Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Cloud 101
Circle
Events
Blog
Sign In

Welcome to the Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.
Earn your certificate in cloud
security
Read the latest cloud security
research
Improve your compliance
with STAR
Become a corporate
member
Join our online
community

Latest News from CSA

SECtember 2023 Call for Presentations
SECtember 2023 Call for Presentations
Participate in THE cloud security conference of the year at SECtember 2023. Showcase your work, network with like-minded professionals, and contribute to the advancement of knowledge in cloud security by submitting a proposal related to Threats and Vulnerabilities, Emerging Technologies, Governance and Assurance, or Secure Cloud Computing. Learn about the submission and selection process here.
Submit here
Data Lake Threat Modeling Exercise
Data Lake Threat Modeling Exercise
As cloud platforms expand further into business uses, the need to understand the attack surface to your data becomes much more apparent. This exercise spreadsheet includes numerous elements of data lakes applied to specific threat scenarios and to the STRIDE framework, and provides countermeasures for possible corrections and controls.
Download the exercise
CCM v4-Lite Open Peer Review
CCM v4-Lite Open Peer Review
CSA and the CCM working group have been developing a lightweight edition of the CCM v4 that consists of foundational cloud security requirements. It is targeted to be a cost-effective solution for low-risk profile cloud organizations. Participate in this peer review and help determine whether the selected controls are easy to implement and provide foundation security solutions necessary.
Participate here

Explore Resources

Cloud Assurance

Improve the security and compliance posture of your organization and leverage the controls inside of cloud assurance to build stronger value in your business systems. CSA provides tools and guidance that help entire industries and countries build their own cloud assurance ecosystem. Publish your organization on the STAR Registry, become CCAK certified, or demonstrate your commitment to holistic security by qualifying for Trusted Cloud Provider status.

Core Cloud

Regardless if you already have a well established cloud security program or are starting your cloud migration for the first time, CSA can help you enhance your security strategy. Tap into our substantial database of research and strategies needed for organizations to achieve comprehensive cloud security. Learn about cybersecurity threats from the latest Top Threats to Cloud Computing: Pandemic Eleven, close the skills gap by obtaining your CCSK certificate, and support the work CSA does by joining our community or becoming a corporate member.

Future Cloud

Look beyond the challenges of the current cloud security ecosystem and leverage CSA to help your organization solve tomorrow’s problems, today. Explore innovative technologies and strategies, such as the Zero Trust Advancement Center, Y2Q - the quantum countdown, or our Global Security Base, that will help shape the future of cloud and cybersecurity.

Save the date!

September 18 - 22, 2023
Meydenbauer Center, Bellevue, WA

Join the Alliance

CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products.

35

active working
groups and initiatives

506

research publications

57,000+

visitors view CSA
research each month

126,000+

industry professionals
are a part of CSA

1,900+

services listed in
the STAR Registry

Become a Corporate Member
Join Our Community

Press Releases

Nearly One Third of Organizations Are Struggling to Manage Cumbersome Data Loss Prevention (DLP) Environments, Cloud Security Alliance Finds

March 15, 2023

 

New Study Examines Application Connectivity Security in the Cloud

January 18, 2023

 

Cloud Security Alliance and the Israel National Cyber Directorate Sign Memorandum of Understanding

October 27, 2022

 

Cloud Security Alliance Announces Trusted Cloud Consultant Program

October 27, 2022

 

See more

Industry Insights

Best Practices in Data Tokenization

Best Practices in Data Tokenization

March 31, 2023

 
How to Avoid a Costly Data Breach in AWS with Automated Privileges

How to Avoid a Costly Data Breach in AWS with Automated Privileges

March 31, 2023

 
The Big Guide to Data Security Posture Management (DSPM)

The Big Guide to Data Security Posture Management (DSPM)

March 31, 2023

 
Understanding Identity and Access Management (IAM) and Authorization Management

Understanding Identity and Access Management (IAM) and Authorization Management

March 30, 2023

 

See more

Upcoming CSA Events

Demo Forum Zero Trust Cybersecurity Meetup
Demo Forum Zero Trust Cybersecurity Meetup

April 4 - April 6 | Online

Learn more

DoD Zero Trust Symposium
DoD Zero Trust Symposium

April 4 - April 5 | Online

Learn more

CSA Summit at RSAC 2023
CSA Summit at RSAC 2023

April 21 - April 27 | RSAC

Learn more

CSA APAC Summit 2023
CSA APAC Summit 2023

May 10 | Lifelong Learning Institute, Singapore

Learn more