Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog

All Articles

Home
All Articles
The War On Data: Three Defense Mechanisms Your Business Needs To Adopt

Blog Published: 06/22/2022

This blog was originally posted to the Forbes Technology Council and Nasuni.Written by Andres Rodriguez, Nasuni. We have entered an unusual new age of security. The Colonial Pipeline incident, which cut off a major source of fuel for the Eastern United States, was a reminder that bad actors ar...

3 Vulnerability Management Challenges for SAP Applications (and How to Overcome Them)

Blog Published: 06/23/2022

This blog was originally published by Onapsis here.Written by Maaya Alagappan, Social Media and Content Strategist, Onapsis.Business-critical applications have never been more vulnerable. The increasing complexity and size of application environments, customization of individual apps, and grow...

Security as a Differentiator: How to Market the Secure Customer Experience

Blog Published: 06/23/2022

This blog was originally published by Coalfire here.Written by Nathan DeMuth, Vice President, Cloud Services, Coalfire.Leveraging software development lifecycle security as a go-to-market differentiator is imperative in setting companies apart from competitors. As Coalfire’s Cloud Advisory Boa...

What to Look for in a CNAPP Solution

Blog Published: 06/24/2022

Written by Aqua Security. As large-scale cloud native deployments become more prevalent, enterprises are trying to bring greater efficiency and speed to cloud native security. To do this, they’re moving to shift security left, implementing intelligent automation, cloud security posture managem...

What a More Holistic Approach to Cloud-Native Security and Observability Looks Like

Blog Published: 06/27/2022

This blog was originally published by Tigera here. Written by Laura Ferguson, Tigera. The rise of cloud native and containerization, along with the automation of the CI/CD pipeline, introduced fundamental changes to existing application development, deployment, and security paradigms. Because ...

Four Reasons for Alert Fatigue and How to Make It Stop

Blog Published: 06/24/2022

This blog was originally published by LogicHub here. Written by Ryan Thomas, VP of Product Management, LogicHub. Alert (or alarm) fatigue is the phenomenon of becoming desensitized (and thus ignoring or failing to respond appropriately) to signals meant to warn us about emergencies.IT secur...

How to Protect Your Crypto from Hackers

Blog Published: 06/29/2022

This blog was originally published by TokenEx here.Written by Valerie Hare, Content Marketing Specialist, TokenEx.A McAfee report, "The Hidden Costs of Cybercrime," states that over $4 billion in cryptocurrency was stolen and nearly $1.4 billion was stolen in the first five months of 2020. Whi...

Understanding Compliance Platform Capabilities: Black Box Automation Has its Limitations

Blog Published: 06/29/2022

This blog was originally published by Coalfire here.Written by Dixon Wright, VP of Product Management, Coalfire.Compliance is hard. It is not a “black box” of opaque inputs and outputs, where systems and data are hidden and where users are oblivious to their inner workings. There has yet to be...

What We Get Wrong About Ransomware

Blog Published: 06/29/2022

This blog was originally published by Forbes and Nasuni. Written by Andres Rodriguez, founder and CTO of Nasuni. We live in the age of ransomware. This persistent threat remains top of mind for CEOs, their boards, CIOs, CISOs and everyone in the line of fire in IT. Yet we still get so much wro...

Definitive Guide to Kubernetes Admission Controller

Blog Published: 06/30/2022

This blog was originally published by ARMO here. Written by Leonid Sandler, CTO & Co-founder, ARMO.What is Kubernetes Admission Controller?Kubernetes Admission Controller is an advanced plugin for gating and governing the configuration changes and workload deployment in a cluster. Admissio...

What is the CSA Cloud Controls Matrix and Why Should Everyone on the Cloud Care?

Blog Published: 07/01/2022

This blog was originally published by Pivot Point Security here. If you’re not on the cloud you must be very afraid of heights. With nearly 100% of businesses now using cloud services, how are cloud service providers (CSPs) proving to customers and other stakeholders that they are secure?To ta...

#1 Threat to Cloud Computing: Insufficient Identity, Credential, Access, and Key Management

Blog Published: 06/25/2022

Written by the CSA Top Threats Working Group.The CSA Top Threats to Cloud Computing Pandemic Eleven report aims to raise awareness of threats, vulnerabilities, and risks in the cloud. The latest report highlights the Pandemic Eleven top threats, in which the pandemic and the complexity of work...

The SASE Journey: A Head of IT Talks Shop

Blog Published: 07/06/2022

This blog was originally published by Lookout here. Written by Steve Banda, Senior Manager, Security Solutions, Lookout.Organizations that are adopting a permanent hybrid or remote-first work environment can use a Secure Access Services Edge (SASE) platform to implement cybersecurity that is n...

Gatekeepers to Gateopeners

Blog Published: 07/07/2022

This blog was originally published by Laminar here. Written by Amit Shaked, Laminar. The past couple of years have been tragic and challenging as the world responded to COVID-19. One positive side effect of the pandemic however, has been the positive momentum of digital transformation, and the...

Organizations Strengthen Their Cybersecurity Defense Against Ransomware and Cyber Attacks

Blog Published: 06/27/2022

This blog was originally published by A-LIGN here. Written by Patrick Sullivan, VP of Customer Success, A-LIGN. To date, 2021 was the most disruptive year with regards to cyberattacks — and it’s looking like 2022 could be even more challenging for organizations who are still working to impleme...

Securing Your Cloud Transformation Journey with Smart Cybersecurity Investments

Blog Published: 06/27/2022

Written by Syam Thommandru, VP, Global Alliances and Product Management, Cybersecurity & GRC Services, HCL Technologies and Vinay Anand, VP, Prisma Cloud, Palo Alto Networks. There is no denying that cloud is the new norm. As a critical enabler of business during the pandemic, more busines...

CSA and the Cyber Risk Institute: CCM Addendum for the Financial Sector

Blog Published: 06/28/2022

The CSA Cloud Controls Matrix (CCM) is 11 years old. Almost a teenager! Over time it has evolved and matured and has been a fundamental piece of the cloud journey for several thousands of organizations worldwide. Virtually any organization willing to implement cloud computing in a secure way ...

Cloud Security Alliance, Cyber Risk Institute Partner to Create Cloud Controls Matrix (CCM) Addendum for the Financial Sector

Press Release Published: 06/28/2022

Strategic collaboration addresses sector-specific requirements within CCM frameworkSEATTLE – June 28, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environme...

Enabling Pervasive Zero Trust

Blog Published: 06/28/2022

This blog was originally published by CrowdStrike on March 9, 2022. Written by George Kurtz, CrowdStrike. The security problems that plague organizations today actually haven’t changed much in 30 years. Weak and shared passwords, misconfigurations and vulnerabilities are problems that have tor...

SynLapse – Technical Details for Critical Azure Synapse Vulnerability

Blog Published: 06/28/2022

This blog was originally published by Orca Security on June 14, 2022. Written by Tzah Pahima, Orca Security. One attack vector closed, additional hardening is recommended This blog describes the technical details of SynLapse, in continuation to our previous blog. We waited to publish until now...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
101
102
103
105
107
108
109
Last »