API-Only CASB Architecture
API-only CASB offer management capabilities by remediating data-leakage events after the fact via the APIs provided by some applications.
API CASB operate “out-of-band” not real-time. Users directly access cloud apps and data from any device, managed or unmanaged, without restriction or control. API CASB use the applications’ API to analyze the data-at-rest in the cloud. Based on policies set by the administrator, files that are in violation may trigger visibility logging alerts. Alternatively, files that are in violation may be quarantined, or have sharing permissions revoked.
