[1] A CASB can offer services such as monitoring user activity, warning administrators about potentially hazardous actions, enforcing security policy compliance, and automatically preventing malware.
Example security policies include authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention and so on.
CASBs that deliver security must be in the path of data access, between the user and the cloud provider.
Agentless CASBs allow for rapid deployment and deliver security on both company-managed and unmanaged BYOD devices.
Agentless CASB also respect user privacy, inspecting only corporate data.