Since Cloud is in the name, most organizations think of CASB when trying to achieve their security and compliance goals for public SaaS applications like Office 365, Salesforce and Box. Provided you pick the right CASB vendor, however, and your CASB can provide data & threat protection not just for public cloud apps, but for private cloud apps as you migrate them to the public cloud.
As you move a private application (whether it's a custom developed app or packaged software) to a public cloud platform like AWS, Azure, or GCP, these applications start to feel more and more like a public SaaS applications. External availability from any device, and from anywhere on the internet, backend APIs, etc. Your data moves beyond the firewall.
This increased availability can mean wonders for productivity and mobility, but the shared security responsibility in the cloud needs to be kept in mind here as much as with SaaS applications.
Keep private app migration in mind when making a decision on which CASB vendor to select, paying careful attention to whether the vendor can support applications that don't exist in a fixed catalog. The Bitglass Zero-day Core was designed with exactly this use case in mind - any app beyond the firewall.