Ericom CASB (Cloud Access Security Broker) is a clientless, inline isolation-based gateway that provides access controls and data security for SaaS applications. The product operates by assigning each organization a dedicated tenant IP address, enabling IP-based access restrictions that limit SaaS application access exclusively to users routing through the Ericom CASB gateway, regardless of physical location. This approach is designed to eliminate credential theft risk by ensuring stolen credentials cannot be used to access applications from outside the gateway. Access policies can be enforced based on user, group, device, time, or location attributes. When access is permitted, administrators can further restrict data-sharing capabilities, including disabling file uploads/downloads or preventing data entry within cloud applications. Ericom CASB includes Data Loss Prevention (DLP) to protect sensitive data from exfiltration. It also incorporates antivirus (AV) scanning and Content Disarm and Reconstruction (CDR) to detect and neutralize malicious files being uploaded to or downloaded from SaaS applications. The solution is described as clientless, meaning no endpoint agent is required for deployment, and is built on an isolation-based architecture aligned with Zero Trust principles.