Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Train my entire team
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Artificial Intelligence
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Train my entire team
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Artificial Intelligence
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Cloud 101CircleEventsBlog
Sign In

Welcome to the Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.
Earn your certificate in cloud
security
Read the latest cloud security
research
Improve your compliance
with STAR
Become a corporate
member
Join our online
community

Latest News from CSA

New CCM Mapping: Payment Card Industry Data Security Standard
New CCM Mapping: Payment Card Industry Data Security Standard
The Cloud Security Alliance and the Cloud Controls Matrix (CCM) Working Group would like to announce a new update to CCM v4.0.9. This update and release incorporates an additional mapping in the CCMv4, that of: the Payment Card Industry Data Security Standard (PCI DSS) Version 4. With this update the CCM V4 controls will be now accompanied with a total of twelve (12) mappings.
Download now
Machine Identity in Cybersecurity and IAM
Machine Identity in Cybersecurity and IAM
Gain a thorough understanding of machine/non-human identities and their significance to your organization. With the increasing use of technology in today's organizations, the concept of identity management has expanded to include machine identities (anything other than human) such as device identities, digital identities, and workload identities. This whitepaper defines machine identities, explores their history and significance, and provides best practices for managing the risks and governance associated with them.
Download now
Sonrai Security presents ACCESS: The Cloud Identity, Access, and Permissions Summit
Sonrai Security presents ACCESS: The Cloud Identity, Access, and Permissions Summit
Register for ACCESS, a free virtual summit helping you secure identity, access, and permissions in the cloud from industry leaders at Amazon, Accenture, Albertsons, and more. No sales pitches allowed, just cloud pros talking shop. Featuring sessions and networking opportuntiities, you don’t want to miss it - registration closes next week!
Register now

Explore Resources

Cloud Assurance

Improve the security and compliance posture of your organization and leverage the controls inside of cloud assurance to build stronger value in your business systems. CSA provides tools and guidance that help entire industries and countries build their own cloud assurance ecosystem. Publish your organization on the STAR Registry, become CCAK certified, or demonstrate your commitment to holistic security by qualifying for Trusted Cloud Provider status.

Core Cloud

Regardless if you already have a well established cloud security program or are starting your cloud migration for the first time, CSA can help you enhance your security strategy. Tap into our substantial database of research and strategies needed for organizations to achieve comprehensive cloud security. Learn about cybersecurity threats from the latest Top Threats to Cloud Computing: Pandemic Eleven, close the skills gap by obtaining your CCSK certificate, and support the work CSA does by joining our community or becoming a corporate member.

Future Cloud

Look beyond the challenges of the current cloud security ecosystem and leverage CSA to help your organization solve tomorrow’s problems, today. Explore innovative technologies and strategies, such as the Zero Trust Advancement Center, Y2Q - the quantum countdown, or our Global Security Base, that will help shape the future of cloud and cybersecurity.

Save the Date

Join leading experts at the forefront of cloud security, providing deep insights into how organizations, industries and nations are protecting their most vital assets and systems in the cloud. Our interactive sessions will cover the hottest technology trends and vetted best practices that keep some of our most iconic brands secure. From AI to Zero Trust, we will deliver the knowledge and networking you need to stay ahead of the cybersecurity curve.

September 9 - 13, 2024
Meydenbauer Center, Bellevue, WA

Join the Alliance

CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products.

37

active working
groups and initiatives

549

research publications

57,000+

visitors view CSA
research each month

126,000+

industry professionals
are a part of CSA

1,900+

services listed in
the STAR Registry

Become a Corporate Member
Join Our Community

Press Releases

Cloud Security Alliance Awards 2023 Philippe Courtot Leadership Award to Schellman CEO Avani Desai

September 21, 2023

 

EU Cloud Code of Conduct Collaborates with Cloud Security Alliance to Further Harmonize GDPR Compliance

September 20, 2023

 

Cloud Security Alliance Maps Cloud Controls Matrix (CCM) to Payment Card Industry Data Security Standard (PCI DSS) v4.0

September 19, 2023

 

Cloud Security Alliance Survey Finds Complexity of Multi-cloud Environments Driving Use of Cloud Native Application Protection Platforms

August 24, 2023

 

See more

Industry Insights

Why Healthcare Organizations Are Slower to Adopt Cloud Services

Why Healthcare Organizations Are Slower to Adopt Cloud Services

September 25, 2023

 
Frequently Asked Questions Answered—ISO 27001 Certifications

Frequently Asked Questions Answered—ISO 27001 Certifications

September 25, 2023

 
Safeguarding the Healthcare Industry: Effective Measures to Prevent Ransomware Attacks

Safeguarding the Healthcare Industry: Effective Measures to Prevent Ransomware Attacks

September 25, 2023

 
NIST CSF vs. Other Cybersecurity Frameworks

NIST CSF vs. Other Cybersecurity Frameworks

September 22, 2023

 

See more

Upcoming CSA Events

Threat Modeling Cloud Services
Threat Modeling Cloud Services

September 28 | Morrisville, NC

Learn more

CSA Research Summit 2023
CSA Research Summit 2023

October 17 - October 18 | Online

Learn more

SecureWorld St. Louis
SecureWorld St. Louis

October 17 | Clayton, MO

Learn more

CSA Bangalore Annual Summit 2023
CSA Bangalore Annual Summit 2023

December 13 | India

Learn more