Cloud Security Alliance Launches STAR Continuous, a Compliance Assessment Program for Cloud Service Providers

Chance to align security validation capabilities with cloud security compliance gives enterprises a competitive edge

SAN FRANCISCO – March 4, 2019 – RSA CONFERENCE 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced STAR Continuous Self Assessment, the first release of an evolving continuous-compliance assessment program for cloud services that gives cloud service providers (CSPs) the opportunity to align their security validation capabilities with cloud security compliance and certification on an ongoing basis.

CSA STAR Continuous is an integral part of the CSA STAR program, the industry’s leading cloud governance and compliance program that enables organizations to increase their levels of assurance and transparency for security and privacy. STAR consists of three levels of assurance (Self-Assessment, Third-Party Certification and Continuous Auditing), based upon the CSA Cloud Controls Matrix (CCM), the Consensus Assessments Initiative Questionnaire (CAIQ), and the CSA Code of Conduct for GDPR Compliance. Future releases will be Level 2 Extended Certification with Continuous Self-Assessment and Level 3 Continuous Certification.

“In attempting to reduce the complexity and costs of traditional IT, more organizations are evaluating cloud options first before making any new IT investments. However, many CIOs remain apprehensive about transferring services into the cloud—cyber security, ownership of data, and privacy are key concerns. Simultaneously, security controls, compliance, and the call for increased transparency are rapidly becoming baseline expectations of users – especially enterprise customers. STAR Continuous, which offers increased reliability of results, transparency and ease of use of the CSP’s assurance reports will give enterprises a competitive advantage in today’s environment,” said Daniele Catteddu, CTO, Cloud Security Alliance.

Among its benefits, STAR Continuous gives CSPs the opportunity to:

In addition, it can help cloud service providers:

CSA is committed to helping customers have a deeper understanding of their security postures and to that end developed the CSA STAR Program in 2011. Since that time, the organization has continued to invest heavily in its success. Among the milestones:

To learn more or get started, download STAR Continuous Technical Guidance.

About Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA’s activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at, and follow us on Twitter @cloudsa.

Kari Walker for the CSA
ZAG Communications
[email protected]

Share this content on your favorite social network today!