Why Bitglass?

The Cloud Security Platform for Any Interaction

Founded in 2013 when enterprises were just beginning to adopt the cloud, our founders anticipated an age when users would need secure access on the go to any app and any web destination, on any network and from any device. That heritage is reflected in today’s ability to automatically adapt to evolving security requirements; whether it be for BYOD initiatives, an increasingly remote workforce, or protection against zero day threats and data leakage as the combinations of users, devices, applications, web traffic, and infrastructure create an immeasurable matrix of interactions.

Our platform is designed to protect data and defend against threats for any interaction. It integrates cloud access security broker (CASB), SmartEdge Secure Web Gateway (SWG), and zero trust network access (ZTNA) to enforce a consistent set of policies from a single dashboard; built on our global Polyscale Architecture designed to scale with your business. As Bitglass' Total Cloud Security Platform forgoes the use of costly appliances and serves as a replacement for a number of disjointed point products, customers also report significant cost savings

"I have used their support quite a bit. They are outstanding. I've been able to call them at any time that I'm here working. It doesn't matter when, they've always been very responsive. If I don't get somebody when I call, usually within five to 10 minutes, max, someone's calling me back."

-Sr Security Engineer, Healthcare Co., 100K+users

"The solution provides a single platform for CASB, web security, advanced threat protection, identity, data loss protection, and zero-trust network access. It does all that in one product. It's good because it allows us to adopt more and more cloud apps. It really gives us the flexibility to pursue any new technology that is going to benefit our organization,"

-CTO, Financial Services Firm

"They always talked about their infrastructure and how it auto-scales based on demand. What we would have is about 20,000-plus users logging in between at 8:00 am and 8:05 am Central Time, which was a ton of traffic all of a sudden slamming at the infrastructure, and it just handled it like a champ. It would scale."

-Sr. Security Engineer, 10,000-User Healthcare Firm

Apps or CASB

Multi-Mode CASB

As a Leader in Gartner’s Magic Quadrant for CASB, our solution is designed to secure any cloud application (e.g. Office 365, G Suite, Box, ServiceNow, Tableau), as well as IaaS platforms like AWS, Azure, and GCP. As the only true multi-mode CASB, the solution can deliver security over data at rest and data at access. The industry’s only agentless deployment mode leverages Bitglass’ patented reverse proxy to secure any device, including personal and remote endpoints that are physically inaccessible. It delivers:
  • Granular data protection policies that can defend sensitive information and ensure regulatory compliance in real time and wherever data goes.

  • Threat protection powered by AV leaders that can block zero-day malware during upload or download, as well as when data is at rest.

  • Comprehensive visibility and reporting features that detail all app, file, and user activity; perfect for enabling audit and demonstrating compliance.

  • Identity management via native single sign-on (SSO) and multi-factor authentication (MFA) as well as integrations with any leading IdP.


SmartEdge SWG

We deliver the world’s only on-device SWG. By performing decryption and inspection locally on users’ endpoints, users are no longer required to backhaul traffic to a central infrastructure or cloud proxy, eliminating the cost, scalability, and performance issues inherent in legacy architectures. Additionally, Bitglass automatically manages the creation, storage, and revocation of certificates on all devices using SmartEdge. This prevents man-in-the-middle attacks and saves time for admins who would otherwise have to manage certificates manually. Finally, with our approach, users experience a deeper level of privacy, as only security events are logged and uploaded to the cloud; personal traffic and details remain on the device. SmartEdge delivers:
  • URL filtering that blocks websites based on user group, device type, and location, as well as destination category and riskiness.
  • Threat protection that blocks infected file downloads as well as access to botnets, TOR networks, anonymizers, and other websites that will infect users’ devices with malware.
  • Application controls that govern the use of unmanaged apps; allow or block access, and coach users to sanctioned alternatives.
  • Data loss prevention (DLP) that can identify and halt the upload of sensitive or regulated information to unsafe destinations on the web.
Bitglass ZTNA

Bitglass ZTNA

In addition to cloud and web, Bitglass has proven success securing on-premises resources. We deliver a unique, cloud-based ZTNA solution that forgoes the use of VPN clients. This ensures greater performance, usability, and scalability. Additionally, instead of giving users unfettered access to everything on the network, our solution extends secure access only to specific internal apps; complete with real-time data and threat protection policies. Bitglass provides an agentless option for browser apps and an agent-based option for thick client apps such as SSH and remote desktops. It delivers:
  • Contextual access control and DLP that govern user access and protect sensitive and regulated data patterns from leaking.
  • Native authentication options like SSO and MFA, as well as the ability to integrate with leading identity providers like Okta and Ping.
  • Zero-day advanced threat protection that leverages CrowdStrike technology to halt threats in real time at upload and at download.
  • Comprehensive visibility over all file, user, and app activity through activity logs and reports that enable auditing and compliance.
Bitglass SD-WAN


Bitglass takes a unique, flexible approach to SD-WAN in order to enable customers to integrate their wide area networks with the full suite of protections described above. As the only SASE platform built in the public cloud on a Polyscale Architecture, Bitglass leverages AWS Transit Gateway Connect to integrate with whatever SD-WAN solution you may use. In other words, traffic stemming from any branch site via any SD-WAN can automatically be routed to Bitglass for real-time security policy enforcement. This contrasts with competing SASE platforms which integrate with limited numbers of SD-WAN offerings and require customers to use their partners’ SD-WAN solutions. When it comes to SD-WAN, Bitglass provides:

  • A flexible, cloud-based architecture which can integrate with any SD-WAN solution you may choose to adopt or already have in place.
  • Security for branch site traffic headed to the cloud, the web, and on-premises resources through CASB, SWG, and ZTNA functionality, respectively.
  • Data loss prevention and advanced threat protection for stopping data leakage and zero-day malware infections wherever they may occur.
  • A single dashboard that provides comprehensive visibility over all interactions occurring throughout your IT ecosystem.

Polyscale Architecture


With an architecture that maintains “four nines” reliability, the platform is natively architected for and from the cloud. Our Polyscale Architecture dynamically adjusts capacity as load profiles shift – whether these shifts occur because of point-in-time events or permanent adjustments like the surge in remote employees – ensuring consistent experience regardless of the scope or scale of your use case. The Polyscale Architecture is:

  • Built upon the public cloud for maximum uptime and performance.

  • Highly scalable due to self-replicating components that dynamically create capacity.

  • Highly performance across your entire deployment, with a network of over 280 global points of presence that ensure performance and security around the world.

Want to learn how Bitglass secures any interaction?

Download the SASE with Bitglass Technical Brief below


Download Now