cisco Cloudlock is a cloud-native cloud access security broker (CASB), the solution uses advanced machine learning algorithms to detect anomalies based on multiple factors. The simple pricing model, which is appealing to the clients, is based on number of applications and  number of users.  

McAfee MVISION Cloud

McAfee provides advanced security solutions to consumers, small and large businesses, enterprises, and governments. Security technologies from McAfee use a unique, predictive capability that is powered by McAfee Global Threat Intelligence, which enables home users and businesses to stay one step ahead of the next wave of, viruses, malware, and other online threats.

Recently, McAfee stepped up its push into the CASB market with the acquisition of Skyhigh Networks, which already had a strong customer base. Since the product is selling under the McAfee MVISION Cloud. McAfee Security Cloud was one of the first CASB products to raise awareness of shadow IT. Over time, the product expanded to provide thorough coverage of all four CASB pillars across a broad range of cloud services and now includes significant CSPM capabilities.  

In August 2019, McAfee acquired NanoSec, a multi-cloud, zero-trust application and security platform. The acquisition will enable organizations to improve governance and compliance and to reduce risk of their cloud and container deployments. NanoSec will strengthen the container security capabilities of McAfee MVISION Cloud and MVISION Server Protection products, giving its customers the ability to speed up application delivery while enhancing governance, compliance and security of their hybrid, multi-cloud deployments. NanoSec’s security capabilities will be applied to applications and workloads deployed in containers and Kubernetes and will be integrated into McAfee MVISION Cloud and MVISION Server Protection offerings.

Oracle

In September 2016 Oracle acquired Palerra to enter into the CASB market. Since then Oracle has invested significantly in Oracle CASB Cloud Service, which was formerly called Palerra LORIC, by adding DLP and malware scanning, forward and reverse proxy deployment topologies, in conjunction with strong integration with Oracle’s Identity SOC that was an early entrant into this market and has a mature product with a strong and still growing user base. 

The user behavior analytics features in Oracle CASB incorporate data from access and in-application activity, support threat intelligence feeds, and provide threat modeling to assist with threat detection. Oracle CASB offers features that allow organizations to centrally control the native security configurations of SaaS applications and IaaS consoles. Oracle CASB is delivered as SaaS or sold through a managed security service provider.

Palo Alto Networks

Palo Alto Networks acquired CirroSecure in 2015, which was later launched as Aperture after integration into the Palo Alto Networks Security Operating Platform which added to the Palo Alto Networks Next-Generation Security Platform. Their platform’s CASB capabilities were extended in 2017 to include forward and reverse proxy CASB capabilities through its GlobalProtect cloud service.

The intended market for Aperture is existing Palo Alto Networks customers seeking cloud visibility and governance not available through Palo Alto Networks’ firewall alone. For Shadow IT Palo Alto Networks GlobalProtect cloud service and Next-Generation Firewall provide inline capabilities to detect, monitor and report on access to and risk of a range of external cloud services and applications. Aperture extends these capabilities via SaaS provider APIs to provide visibility and enforcement across all user, folder and file activity for sanctioned cloud apps. 

Proofpoint

In late 2016 Proofpoint acquired FireLayers, an Israeli company with a solid CASB product, enriching the Proofpoint Nexus platform. After the acquisition, Proofpoint continued to evolve the product, adding capabilities for improved DLP, advanced threat detection, threat intelligence, and built-in two-factor authentication.

Proofpoint has a large installed base for its email security product, the target market for Proofpoint’s CASB is as an add-on for its installed base plus net new customers. The CASB provides insight into cloud usage at global, app, and user level.

In May 2019, Proofpoint acquired Meta Networks, an innovator in zero trust network access (ZTNA). With this acquisition, Proofpoint will strengthen its cloud-based architecture and people-centric security platform, enabling customers to better protect their people and the applications and data they access beyond the traditional perimeter. Proofpoint intends to integrate Meta Networks’ ZTNA technology with its cloud access security broker (CASB) and web isolation product lines to offer customers a comprehensive cloud access and security platform.

Later in November 2019, Proofpoint acquired ObserveIT, the insider threat management platform. With this acquisition, Proofpoint will extend its data loss prevention (DLP) capabilities with endpoint joining email, CASB, and data-at-rest to form an enhanced enterprise DLP offering.

CipherCloud Cloud Security Broker (CSB)

CipherCloud was founded in 2010 with a focus on enabling enterprises in a wide range of private and public sectors to secure their data and adopt the use of cloud services with confidence and compliance. The CASB solution was an early entrant in the Cloud Access Security Broker market with a thriving customer base.

CipherCloud initially emphasized field-level encryption and tokenization of structured data in popular enterprise cloud services via an on-premises gateway. Since then, it has added more cloud-based visibility and control of a broader set of SaaS applications that process and store both structured and unstructured data.  

