Welcome to the Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.

Latest News from CSA

Cloud Controls Matrix v4 Released
Version 4 of the CCM has been updated to ensure coverage of requirements deriving from new cloud technologies, new controls and security responsibility matrix, improved auditability of the controls, and enhanced interoperability and compatibility with other standards.
Download Now
Cloud Security Alliance Trusted Cloud Providers
CSA is pleased to announce the first cohort of Cloud Security Alliance Trusted Cloud Providers. This is a new program that awards a trustmark to cloud providers who demonstrate their commitment to holistic security. The trustmark will be displayed on each organization’s entry in the Security, Trust, Assurance & Risk (STAR) registry
Learn more
CCAK Exam Now Available
The Certificate of Cloud Auditing Knowledge (CCAK) Exam is now available for purchase. This credential leverages CSA’s cloud expertise and ISACA’s traditional audit expertise, combining our know-how and expertise to develop and deliver the best possible solution for cloud auditing education.
Earn the CCAK

Explore resources for cloud security and learn more about CSA.


Emerging cloud technologies

Cloud has become the foundation for launching new technologies. Explore emerging technologies that impact the enterprise and adopt industry best practices for implementing and preparing for the future.

Security Controls for IoT
Preparing for Quantum Computers
Blockchain for Security

Leverage frameworks and architectures specific to cloud

Adopt core tools used by government and regulated industries for the use and management of cloud services. Build a foundation for secure cloud environments with proven models for mitigations, countermeasures, and capabilities specific to cloud computing. The following tools have been used by enterprises to implement frameworks, architectures, and approaches:

Cloud Controls and Remediations
Cloud Reference Architecture
Octagon Model for Risk

Increase transparency

Go beyond security and start building trust. Programs like CSA STAR help improve transparency between cloud customers and providers and bridge the communication gap. From streamlining risk assessments to improving your organization's position to offering an option for continuous self-assessments, it allows our industry to unite effectively to secure the cloud.

Become STAR Certified

Certificate of Cloud Auditing Knowledge (CCAK)

The Certificate of Cloud Auditing Knowledge (CCAK) is the first credential available for industry professionals to demonstrate their expertise in the essential principles of auditing cloud computing systems. The CCAK credential and training program fills the gap in the market for technical education for cloud IT auditing.

Learn more about the CCAK

Become certified in cloud security.

Gain the necessary knowledge to support a smooth cloud transition and beyond with focused training from CSA. Start by mastering the best practices of cloud security with the Certificate of Cloud Security Knowledge (CCSK). Earning the CCSK will lay the necessary foundation to prepare you to earn the new cloud auditing credential in development by CSA and ISACA.

Certificates & Training

Membership for Businesses

Become a CSA Corporate Member

Regardless if you already have a well established cloud security program or are starting your cloud migration for the first time, CSA can help you enhance your security strategy. As a corporate member, your team will be able to receive consultations on your current cloud projects and initiatives.

For organizations providing cloud or security services, joining CSA allows you to educate potential users and showcase your own expertise and good practices to a global marketplace.

Membership for Enterprises
Membership for Cloud Solution Providers
Membership for SaaS Companies

SaaS Membership

SaaS companies represent the heart of business solutions and are growing rapidly. SaaS companies are very diverse in their size and security maturity. CSA’s SaaS membership provides specific benefits geared towards SaaS provider needs and pain points. Our goal is to help SaaS companies achieve excellent security and communicate a sense of trust to their customers and the greater market.

Contact us to learn more

Cloud Security Executive Briefings

On-site and virtual private executive briefings give your team access to subject matter experts to discuss cloud-specific platforms, industry trends, and technology implementations. Attendees receive valuable insights presented exclusively to this group by some of the top industry experts leading CSA’s research activities. As a member you can start a conversation around what you're doing, and CSA can help connect you with the right people to talk through that strategy.

Contact us to learn more

Join the Alliance

CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products.


active working
groups and initiatives


research downloads


visitors view CSA Best
Practices each month


Industry professionals
are a part of CSA


providers listed in
the STAR Registry

Latest News

Cloud Security Alliance’s New Cloud Incident Response Framework Serves as Transparent, Common Blueprint Through Which to Share Best Practices

May 04, 2021


Cloud Security Alliance Shines Light on Excellence in Cloud Provider Security

April 22, 2021


General James Mattis to Headline Cloud Security Alliance CISO Summit at RSA Conference 2021

April 21, 2021


Cloud Security Alliance Releases Guidance for Crypto-Asset Exchange Security

April 13, 2021


See more

Industry Insights

CCAK Testimonials: From an Audit and Compliance Expert

May 13, 2021


How to Ensure Data Protection in Multi-Cloud

May 12, 2021


Understanding the OWASP API Security Top 10

May 11, 2021


Security Spotlight: US Government Agencies Take Action Against Exchange Vulnerabilities and Social Media Giants Leak Data

May 10, 2021


See more

Upcoming CSA Events

Call for Participation

March 15, 2021 - December 21, 2021 | Virtual

Learn more

RSA Conference 2021

May 17, 2021 - May 20, 2021 | San Francisco, CA USA

Learn more

CSA CISO Summit at RSAC 2021

May 18, 2021 | Virtual

Learn more

Offensive Insight for Cloud Security

May 20, 2021 | Virtual

Learn more