Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog

All Articles

Home
All Articles
Zero Trust Creator John Kindervag Joins Cloud Security Alliance as Security Advisor

Press Release Published: 06/30/2022

Renowned cybersecurity expert brings more than 25 years of experience to Zero Trust Advancement CenterSEATTLE – June 30, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud c...

Five Steps to a Secure Cloud Architecture

Blog Published: 06/30/2022

This blog was originally published by Fugue here. By Josh Stella, Chief Architect, Snyk, Co-Founder, Fugue. Cloud computing cyberattacks don’t play out like the scenes from Hollywood thrillers. No one is slowly lowering Tom Cruise into a preselected target’s secure data center equipped with ...

CCSK Success Stories: From a CISO and Chief Privacy Officer

Blog Published: 07/01/2022

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverag...

Threat Activity Cluster #4: Strawberry with Sprinkles

Blog Published: 07/05/2022

This blog was originally published by Alert Logic here. Written by Josh Davies and Gareth Protheroe, Alert Logic. In the next edition of our ice cream activity cluster blog series, we’re shining the spotlight on another historic actor that undertook a significant remodeling of their tactic...

Cloud Services Explained

Blog Published: 07/05/2022

NIST defines three service models which describe the different foundational categories of cloud services:Infrastructure as a Service (IaaS) offers access to a resource pool of fundamental computing infrastructure, such as compute, network, or storage. We sometimes call these the “SPI” tiers.Pl...

The Access-Risk Landscape in 2022

Blog Published: 07/06/2022

Written by Marie Prokopets, Co-founder and COO, Nira. Introduction The number of data breaches and cases of unauthorized access to cloud-based documents, what we call — Access-Risk incidents — has skyrocketed over the past few years. In fact, 68% of information security professionals felt...

Phishing is on the Rise: What CISOs Should Know

Blog Published: 07/06/2022

This blog was originally published by CXO REvolutionaries here. Written by Heng Mok, CISO APJ, Zscaler. The weakest link in a security architecture is often the people it protects. Although cloud-driven attacks like ransomware-as-a-service (RaaS) dominate headlines, social engineering remains ...

Zero-day Vulnerability Affecting the Microsoft Windows Support Diagnostic Tool (MSDT)

Blog Published: 07/07/2022

This blog was originally published by CrowdStrike here. Written by Dan Fernandez - Liviu Arsene, Endpoint & Cloud Security.On May 27, 2022, a remote code execution vulnerability was reported affecting the Microsoft Windows Support Diagnostic Tool (MSDT)The vulnerability, which is classifie...

Why Ransomware Attacks Are on the Rise

Blog Published: 07/07/2022

This blog was originally published by ShardSecure on June 27, 2022. Written by Marc Blackmer, VP of Marketing, ShardSecure. What Is Ransomware? Ransomware is a type of malware that prevents users from accessing their systems and files and requires them to pay a ransom to regain access. Most t...

Security Operations Center (SOC) for Cloud

Blog Published: 07/08/2022

Written by Prikshit Goel, VP, Cybersecurity & GRC Services, HCL Technologies. Although cloud adoption means improved agility and flexibility for organizations, it has also led to increasing threats and challenges to data security. A Gartner survey revealed that 57% of board directors are p...

Preparing for Web 3.0

Blog Published: 07/08/2022

This blog was originally published by Schellman here. Written by Scott Perry, Schellman. Ernest Cline’s sci-fi novel, Ready Player One, centers on users’ experience within the OASIS—a highly advanced, fully immersive simulation. In the book, people prefer living in virtual reality rather than ...

Why You Need Application Security Testing for Business-Critical Applications: Part 3

Blog Published: 07/08/2022

This blog was originally published by Onapsis here. In this five part blog series, we discuss the importance of building secure business-critical applications with application security testing. In part one, we shared that while speed is the driving force behind application development, on-time...

View TPRM Risk Through Four Lenses

Blog Published: 07/11/2022

This blog was originally published by Coalfire here. Written by Jon Knohl, Coalfire. Organizations can more effectively evaluate their risk profile by measuring confidentiality, integrity, and availability as they each relate to the enterprise-wide domains of financial, regulatory, reputationa...

Shift Left is Only Part of Secure Software Delivery

Blog Published: 07/11/2022

This blog was originally published by Sysdig here. Written by Anna Belak, Sysdig and Effi Goldstein, Snyk. We’re living in the age of accelerated consumption and delivery. You can get a seemingly infinite selection of products delivered to your door within two days, for free, from thousands of...

An Easy Misconfiguration to Make: Hidden Dangers in the Cloud Control Plane

Blog Published: 07/12/2022

This blog was originally published by Mitiga here. Written by Andrew Johnston, Mitiga. There’s a good reason many developers are excited about the cloud. The advent of managed services has enabled solutions architecture to become an assortment of building blocks—configuration is simple, scalin...

Hatchet & Scalpel

Blog Published: 07/12/2022

This blog was originally published by Nasuni here. Written by Andres Rodriguez, Nasuni. The frightening success of ransomware stems from an evil combination of social and software engineering. The devious minds behind the malware understand people as deeply as they understand technology, wh...

With Multi-Device Fido Credentials, You Can Now Go All-in on Passwordless

Blog Published: 07/13/2022

This blog was originally published by CXO REvolutionaries here. Written by Maneesh Sahu, Senior Director, OT and IIoT Product Management, Zscaler. In a previous post, The Passwordless future has arrived, here are your options, I enumerated some options for app developers and end-users to use i...

Is Your CSP Capitalizing on the Rise in Federal Cloud Spending?

Blog Published: 07/12/2022

This blog was originally published by A-LIGN here. Written by Tony Bai, Federal Practice Lead, A-LIGN. With federal cloud spending at an all-time high, the government sector has become a lucrative market for technology companies. Analysis from Deltek indicates that federal agencies spent nearl...

How to Secure Kubernetes Ingress?

Blog Published: 07/13/2022

This blog was originally published by ARMO here. Written by Ben Hirschberg, VP R&D & Co-founder, ARMO. Ingress aims to simplify the way you create access to your Kubernetes services by leveraging traffic routing rules that are defined during the creation of the Ingress resource. This u...

Overview of Critical Controls for Oracle Cloud Applications

Blog Published: 07/13/2022

CSA’s Enterprise Resource Planning (ERP) Working Group is pleased to release the latest in a series of security guidance for deploying ERP systems in the cloud. This latest whitepaper focuses on Oracle Cloud Applications. Oracle Cloud Application clients share with Oracle Corporation the re...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
102
103
104
106
108
109
110
Last »