In March 2019, CipherCloud launched its new Secure SaaS Workspace solution as part of its CASB+ platform. CipherCloud’s new solution leverages contextual and behavior analytics, integrated with identity and mobile security, to secure user access to data in any enterprise cloud application, extending the enterprise security controls all the way to the cloud data on the user devices. This solution eliminates the need to route SaaS access back through the enterprise’s infrastructure, simplifying and streamlining secure access to cloud applications.

Netskope Security Cloud

Netskope was founded in 2012 and it began selling the CASB product in 2013. Netskope Security Cloud uses a patented technology called Netskope Cloud XD. It is intended to target and control activities across both SaaS and IaaS cloud services as well as websites.

In 2017, Netskope added features that include better user behavior analytics and alerting including in SaaS applications. They also provide a DLP engine and this is a key feature desired by many enterprises. It supports 22,000 cloud services from sanctioned services like Office365 and Box to unsanctioned ones like DocuSign. The target market for Netskope Security Cloud are enterprises, the number of customers is approximately 400.

Cloud Access Security Broker (CASB) Win/Loss Analysis As Part Of Enterprise Applications Buyer Insight Customer Database

On the buyer side, customers are investing in Cloud Access Security Broker (CASB) systems based on new features and capabilities that are expected to replace their existing legacy systems. In many cases, competitive upgrades and replacements that could have a profound impact on future market-share changes will become more widespread.

Since 2010, our global team of researchers have been studying the patterns of the latest Cloud Access Security Broker (CASB) software purchases by customers around the world, aggregating massive amounts of data points that form the basis of our forecast assumptions and perhaps the rise and fall of certain vendors and their products on a quarterly basis.

Updated continuously, our database features extensive Cloud Access Security Broker (CASB) win/loss analysis. Each quarter our research team identifies tens of thousands of these Cloud Access Security Broker (CASB) customer wins and losses from public and proprietary sources.

The research results are being incorporated into regular updates in our Enterprise Applications Buyer Insight Customer Database. You can access the Cloud Access Security Broker (CASB) Quarterly Win/Loss Analysis Scoreboard and our Enterprise Applications Buyer Insight Customer Database by becoming a subscriber.

List of CASB Customers

 

CustomerIndustryEmpl.RevenueCountryVendorNew Product
Eli Lilly and CompanyLife sciences41275$19.96BUnited StatesSymantecSymantec CloudSOC
Globe TelecomCommunications7737$2.45BPhilippinesSymantecSymantec CloudSOC
Nationwide InsuranceBanking and Financial Services35000$25.91BUnited StatesSymantecSymantec CloudSOC
The Depository Trust & Clearing CorporationBanking and Financial Services3000$1.70BUnited StatesSymantecSymantec CloudSOC
AccentureProfessional Services449000$34.85BIrelandMicrosoftMicrosoft Cloud App Security
BPOil, Gas and Chemicals74500$240.20BUnited StatesMicrosoftMicrosoft Cloud App Security
HS1 LimitedTransportation1000$407.0MUnited KingdomMicrosoftMicrosoft Cloud App Security
Kodak AlarisManufacturing3400$1.20BUnited StatesMicrosoftMicrosoft Cloud App Security
London Business SchoolEducation801$198.0MUnited KingdomMicrosoftMicrosoft Cloud App Security
MSC Technology North AmericaTransportation400$170.0MUnited StatesMicrosoftMicrosoft Cloud App Security
Qatar Gas Transport CompanyTransportation5000$850.0MQatarMicrosoftMicrosoft Cloud App Security
CDW CorporationProfessional Services8787$13.98BUSAForcepointForcepoint CASB
Metro BankBanking and Financial Services1100$120.0MUKForcepointForcepoint CASB
Minda CorpManufacturing1300$371.0MIndiaForcepointForcepoint CASB
Pegasus AirlinesTransportation5200$890.0MTurkeyForcepointForcepoint CASB
TechValidate SoftwareProfessional Services50$4.0MUnited StatesForcepointForcepoint CASB
AetnaInsurance50100$61.50BUSAMcAfeeMcAfee MVISION Cloud
DuPontLife Sciences52000$25.27BUSAMcAfeeMcAfee MVISION Cloud
HoneywellManufacturing129000$39.30BUSAMcAfeeMcAfee MVISION Cloud
Molina HealthcareHealthcare21000$14.18BUSAMcAfeeMcAfee MVISION Cloud
Western UnionBanking and Financial Services10000$5.50BUSAMcAfeeMcAfee MVISION Cloud
Marlette FundingBanking and Financial Services150$21.0MUnited StatesOracleOracle CASB Cloud Service
Outsourcing Inc.Professional Services60219$1.23BJapanOracleOracle CASB Cloud Service
UBI BancaBanking and Financial Services22000$2.60BItalyOracleOracle CASB Cloud Service
WIND HellasCommunications1200$4.50BGreeceOracleOracle CASB Cloud Service
AMAG PharmaceuticalsLife Sciences600$80.0MUnited StatesCisco SystemsCisco Cloudlock
ClouderaProfessional Services2500$850.0MUSACisco SystemsCisco Cloudlock
Essilor USARetail10000$1.00BUnited StatesCisco SystemsCisco Cloudlock
Ford Motor CompanyAutomotive202000$156.78BUSACisco SystemsCisco Cloudlock
LB HilingdonGovernment1300$300.0MUnited KingdomCisco SystemsCisco Cloudlock
Oakland Unified School DistrictEducation2332$652.0MUSACisco SystemsCisco Cloudlock
The GuardianMedia2400$322.0MUnited KingdomCisco SystemsCisco Cloudlock
University of OklahomaEducation5500$960.0MUSACisco SystemsCisco Cloudlock
Alternative Experts, LLCProfessional Services100$10.0MUnited StatesAvananAvanan CASB
Capital CaringHealthcare800$100.0MUnited StatesAvananAvanan CASB
ServiceSourceProfessional Services3145$252.0MUSAAvananAvanan CASB
Accell GroupManufacturing3000$1.22BNetherlandsNetskopeNetskope CASB
Berkshire BankBanking and Financial Services1992$1.16BUnited StatesNetskopeNetskope CASB
City of San DiegoGovernment11000$700.0MUnited StatesNetskopeNetskope CASB
Genomic HealthProfessional Services863$340.0MUSANetskopeNetskope CASB
MaRS Dicovery DistrictProfessional Services400$37.0MCanadaNetskopeNetskope CASB
NunaHealthcare150$12.0MUnited StatesNetskopeNetskope CASB
Oak Hill AdvisorsBanking and Financial Services290$30.0MUnited StatesNetskopeNetskope CASB
The Dana FoundationNon Profit40$6.0MUnited StatesNetskopeNetskope CASB
TripwireProfessional Services450$200.0MUnited StatesNetskopeNetskope CASB
American ExteriorsConstruction and Real Estate300$28.0MUnited StatesManagedMethodsManagedMethods CASB Solution
Bremerton School DistrictEducation800$130.0MUnited StatesManagedMethodsManagedMethods CASB Solution
City of ArvadaGovernment700$92.0MUnited StatesManagedMethodsManagedMethods CASB Solution
Education Service Center Region 12Education200$45.0MUnited StatesManagedMethodsManagedMethods CASB Solution
Troy Independent School DistrictEducation180$33.0MUnited StatesManagedMethodsManagedMethods CASB Solution
John Muir HealthLeisure and Hospitality9000$1.57BUSABitglassBitglass Next-Gen CASB
Northwestern UniversityEducation3334$2.20BUSABitglassBitglass Next-Gen CASB
NtooitiveProfessional Services30$3.0MUnited StatesBitglassBitglass Next-Gen CASB
Richard Fleischman & Associates (RFA)Professional Services300$22.0MUnited StatesBitglassBitglass Next-Gen CASB

