CASB and SSPM CSPM Overview

# CASB and SSPM/CSPM Overview One-sentence definition: Tools providing visibility and control over SaaS (CASB/SSPM) and cloud infrastructure (CSPM) configurations and data flows. ## Key Facts - CASB: shadow IT discovery, DLP, access policies, tokenization for SaaS. - SSPM: deep config posture for specific SaaS (permissions, sharing). - CSPM: misconfig detection in IaaS (storage, network, IAM). - Integrations: SIEM/SOAR for alerting/response, identity for context. - Complement—not replace—secure design and governance. - **Verify:** check official (ISC)² CBK and current exam outline. ## Exam Relevance - Pick the right tool category for a cloud data risk. **Mnemonic:** “CASB = SaaS guard; CSPM = Cloud posture.” ## Mini Scenario Q: Publicly exposed cloud storage detected—tool? A: CSPM. ## Revision Checklist - Differentiate CASB vs SSPM vs CSPM. - Name two capabilities per tool. - Tie outputs to remediation. ## Related [[Cloud Data Protection (SaaS, PaaS, IaaS)]] · [[Data Loss Prevention (DLP)]] · [[Data Inventory and Asset Register]] · [[Access Control to Data Assets]] · [[Shadow IT and Unsanctioned Data Stores]] · [[Domain 2 - Index]]