Definition
CloudSOC is Broadcom / Symantec's Cloud Access Security Broker. Originally developed by Elastica and acquired by Symantec in 2015, CloudSOC provides shadow IT discovery, inline cloud app controls (via Cloud SWG integration), API-based SaaS scanning, User and Entity Behavior Analytics (UEBA), and cloud DLP via Symantec DLP integration. CloudSOC is the connecting tissue between Symantec's endpoint, network, email, and cloud DLP - unified policy applies across all four. Common deployments: Microsoft 365 + Google Workspace cloud DLP, shadow IT discovery for governance teams, compromised cloud account detection. See our M365 + CloudSOC integration deep-dive.
Symantec products that implement this
- Symantec CASB (CloudSOC) - Cloud Access Security Broker for SaaS - visibility into shadow IT, inline enforcement on sanctioned apps, API-based scanning for data at rest, and user behavior analytics.
Related terms
- CASB (Cloud Access Security Broker) - Security layer between users and cloud apps; provides visibility, governance, and DLP for SaaS.
- DLP (Data Loss Prevention) - Security capability that discovers, monitors, and protects sensitive data across endpoints, networks, storage, cloud, and email.
- UEBA (User and Entity Behavior Analytics) - Detection technique that uses ML to baseline normal user/entity behavior and flag anomalies.
Deep-dives on CloudSOC
- Microsoft 365 DLP with Symantec CloudSOC: the integration deep-dive - How to extend Symantec DLP into Microsoft 365 through CloudSOC - what API connectors provide, what inline integration adds, and where Symant…