To support their firms' cloud strategy without compromising security or compliance, security and risk (S&R) pros need to develop a number of important capabilities. They need the capability to: 1) discover sanctioned and unsanctioned cloud app adoption; 2) prevent the unauthorized transfer of sensitive data to the cloud; 3) protect and encrypt sensitive data in the cloud; and 4) identify suspicious employee behaviors and threats in cloud services. This report examines the vendor landscape for cloud access security intelligence (CASI) solutions that provide some or all of these capabilities.