Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
Five Core Principles for Hybrid Cloud Security: How To Build an Effective, Scalable and Affordable Strategy

Blog Published: 08/21/2023

Originally published by Tenable. Written by Tom Croll, Advisor at Lionfish Tech Advisors. As organizations shift on-premises workloads to public cloud platforms, their perimeter defense boundaries dissolve, creating cloud sprawl and thorny security challenges. To protect these new borderless, ...

Cloud Defense in Depth: Lessons from the Kinsing Malware

Blog Published: 08/22/2023

Originally published by Sysdig. Written by Nigel Douglas. In the face of persistent data breaches and escalating cyber threats, organizations are compelled to prioritize cloud defense in depth. These measures are indispensable for protecting critical assets and upholding the integrity of cloud...

Fighting Fire with Fire: Ethical Hacking & Penetration Testing

Blog Published: 08/23/2023

Originally published by ThreatLocker.Introduction Building a successful defense begins with understanding your enemy. For businesses operating in today’s digital world, hackers are the enemy. These adversaries are often faceless, elusive, well-funded, creative, persistent, and smart. They at...

Financial Services Knows It Needs to Do More to Protect Data in the Cloud

Blog Published: 08/25/2023

Originally published by Skyhigh Security. Written by Rodman Ramezanian, Global Cloud Threat Lead, Skyhigh Security. With hybrid work here to stay, the financial services industry is adapting to the increased risks associated with the enablement of a remote workforce. Much progress has been mad...

Cloud Controls Matrix: How to Secure Your Journey to the Cloud

Blog Published: 08/25/2023

Originally published by Contino. Written by Kevin Davies. If you’re in a highly regulated industry, it can be hard to embrace all the possibilities that cloud computing can offer while still maintaining control of your data assets in the public cloud. That’s why it’s vital to have security cor...

Into the Abyss: How a Dark Web LLM Could Enhance Our Cybersecurity

Blog Published: 08/28/2023

Originally published by CXO REvolutionaries. Written by Kyle Fiehler, Senior Transformation Analyst, Zscaler. Amid nuanced debate about whether AI will save the world or rise to kill us all, why train a large language model (LLM) on roughly 6.1 million pages of dark web content?Research, says ...

Unleashing Intelligence: Transforming NetFlow and Flow Log Data into Actionable Intelligence

Blog Published: 08/29/2023

Originally published by Netography. Written by Tom Dixon, Senior Field Engineer, Netography. In our modern digital landscape, organizations are drowning in an ocean of data. This is because raw data in isolation lacks meaning and utility, and actually acts to add more hay to the proverbial hay...

Sovereignty in the Cloud Environment – What Does it Mean?

Blog Published: 08/29/2023

Originally published by T-Systems International. Written by Moritz Nowitzki. Why a Sovereign Cloud?For those currently considering a cloud transformation in Germany, the concept of a Sovereign Cloud is unavoidable. But what does sovereignty entail, and why is it so crucial? European businesses...

Future-Proofing Your DevSecOps: Adopting Least Privilege Access for Cloud Permissioning

Blog Published: 08/31/2023

Originally published by Britive. In today’s rapidly evolving cloud landscape, businesses are turning to new models for access management as a means to streamline operations, enhance scalability, and drive innovation. Security leaders and DevOps decision makers are all aware of the need for clo...

GCP CloudSQL Vulnerability Leads to Internal Container Access and Data Exposure

Blog Published: 09/01/2023

Originally published by Dig Security. Written by Ofir Balassiano and Ofir Shaty. One of the top three cloud providers is Google Cloud Platform (GCP), which offers a range of services including a managed database service called CloudSQL. CloudSQL is capable of supporting three different databas...

Delivering Digital Trust to Home Automation and Robotics Software

Blog Published: 09/01/2023

Originally published by DigiCert.Remember The Jetsons? This 1960s-era cartoon depicts space-age life, complete with flying cars and watches that let you call people. The Jetson household used home automation in everything from cooking to carpooling, with Rosey, the sassy robot housekeeper, mak...

The Deception Game: Negative Trust in Cybersecurity

Blog Published: 09/05/2023

Originally published by CXO REvolutionaries. Written by Sam Curry, VP & CISO, Zscaler. Cybersecurity is an unfair, asymmetric race. For years, we have studied the opponent, from the Kill Chain™ to MITRE ATT&CK, and have inadvertently lionized the attacker’s course and journey from snif...

What to Do After Receiving a Phishing Attack

Blog Published: 09/06/2023

Originally published by Abnormal Security. Written by Emily Burns. Phishing is an increasingly common form of cyberattack that relies on social engineering tactics and malicious links to gain access to confidential data or financial accounts. In fact, over the past two years, phishing has been...

Debunking Five Cybersecurity Myths

Blog Published: 09/07/2023

Originally published by ThreatLocker.Introduction Cybersecurity is not an easy topic to fully understand if you are new to the field, and just when you think you have a decent understanding of the technical aspects of it, you open a door to much more undiscovered knowledge. It is this reason t...

Zero Trust is a Never-Ending Journey, Not a Ready-Made Solution

Blog Published: 08/22/2023

Written by Aaron Cockerill, Chief Security Officer, Lookout. Nearly all organizations are struggling with how to stay in control as their data migrates to the cloud and users connect from anywhere. The answer, they’ve been told, is zero trust. Zero trust starts from the premise that an organiz...

New Research Suggests Unseen Benefits of DevSecOps

Blog Published: 08/22/2023

Written by Tim Chase, Global Field CISO, Lacework. DevSecOps continues its ascent in cybersecurity. The “better together” story of integrating security as early as possible in the development process continues to prove true — and people continue to buy in. Even those that haven’t yet adopted t...

The Power of Audit Logs: Critical Lessons from the Recent Storm-0558 Threat

Blog Published: 08/23/2023

Originally published by Obsidian Security on July 25, 2023. Earlier this month, Microsoft and CISA reported the discovery of a recent advanced persistent threat (APT), Storm-0558, which gained access to Exchange and harvested corporate emails. The threat actor group responsible managed to gain...

Learn All About CSA STAR at CSA’s Annual Cybersecurity Conference

Blog Published: 08/23/2023

The Cloud Security Alliance (CSA) Security, Trust, Assurance, and Risk (STAR) program is the most complete and largest cloud assurance program in the world that constitutes an ecosystem of the best practices, standards, technology, and auditing and consulting partners. The foundation of CSA ST...

What is Edge Computing and Why is it Important?

Blog Published: 08/24/2023

Originally published by Sangfor. Written by Nicholas Tay Chee Seng, CTO, Sangfor Cloud. We are in the midst of a digital transformation era, and more than ever before, enterprises of all sizes are investing heavily in data-driven artificial intelligence/machine learning (AI/ML) processes. Thes...

Cloud Native Application Protection Platforms: Key Findings & Challenges from the CSA Survey

Blog Published: 08/24/2023

With organization cloud environment complexity increasing year-to-year, monitoring, detecting, and preventing threats and vulnerabilities in the cloud has also become an even greater challenge. Coupled with the proliferation and fragmentation of security tools, security teams are facing an inc...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
144
145
146
148
150
151
152
Last »