Register for CSA’s SECtember conference and trainings today
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Other Opportunities
Event Partnerships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Registry
STAR Home
Submit to Registry
Provide Feedback
What is the STAR Registry?
Learn how to stay compliant in the cloud.
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
CSA Approved STAR Assessment Firms
Certificates & Training
Events
Learn and network while you earn CPE credits.
Events
Virtual Events & Webinars
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Train my entire team
Training Instructors
Become an Instructor
Training Partners
Become a Training Partner
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Zero Trust Advancement Center
CxO Trust
CloudBytes Webinars
Industry Specific Research
Financial Services
Healthcare
Getting Started with CSA Research
Best practices for cloud security
Assess your compliance to cloud standards
Security questionnaire for vendors
The top threats to cloud computing
Zero Trust Architecture
View more
Awards & Recognition
Ron Knode Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Internet of Things (IoT)
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Serverless
Security Services
Enterprise Resource Planning
Cloud Key Management
Security as a Service
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Incident Response
Top Threats
View all topics
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Other Opportunities
Event Partnerships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Registry
STAR Home
Submit to Registry
Provide Feedback
What is the STAR Registry?
Learn how to stay compliant in the cloud.
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
CSA Approved STAR Assessment Firms
Certificates & Training
Events
Learn and network while you earn CPE credits.
Events
Virtual Events & Webinars
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Train my entire team
Training Instructors
Become an Instructor
Training Partners
Become a Training Partner
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Zero Trust Advancement Center
CxO Trust
CloudBytes Webinars
Industry Specific Research
Financial Services
Healthcare
Getting Started with CSA Research
Best practices for cloud security
Assess your compliance to cloud standards
Security questionnaire for vendors
The top threats to cloud computing
Zero Trust Architecture
View more
Awards & Recognition
Ron Knode Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Internet of Things (IoT)
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Serverless
Security Services
Enterprise Resource Planning
Cloud Key Management
Security as a Service
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Incident Response
Top Threats
View all topics
Circle
Events
Blog
Sign In

Welcome to the Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.
Earn your certificate in cloud
security
Read the latest cloud security
research
Improve your compliance
with STAR
Volunteer for a research working
group
Have a question about cloud security? Ask our
community

Latest News from CSA

SECtember 2022
SECtember 2022
With over 700,000 open positions in the cloud and cybersecurity industry, it is critical that we come together to build connections and work to level up our skills. Join us in-person for SECtember, September 26-30 in Bellevue, WA, to hear from prominent industry leaders and connect with cloud security professionals. Our impressive list of speakers and sessions keeps growing! Check out these latest sessions that were added to the agenda. 

View the event
Top Threats to Cloud Computing Pandemic Eleven
Top Threats to Cloud Computing Pandemic Eleven
The Top Threats reports have traditionally aimed to raise awareness of threats, risks, and vulnerabilities in the cloud. Such issues are often the result of the shared, on-demand nature of cloud computing. In this fifth installment, we surveyed 703 industry experts on security issues in the cloud industry. This year our respondents identified eleven salient threats, risks, and vulnerabilities in their cloud environments. The Top Threats Working Group used the survey results and its expertise to create the 2022 Top Cloud Threats report - the ‘Pandemic Eleven’.
Download the publication
CISO Perspectives and Progress in Deploying Zero Trust
CISO Perspectives and Progress in Deploying Zero Trust
Some of the areas covered in this survey include where Zero Trust falls as a priority in the organization, the percentage of those who have completed related implementations, top business challenges, and top technical challenges. Through the survey and upcoming report, CSA is looking to learn where C-level executives are in terms of their Zero-Trust strategies, pain points, vendor needs, management requirements/oversight, technical considerations, legacy challenges, adoption rates, and stakeholder involvement. CSA is dedicated to educating the C-suite, board members, staff, and stakeholders on the benefits of Zero Trust.  
Download the publication

Explore resources for cloud security and learn more about CSA.

Research

Research
Emerging cloud technologies

Cloud has become the foundation for launching new technologies. Explore emerging technologies that impact the enterprise and adopt industry best practices for implementing and preparing for the future.

Leverage frameworks and architectures specific to cloud

Adopt core tools used by government and regulated industries for the use and management of cloud services. Build a foundation for secure cloud environments with proven models for mitigations, countermeasures, and capabilities specific to cloud computing. The following tools have been used by enterprises to implement frameworks, architectures, and approaches:

Increase transparency

Go beyond security and start building trust. Programs like CSA STAR help improve transparency between cloud customers and providers and bridge the communication gap. From streamlining risk assessments to improving your organization's position to offering an option for continuous self-assessments, it allows our industry to unite effectively to secure the cloud. 

