Cloud Access Security Broker (CASB) Operations
RCCE students will learn how CASB technologies help govern SaaS usage, detect shadow IT, apply access policies, inspect risky activity, and enforce security controls across cloud applications. RCCE students will learn to evaluate sanctioned and unsanctioned SaaS usage, define access controls, investigate risky sessions, align monitoring with compliance requirements, and integrate CASB workflows with broader cloud security operations. The course covers practical scenarios ranging from cloud app discovery to policy enforcement, investigation, and tuning. RCCE students will learn to analyze complex systems and think like an attacker to better defend the organization. This comprehensive course delivers practical knowledge applicable to real-world cybersecurity operations. Starting from foundational concepts, RCCE students will learn through a combination of concept explanation, practical demonstration, and hands-on exercises.
- Cloud Security Architects and Engineers
- DevSecOps and Platform Engineers
- Identity and Access Management Specialists
- Security Analysts securing cloud workloads
- Professionals implementing Cloud Access Security Broker (CASB) Operations
- Execute hands-on tasks for cloud access security broker
- Execute hands-on tasks for govern saas usage · detect shadow it · enforce security controls
- Explain Course Overview fundamentals
- Execute hands-on tasks for what you will learn — covering Course Structure.
- Execute hands-on tasks for forward proxy — covering Inline traffic inspection.
- Execute hands-on tasks for reverse proxy — covering Agentless inline mode.
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for users / endpoints
- Execute hands-on tasks for cloud app risk scoring
- Execute hands-on tasks for sanctioned apps
- Execute hands-on tasks for unsanctioned apps — covering IT-approved and procurement-vetted, Employee-adopted without IT approval.
- Execute hands-on tasks for covered by vendor sla and support — covering Employee-adopted without IT approval.
| Module 01 | Cloud Access Security Broker |
| Module 02 | Govern SaaS Usage · Detect Shadow IT · Enforce Security Controls |
| Module 03 | Course Overview |
| Module 04 | What You Will Learn |
| Module 05 | Forward Proxy |
| Module 06 | Reverse Proxy |
| Module 07 | Multimode CASB Architecture |
| Module 08 | Users / Endpoints |
| Module 09 | Cloud App Risk Scoring |
| Module 10 | Sanctioned Apps |
| Module 11 | Unsanctioned Apps |
| Module 12 | Covered by vendor SLA and support |
| Module 13 | CASB Policy Architecture |
| Module 14 | App Risk |
All hands-on labs run on Rocheston Rose X OS. Students practice cloud access security broker (casb) operations by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for cloud access security broker
- Lab 2: Execute hands-on tasks for govern saas usage · detect shadow it · enforce security controls
- Lab 3: Explain Course Overview fundamentals
- Lab 4: Execute hands-on tasks for what you will learn
- Lab 5: Execute hands-on tasks for forward proxy
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Cloud Access Security Broker (CASB) Operations, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI