CSA STAR Registry Surpasses 100 Entries; New CSA STAR Watch Tool Now in Open Beta

Cloud Providers Globally Seek to Meet Security Baselines Established by CSA

San Francisco, CA – April 20, 2015 – The Cloud Security Alliance (CSA) today announced significant momentum for the CSA Security, Trust and Assurance Registry (STAR) program. CSA STAR is the industry’s comprehensive cloud assurance solution and includes leading cloud security standards and a repository of cloud provider security entries, as well as a new SaaS tool to help manage cloud security. The registry now has more than 100 entries, as cloud providers from all over the world have sought to meet the security baseline established by the CSA, and help end users assess the security of various cloud providers, accelerating their due diligence and leading to higher quality procurement experiences.

Other key milestones for the STAR program include:

In addition, today the CSA announced an open beta for CSA STAR Watch, a SaaS tool in a database structure that allows organizations to manage both public and private cloud security assessments, based upon CCM and CAIQ.

“CSA STAR represents a major leap forward in industry transparency and encourages providers to make security capabilities a market differentiator,” said Jim Reavis, CEO of the CSA. “We are thrilled that the industry has embraced STAR to help customers better, more easily understand their security posture. We look forward to expanding the STAR program with additional tools and resources that encompass its key principles of transparency, rigorous auditing, and harmonization of standards.”

CSA STAR is based upon the research of the GRC Stack and provides a toolkit for enterprises, cloud providers, security solution providers, IT auditors and other key stakeholders. The GRC Stack allows users to instrument and assess both private and public clouds against industry established best practices, standards and critical compliance requirements. Its components include:

CSA STAR Certification is a third-party assessment based upon ISO 27001 and CCM that is conducted by qualified certification bodies. CSA STAR Attestation provides a specification for SOC 2 audit reports scoped with CCM control objectives.

About Cloud Security Alliance

The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.


Kari Walker for the CSA ZAG Communications 703.928.9996 [email protected]

Share this content on your favorite social network today!