Most enterprises today have adopted a plethora of cloud applications and cloud platforms. In the early days, VM security was important. In the SaaS explosion, CASB was important. Now, in the era of server-less applications even more abstraction is needed. Trying to implement artificial permitters and mapping legacy controls to these new cloud native applications, where a VM doesn’t exist, your integrations are APIs and your users are building new capabilities daily which simply doesn’t work. This has given rise to next-generation cloud controls and protections that are centered on the relation between users and the data rather than infrastructure. In this session we will cut through the buzzwords and identify the strategies and technologies need to effectively protect your users and data, wherever their applications live.