Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Train my entire team
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Artificial Intelligence
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Vulnerability Data
Top Threats
View all topics
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Train my entire team
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Artificial Intelligence
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Vulnerability Data
Top Threats
View all topics
Cloud 101CircleEventsBlog
Register now for CSA’s free Virtual AI Summit taking place January 17-18th

Welcome to the Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.
Earn your certificate in cloud
security
Read the latest cloud security
research
Improve your compliance
with STAR
Become a corporate
member
Join our online
community

Latest News from CSA

Cloud Adversarial Vectors, Exploits, and Threats
Cloud Adversarial Vectors, Exploits, and Threats
The industry needs a threat-informed framework that addresses the unique and emerging risks of cloud environments, with detailed security guidance to ensure meaningful implementation of detection and mitigation capabilities. CSA and the MITRE Corporation have established the Cloud Adversarial, Vectors, Exploits, and Threats (CAVEaT™) collaboration to bring this guidance to the cloud security practitioner. Explore today’s available frameworks with relevance to cloud systems, including CVE, CWE, MITRE ATT&CK, and CAPEC.
Download now
The CCZT is now available!
The CCZT is now available!
The industry’s first authoritative Zero Trust training and credential, the Certificate of Competence in Zero Trust (CCZT), is now available! Recognizing that organizations have different maturity levels for their security program and may be challenged to find skilled staff critical to the development and implementation of a Zero Trust strategy, CSA created the CCZT to help security professionals build knowledge to drive the definition, implementation and management of Zero Trust.
Learn more
Peer Review: CCMV4 SSRM Implementation Guidelines
Peer Review: CCMV4 SSRM Implementation Guidelines
Cloud Security Alliance (CSA) and the Cloud Controls Matrix (CCM) WG would like to invite cloud organizations and cloud security experts to participate in this open peer review of the “Final Draft” version of the CCM V4 control ownership & implementation guidelines that is developed according to the Cloud Shared Security Responsibility Model (SSRM).
Contribute to Peer Review

Explore Resources

Cloud Assurance

Improve the security and compliance posture of your organization and leverage the controls inside of cloud assurance to build stronger value in your business systems. CSA provides tools and guidance that help entire industries and countries build their own cloud assurance ecosystem. Publish your organization on the STAR Registry, become CCAK certified, or demonstrate your commitment to holistic security by qualifying for Trusted Cloud Provider status.

Core Cloud

Regardless if you already have a well established cloud security program or are starting your cloud migration for the first time, CSA can help you enhance your security strategy. Tap into our substantial database of research and strategies needed for organizations to achieve comprehensive cloud security. Learn about cybersecurity threats from the latest Top Threats to Cloud Computing: Pandemic Eleven, close the skills gap by obtaining your CCSK certificate, and support the work CSA does by joining our community or becoming a corporate member.

Future Cloud

Look beyond the challenges of the current cloud security ecosystem and leverage CSA to help your organization solve tomorrow’s problems, today. Explore innovative technologies and strategies, such as the Zero Trust Advancement Center, Y2Q - the quantum countdown, or our Global Security Base, that will help shape the future of cloud and cybersecurity.

Save the Date

Join leading experts at the forefront of cloud security, providing deep insights into how organizations, industries and nations are protecting their most vital assets and systems in the cloud. Our interactive sessions will cover the hottest technology trends and vetted best practices that keep some of our most iconic brands secure.

September 9 - 13, 2024
Meydenbauer Center, Bellevue, WA

Join the Alliance

CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products.

42

active working
groups and initiatives

533

research publications

57,000+

visitors view CSA
research each month

126,000+

industry professionals
are a part of CSA

1,900+

services listed in
the STAR Registry

Become a Corporate Member
Join Our Community

Press Releases

Cloud Security Alliance Launches the Industry’s First Authoritative Zero Trust Training and Credential, the Certificate of Competence in Zero Trust (CCZT)

November 15, 2023

 

Nonprofit Cyber Launches World More Than a Password Day

November 10, 2023

 

Cloud Controls Matrix (CCM) Now Mapped to OpenCRE, Cloud Security Alliance Announces

September 28, 2023

 

Cloud Security Alliance Awards 2023 Philippe Courtot Leadership Award to Schellman CEO Avani Desai

September 21, 2023

 

See more

Industry Insights

LABRAT: Stealthy Cryptojacking and Proxyjacking Campaign Targeting GitLab

LABRAT: Stealthy Cryptojacking and Proxyjacking Campaign Targeting GitLab

December 04, 2023

 
Human Discretion is Great, Right? Not When it’s the Lifeblood of Social Engineering Attacks

Human Discretion is Great, Right? Not When it’s the Lifeblood of Social Engineering Attacks

December 04, 2023

 
Mastering Data Flow: Enhancing Security and Compliance in the Cloud

Mastering Data Flow: Enhancing Security and Compliance in the Cloud

December 01, 2023

 
What is Cloud Security: 15 Essential Cloud Security Terms

What is Cloud Security: 15 Essential Cloud Security Terms

December 01, 2023

 

See more

Upcoming CSA Events

How are Generative AI and machine learning Impacting workload and network security?
How are Generative AI and machine learning Impacting workloa...

December 12 | Dallas, TX

Learn more

11th Study of the State of the Art of Cloud Security
11th Study of the State of the Art of Cloud Security

December 12 | Lima, Perú

Learn more

CSA Bangalore Annual Summit 2023
CSA Bangalore Annual Summit 2023

December 13 | India

Learn more

AWS Security: Building Secure Cloud Applications
AWS Security: Building Secure Cloud Applications

December 15 | Online

Learn more