Skip to content Skip to navigation Skip to footer


The FortiGuard CASB Service – a dual-mode cloud access security broker (CASB) solution – provides security, scalability, and performance across SaaS applications, usage and data, using both inline and API-based CASB capabilities. The FortiGuard CASB Service is part of FortiSASE and Fortinet Zero Trust Network Access (ZTNA) solutions, offering cloud-delivered security to managed and unmanaged devices and locations.

API-based CASB (FortiCASB)

API-based CASB is a cloud-native cloud access security broker (CASB) service that provides visibility, compliance, data security, and threat protection for cloud applications. It enables deep inspection and policy management for data stored in SaaS and IaaS applications.

Inline CASB with ZTNA and SASE

The FortiGate ZTNA access proxy can be configured to act as an inline CASB by providing access control to SaaS traffic using ZTNA access control rules.

FortiSASE uses application control and SSL deep inspection to act as an inline CASB.


How the FortiGuard CASB Service Works

How CASB protects managed and unmanaged locations and devices

Managed location: When workers are at the office, the user request is traversed through the gateway which applies the right cloud security policy for accessing the app using the inline CASB.

Unmanaged location: When users are remote, both the inline and API CASB will be used to give protection to SaaS apps.

Managed user: Users who have FortiClient as part of ZTNA leverage inline CASB for app security.

Unmanaged user: Users with BYOD or no ZTNA/FortiClient client leverage API-based CASB for app security. 

Fortinet Security Fabric Integrations

The strength of Fortinet's platform-driven approach is to enable coordinated workflows including response while customers benefit from a globalized network effect across Fortinet’s worldwide install base. The FortiGuard CASB Service portfolio is integrated into the following Fabric solutions:


Safe Access to SaaS Applications Across the Fabric

FortiGuard CASB Use Cases

Features and Benefits


Discover cloud app usage, create a shadow IT report on cloud spend, and perform a risk assessment


Protect data in motion and data at rest within cloud applications


Leverage predefined reports for standards including SOX, GDPR, PCI DSS, HIPAA, NIST, and ISO 27001


Control the productivity, privacy, compliance, and security of corporate and non-corporate tenants


Detect account-centric threats and anomalies with user and entity behavior analytics (UEBA)


Expand visibility into risk trends and events, user insights and behaviors, and view severity statistics for data stored in SaaS applications and public cloud deployments