Cloud Discovery is a component of the Cloud Access Security Broker (CASB) solution that protects the cloud infrastructure of an organization. Cloud Discovery manages user access to cloud services. Cloud services include, for example, Microsoft Teams, Salesforce, Microsoft Office 365. Cloud services are grouped in categories, for example, Data exchange, Messengers, Email. Kaspersky experts regularly update the Cloud Discovery categories and cloud services classified in the categories. Kaspersky Endpoint Security updates the set of categories and cloud services with the application databases. This means that Cloud Discovery does not use the Kaspersky Security Network for categorizing cloud services.
Cloud Discovery provides the following functionality:
System requirements
Cloud Discovery is available if the following conditions are satisfied:
The component is not available for servers.
The component is not available in Kaspersky Security Center Administration Console (MMC) or Kaspersky Security Center Web Console.
Monitoring cloud services
When a user begins using a cloud service, Kaspersky Endpoint Security registers that event and creates an entry in the report. Cloud Discovery controls cloud service usage in the browser as well as in corresponding applications. Cloud Discovery controls cloud service usage over HTTP and HTTPS.
How to enable cloud service monitoring in Cloud Console
Blocking access to cloud services
The administrator can restrict user access to Cloud Discovery categories or individual cloud services. In this way, the administrator can allow only secure cloud services and avoid data leaks. Risk level information is displayed for each cloud service in Cloud Discovery. The risk level helps detect services that do not satisfy the security requirements of the organization.
The risk level is an estimation and does not imply any statements about the quality of the cloud service or its vendor. The risk level is simply a recommendation of Kaspersky experts.
Risk levels of cloud services are displayed in the Cloud Discovery section of the policy in the list of all controlled cloud service.
Other Kaspersky Endpoint Security components provide protection from threats and tracking of suspicious user activity when using cloud services.
Cloud Discovery notification
Cloud Discovery does not block cloud applications that were started before Kaspersky Endpoint Security.
Blocking access to unwanted cloud services is available only for the Kaspersky Next EDR Foundations license.
How to block access to unwanted cloud services in Cloud Console
Page top