Become certified in cloud security.

Gain the necessary knowledge to support a smooth cloud transition and beyond with focused training from CSA. Start by mastering the best practices of cloud security with the Certificate of Cloud Security Knowledge (CCSK). Earning the CCSK will lay the necessary foundation to prepare you to earn the new cloud auditing credential in development by CSA and ISACA. 

Certificate of Cloud Auditing Knowledge (CCAK)

The Certificate of Cloud Auditing Knowledge (CCAK) is the first credential available for industry professionals to demonstrate their expertise in the essential principles of auditing cloud computing systems. The CCAK credential and training program will fill the gap in the market for technical education for cloud IT auditing.

CSA Online Training

The CSA Knowledge Center is a centralized platform where you can access training based on CSA's vendor-neutral research. Creating an account on the Knowledge Center gives you access to free mini-courses, training and educational tools to help you better understand security in the cloud.

Certificates & Training

Certificates & Training

Membership for Businesses

Membership for Businesses
Become a CSA Corporate Member

Regardless if you already have a well established cloud security program or are starting your cloud migration for the first time, CSA can help you enhance your security strategy. As a corporate member, your team will be able to receive consultations on your current cloud projects and initiatives.


For organizations providing cloud or security services, joining CSA allows you to educate potential users and showcase your own expertise and good practices to a global marketplace.


SaaS Membership

SaaS companies represent the heart of business solutions and are growing rapidly. SaaS companies are very diverse in their size and security maturity. CSA’s SaaS membership provides specific benefits geared towards SaaS provider needs and pain points. Our goal is to help SaaS companies achieve excellent security and communicate a sense of trust to their customers and the greater market.

Cloud Security Executive Briefings

On-site and virtual private executive briefings give your team access to subject matter experts to discuss cloud-specific platforms, industry trends, and technology implementations. Attendees receive valuable insights presented exclusively to this group by some of the top industry experts leading CSA’s research activities. As a member you can start a conversation around what you're doing, and CSA can help connect you with the right people to talk through that strategy.

SECtember 2022 is the essential industry conference to assist organizations in elevating their cybersecurity capabilities. Held in the heart of the cloud industry in Bellevue, WA from September 26-30, 2022, SECtember will feature leaders from Government, Cloud, Cybersecurity and Global 2000 enterprises. The event will provide critical insights into board oversight of cybersecurity, CISO strategies, emerging threats and best practices, all against the backdrop of cloud and related leading edge technologies.

Register Today

Join the Alliance

CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products.

35

active working
groups and initiatives

424

research publications

57,000+

visitors view CSA
research each month

126,000+

industry professionals
are a part of CSA

1,400+

services listed in
the STAR Registry

Become a Corporate Member
Join Circle Community

Latest News

Troy Leach, Data Security and Standards Advocate, Joins Cloud Security Alliance as Chief Strategy Officer

August 02, 2022

 

Cloud Security Alliance Releases Guidance on Third-Party Vendor Risk Management in Healthcare

July 20, 2022

 

New Cloud Security Alliance Survey Finds 67% of Organizations Already Store Sensitive Data in Public Cloud Environments

July 13, 2022

 

Zero Trust Creator John Kindervag Joins Cloud Security Alliance as Security Advisor

June 30, 2022

 

See more

Industry Insights

Cloud Data Security Requires 20/20 Vision

Cloud Data Security Requires 20/20 Vision

August 08, 2022

 
Why You Need Application Security Testing for Business-Critical Applications: Part 4

Why You Need Application Security Testing for Business-Critical Applications: Part 4

August 08, 2022

 
Are Ransomware Attackers Ever Caught?

Are Ransomware Attackers Ever Caught?

August 05, 2022

 
How To Build and Optimize Your Cybersecurity Program

How To Build and Optimize Your Cybersecurity Program

August 05, 2022

 

See more

Upcoming CSA Events

Cloudbytes Webinar Series
Cloudbytes Webinar Series

January 2022 | online

Learn more

It’s time to Zero In on Zero Trust
It’s time to Zero In on Zero Trust

March 23 - September 15 | Online

Learn more

ATARC 2022 Zero Trust Summit
ATARC 2022 Zero Trust Summit

August 9 | Marriott Marquis, Washington DC

Learn more

Black Hat USA 2022
Black Hat USA 2022

August 10 - August 11 | Mandalay Bay Resort | 3950 Las Vegas Boulevard, South Las Vegas, Nevada 89119

Learn more