Register for CSA’s SECtember conference and trainings today




Circle
Events
Blog

All Articles

All Articles
Lessons Learned from Scanning Over 10,000 Kubernetes Clusters

Blog Published: 07/25/2022

This blog was originally published by ARMO here. Written by Jonathan Kaftzan, VP Marketing & Business Development, ARMO. With Kubernetes adoption continuing to rise, we've seen multiple studies add to the growing body of research for enterprise K8s deployments this past year. Companies levera...

9 Questions You Should Ask About Your Cloud Security

Blog Published: 07/25/2022

Originally published on Fugue’s blog on May 13, 2022. Written by Josh Stella, Chief Architect, Snyk and Co Founder, Fugue. In order for business leaders and cybersecurity professionals to gain the knowledge they need to thwart the hackers constantly targeting their cloud infrastructure and ap...

Security Tools Need to Get with the API Program

Blog Published: 07/25/2022

This blog was originally published by LogicHub here. Written by Willy Leichter, Chief Marketing Officer, LogicHub. No cloud API is an island The evolution of cloud services has coincided with the development of advanced Application Programming Interfaces (APIs) that allow developers to link c...

CCSK Success Stories: From the Head of Digital Architecture

Blog Published: 07/23/2022

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage k...

A Technical Primer in Detection Engineering

Blog Published: 07/22/2022

This blog was originally published by Panther here. Written by Mark Stone, Panther. Tools that an organization can use to detect threats are no longer a nice-to-have. Businesses are moving to the cloud, and the threat landscape is evolving and increasing in complexity. Today, threat detection is ...

How to Protect Data in AWS S3

Blog Published: 07/22/2022

This blog was originally published by BigID here. Written by Dimitri Sirota, BigID. S3 object store has become a popular foundation for storing unstructured documents and mixed file types with elastic scale. However, like with any wide and deep data lake, it creates unique data security challenge...

Threat Activity Cluster #5: Pistachio

Blog Published: 07/22/2022

This blog was originally published by Alert Logic here. Written by Josh Davies and Gareth Protheroe, Alert Logic. The ice cream blog series continues by documenting another activity cluster first observed in our dataset in 2019. This threat cluster has been well documented in the security communi...

Cloud Data Protection

Blog Published: 07/21/2022

Written by Luigi Belvivere, Elena Minghelli, and Sara Frati of NTT DATA. IntroductionIn the digital era and its digital transition, business and institutions have clearly understood that a robust cloud security is essential. It is well known that security threats evolve in parallel with the evol...

A Survey of FedRAMP's New Supply Chain Requirements

Blog Published: 07/21/2022

This blog was originally published by Coalfire here.Written by Adam Smith, Senior Director, Cloud Infrastructure, Coalfire.Supply Chain ManagementOver the past few years, supply chain management has shifted from a background requirement that everyone unknowingly relies upon, to being a commonly t...

The Future of Cloud Security | 2022 and Beyond

Blog Published: 07/21/2022

This blog was originally published by Check Point here.Written by Pete Nicoletti, Field CISO - Americas, Check Point Software.What will the future of cloud security look like? The crystal ball is cloudy when looking beyond a few years from now, but we can anticipate near-term trends! There are th...

How to Maintain Business Continuity in the Age of Ransomware

Blog Published: 07/20/2022

This blog was originally published by Nasuni here. Written by Anne Blanchard, Nasuni. It’s worth making the connection between ransomware and your overall business continuity strategy. Ransomware has been a scourge for years, but the attacks are only growing more sophisticated, capable of hitting...

Cloud Security Alliance Releases Guidance on Third-Party Vendor Risk Management in Healthcare

Press Release Published: 07/20/2022

Document outlines the security challenges facing the use of third-party vendors for Healthcare Delivery Organizations and offers assessment and protection recommendationsSEATTLE – July 20, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, ...

Stop Modern Identity-Based Attacks in Chrome

Blog Published: 07/20/2022

This blog was originally published by CrowdStrike here. Written by Eamonn Ryan, Matthew Puckett, and Liviu Arsene of CrowdStrike. A novel technique that reduces the overhead in extracting sensitive data from Chromium browser’s memory was recently found by researchers from CyberArk Labs Existing a...

How to Prepare for Your C5 Examination: 5 Tips

Blog Published: 07/19/2022

This blog was originally published by Schellman here. It was once remarked that “there are no rules of architecture for a castle in the clouds.”Well, those of us in cloud services and compliance know that’s not the case at all. With the growing appeal of the cloud in the digital landscape, regula...

Adapting the Cloud Service Model to Today's Needs

Blog Published: 07/19/2022

This blog was originally published by CXO REvolutionaries here. Written by Brett James, Director, Transformation Strategy, Zscaler. You may have come across the diagram below, or a version of it if you’ve done any research into cloud services (and not from under a rock). Figure 1: Clou...

Conversation on Compliance: Q3 Insights

Blog Published: 07/18/2022

This blog was originally published by IntelAgree here. Written by Lee Rone, General Counsel, IntelAgree. Regulatory compliance, particularly in the data privacy realm, is a delicate balancing act for general counsel. Not only does it require juggling international, domestic, and industry-specific...

Secure SAP Application Development at the Speed of Digital Transformation

Blog Published: 07/18/2022

This blog was originally published by Onapsis here. Written by Curtis Parker, Onapsis. Business-critical applications like SAP help run enterprises, supporting financial systems, human capital management, supply chains, supplier relationships, and more. Considering 94% of the world’s 500 largest ...

What Is Interoperability and Why Is It Important?

Blog Published: 07/18/2022

This blog was originally published by TokenEx here. Written by Valerie Hare, TokenEx. In today’s digital society, businesses and customers depend on having seamless access to all data types, from payments to healthcare. While physical data still has its place, electronic data has become the go-to...

IAM Stakeholders and Adoption Challenges

Blog Published: 07/17/2022

This is Part 5 of our ‘What is IAM’ blog series. Make sure to check out the rest of the series: Part 1: What is IAM Part 2: The Definition of IAM and Its Criticality to Good Security Hygiene Part 3: The Components of IAM Part 4: The Evolution of IAM Written by Paul Mezzera, Ravi E...

The Evolution of IAM

Blog Published: 07/17/2022

This is Part 4 of our ‘What is IAM’ blog series. Make sure to check out the beginning of the series: Part 1: What is IAM Part 2: The Definition of IAM and Its Criticality to Good Security Hygiene Part 3: The Components of IAM Written by Paul Mezzera, Ravi Erukulla, and Ramesh Gupta of the CSA IAM...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.