Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog

All Articles

Home
All Articles
Naming Adversaries and Why It Matters to Your Security Team

Blog Published: 07/14/2022

This blog was originally published by CrowdStrike here. Written by Bart Lenaerts-Bergmans, CrowdStrike. What is it with these funny adversary names such as FANCY BEAR, WIZARD SPIDER and DEADEYE JACKAL? You read about them in the media and see them referenced by MITRE in the ATT&CK framewor...

How the Cloud Security Alliance Addresses Privacy

Blog Published: 07/14/2022

This blog was originally published by Pivot Point Security here. These days cloud service providers (CSPs) don’t just need to prove to customers and other stakeholders that they are secure—they also need to demonstrate that they have a strong privacy program. But how can CSPs make a convincing...

How To Secure S3 Buckets Effectively

Blog Published: 07/14/2022

This blog was originally published by Panther here. Written by Kartikey Pandey, Panther. Six supercharged tips to reduce S3 bucket-related threats and ensure ‘water-tight’ cloud securityWhen it comes to AWS security, S3 buckets are undeniably the most vulnerable aspect of it all. Misconfigured...

Web Protocol - Uses Finite State Machine

Blog Published: 07/15/2022

Written by Gregory Machler, Cybersecurity Engineer, Daikin Applied. In an attempt to improve the cybersecurity of the communications between a browser and web server, I’ve been mulling over session protocols. In prior thoughts last year, I commented on the use of TLS 1.3 to encrypt traffic bet...

An Introduction to Cloud Security for Infosec Professionals

Blog Published: 07/15/2022

Originally published on Fugue’s website. Written by Richard Park, Chief Product officer, Fugue / Senior Director Product Management, Snyk. As someone who has spent a long time in network and endpoint security then moved to cloud security, I can sympathize with people with security backgrou...

Financial Services Turn to Confidential Computing for Key Use Cases

Blog Published: 07/15/2022

This blog was originally published by Anjuna here. Why do highly regulated industries need the protection of Confidential Computing to secure personal data, MPC, and other applications?The very mention of today’s cloud-related financial risks raises goose-bumps: intensified money laundering ca...

What Is Interoperability and Why Is It Important?

Blog Published: 07/18/2022

This blog was originally published by TokenEx here. Written by Valerie Hare, TokenEx. In today’s digital society, businesses and customers depend on having seamless access to all data types, from payments to healthcare. While physical data still has its place, electronic data has become the go...

Secure SAP Application Development at the Speed of Digital Transformation

Blog Published: 07/18/2022

This blog was originally published by Onapsis here. Written by Curtis Parker, Onapsis. Business-critical applications like SAP help run enterprises, supporting financial systems, human capital management, supply chains, supplier relationships, and more. Considering 94% of the world’s 500 large...

Conversation on Compliance: Q3 Insights

Blog Published: 07/18/2022

This blog was originally published by IntelAgree here. Written by Lee Rone, General Counsel, IntelAgree. Regulatory compliance, particularly in the data privacy realm, is a delicate balancing act for general counsel. Not only does it require juggling international, domestic, and industry-speci...

How to Maintain Business Continuity in the Age of Ransomware

Blog Published: 07/20/2022

This blog was originally published by Nasuni here. Written by Anne Blanchard, Nasuni. It’s worth making the connection between ransomware and your overall business continuity strategy. Ransomware has been a scourge for years, but the attacks are only growing more sophisticated, capable of hitt...

The Future of Cloud Security | 2022 and Beyond

Blog Published: 07/21/2022

This blog was originally published by Check Point here.Written by Pete Nicoletti, Field CISO - Americas, Check Point Software.What will the future of cloud security look like? The crystal ball is cloudy when looking beyond a few years from now, but we can anticipate near-term trends! There are...

New Cloud Security Alliance Survey Finds 67% of Organizations Already Store Sensitive Data in Public Cloud Environments

Press Release Published: 07/13/2022

Confidential Computing in use by 27% of respondents, and 55% have plans to deploy it to lock down data and workloadsSEATTLE – July 13, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a...

A Survey of FedRAMP's New Supply Chain Requirements

Blog Published: 07/21/2022

This blog was originally published by Coalfire here.Written by Adam Smith, Senior Director, Cloud Infrastructure, Coalfire.Supply Chain ManagementOver the past few years, supply chain management has shifted from a background requirement that everyone unknowingly relies upon, to being a commonl...

A Technical Primer in Detection Engineering

Blog Published: 07/22/2022

This blog was originally published by Panther here. Written by Mark Stone, Panther. Tools that an organization can use to detect threats are no longer a nice-to-have. Businesses are moving to the cloud, and the threat landscape is evolving and increasing in complexity. Today, threat detection ...

What is IAM: Identity in the Digital and Cloud Era

Blog Published: 07/17/2022

This is Part 1 of our ‘What is IAM’ blog series. Written by Paul Mezzera, Ravi Erukulla, and Ramesh Gupta of the CSA IAM Working Group. Identity and access management (IAM) is not a new concept, yet it is becoming much more essential in today's digital-first world. The modern workforce demands...

The Definition of IAM and Its Criticality to Good Security Hygiene

Blog Published: 07/17/2022

This is Part 2 of our ‘What is IAM’ blog series. Read Part 1 here. Written by Paul Mezzera, Ravi Erukulla, and Ramesh Gupta of the CSA IAM Working Group. What exactly is identity and access management (IAM)? It is the overall discipline that encompasses not only tools and technologies, but pro...

The Components of IAM

Blog Published: 07/17/2022

This is Part 3 of our ‘What is IAM’ blog series. Read Part 1 here and Part 2 here. Written by Paul Mezzera, Ravi Erukulla, and Ramesh Gupta of the CSA IAM Working Group. As alluded to previously, IAM is a set of tools that implement a number of use cases. If broken down into access management ...

The Evolution of IAM

Blog Published: 07/17/2022

This is Part 4 of our ‘What is IAM’ blog series. Make sure to check out the beginning of the series: Part 1: What is IAM Part 2: The Definition of IAM and Its Criticality to Good Security Hygiene Part 3: The Components of IAM Written by Paul Mezzera, Ravi Erukulla, and Ramesh Gupta of the CSA ...

IAM Stakeholders and Adoption Challenges

Blog Published: 07/17/2022

This is Part 5 of our ‘What is IAM’ blog series. Make sure to check out the rest of the series: Part 1: What is IAM Part 2: The Definition of IAM and Its Criticality to Good Security Hygiene Part 3: The Components of IAM Part 4: The Evolution of IAM Written by Paul Mezzera, Ravi Eruk...

Adapting the Cloud Service Model to Today's Needs

Blog Published: 07/19/2022

This blog was originally published by CXO REvolutionaries here. Written by Brett James, Director, Transformation Strategy, Zscaler. You may have come across the diagram below, or a version of it if you’ve done any research into cloud services (and not from under a rock). Figure 1: Cloud S...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
103
104
105
107
109
110
111
Last »