Source: Apps Run The World, December 2019

Further Readings

An expanded version of this report covers the top 50+ Cloud Access Security Broker (CASB) software vendors, offering in-depth analysis of the market dynamics, vendors’ Strengths, Customers, Opportunities, Risks and Ecosystems as well as their ability to gain Shares (SCORES) within their respective space.

We also offer win-loss analysis of the quarterly wins of these top 10 Cloud Access Security Broker (CASB) software vendors and whether incumbents and upstarts pose any real threat to their standing amid shifting market requirements and user preferences.

More Enterprise Applications Research Findings

Based on the latest annual survey of 3,000+ enterprise software vendors, Apps Run The World is releasing a number of dedicated reports, which profile the world’s 500 largest Enterprise Applications Vendors (Apps Top 500) and the world’s 500 largest Cloud Applications Vendors (Cloud Top 500) ranked by their 2015-2018 product revenues.

Their 2018 results are being broken down, sorted and ranked across 16 functional areas (from Analytics and BI to Treasury and Risk Management) and by 21 vertical industries (from Aerospace to Utility), as shown in our Taxonomy. Further breakdowns by subvertical, country, company size, etc. are available as custom data cuts per special request.

Research Methodology

Each year our global team of researchers conduct an annual survey of thousands of enterprise software vendors by contacting them directly on their latest quarterly and annual revenues by country, functional area, and vertical market.

We supplement their written responses with our own primary research to determine quarterly and yearly growth rates, In addition to customer wins to ascertain whether these are net new purchases or expansions of existing implementations.

Another dimension of our proactive research process is through continuous improvement of our customer database, which stores more than one million records on the enterprise software landscape of over 100,000 organizations around the world.

The database provides customer insight and contextual information on what types of enterprise software systems and other relevant technologies are they running and their propensity to invest further with their current or new suppliers as part of their overall IT transformation projects to stay competitive, fend off threats from disruptive forces, or comply with internal mandates to improve overall enterprise efficiency.

The result is a combination of supply-side data and demand-generation customer insight that allows our clients to better position themselves in anticipation of the next wave that will reshape the enterprise software marketplace for years to come.