The move extends Masergy’s cloud security capabilities to cover companies’ software-as-a-service (SaaS) security risks. It already offered managed security services across infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS).
Gartner, which coined the term CASB, called it “the fastest growing security category ever.” The firm predicts that by 2020, 60 percent of large enterprises will use a CASB to govern cloud services, up from less than 10 percent in 2017. It also estimates that CASB budgets will be 7 percent to 13 percent of enterprise SaaS spend.
CASB software sits between cloud-service consumers and cloud-service providers. It enforces security and governance policies for cloud applications, allowing companies to extend their on-premises policies to the cloud.
It gives companies visibility into and control over the applications their employees use. But it also requires a staff of security analysts to monitor and respond to the threat detection and response technology. Many companies don’t have enough skilled professionals on site to fill this need.
“CASB is a great security tool, but it must be properly configured and monitored continuously,” said Jay Barbour, Masergy’s director of security protection management. “Because of the nature of these alerts, particularly around threat detection, you need someone there, performing real-time triaging of these alerts. That’s why the 24-7 monitoring is critical.”
That’s where Masergy comes in. It provides the machine-learning analytics on top of Bitglass’ CASB technology. It also provides continuous monitoring and response from its security operation centers (SOCs).
“It’s particularly attractive to mid-sized enterprises that are more constrained for IT,” Barbour said, adding that he’s unaware of any other managed service providers that offer managed CASB. “This is a turnkey service. Bitglass will deploy it, our security team will configure the security policies and do the monitoring in real time. It’s a very fast time to value.”
Managed CASB is part two of Masergy’s cloud security strategy. Part one tackled IaaS and PaaS security with Masergy’s Cloud Workload Protection managed service, using CloudPassage technology. Both managed security services now sit under Masergy’s Unified Enterprise Security Managed Detection and Response (MDR) platform.
The new CASB managed service also integrates with Netskope’s and McAfee Skyhigh’s CASB technology. In fact, Masergy tested both of those companies’ offerings before choosing Bitglass. “Netskope and Skyhigh are fantastic solutions, but tend to be a little more complex to deploy and they are more expensive as well,” Barbour said.
In addition to the ease of deployment, Masergy also chose Bitglass for its cloud visibility and discovery capabilities, as well as its integrated identity management and user and entity behavior analytics (UEBA).
It also provides Zero-Day agentless protection of corporate data on any device without installing agents or mobile device management (MDM) profiles. “So you’re getting an MDM-like capability with Bitglass,” Barbour said.
“Our team quickly realized there’s a strong detection and response capability with CASB. It really fits into our whole Managed Detection and Response platform mission,” Barbour said. “CASB is not something that a managed service provider can go build themselves — there’s only a handful of CASB vendors that can do that. It’s also why we’re seeing the CASB vendors getting snapped up.” He’s referring to the swarm of recent mergers and acquisitions in the space.
Symantec acquired its CASB technology from Blue Coat in 2016. Shortly after that Cisco acquired CASB vendor Cloudlock.
Bitglass, the sole “visionary” in Gartner’s Magic Quadrant, last year announced a $45 million Series C round, bringing its total funding to $80 million.