CASBs are on-premises or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers (CSPs) to combine and interject enterprise security policies as the cloud-based resources are accessed. CASBs consolidate multiple types of security policy enforcement. Example security policies include authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention, etc.

Source: DivvyCloud