Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog

All Articles

Home
All Articles
How to Prepare for Your C5 Examination: 5 Tips

Blog Published: 07/19/2022

This blog was originally published by Schellman here. It was once remarked that “there are no rules of architecture for a castle in the clouds.”Well, those of us in cloud services and compliance know that’s not the case at all. With the growing appeal of the cloud in the digital landscape, reg...

Stop Modern Identity-Based Attacks in Chrome

Blog Published: 07/20/2022

This blog was originally published by CrowdStrike here. Written by Eamonn Ryan, Matthew Puckett, and Liviu Arsene of CrowdStrike. A novel technique that reduces the overhead in extracting sensitive data from Chromium browser’s memory was recently found by researchers from CyberArk Labs Existin...

Cloud Data Protection

Blog Published: 07/21/2022

Written by Luigi Belvivere, Elena Minghelli, and Sara Frati of NTT DATA. IntroductionIn the digital era and its digital transition, business and institutions have clearly understood that a robust cloud security is essential. It is well known that security threats evolve in parallel with the ev...

Threat Activity Cluster #5: Pistachio

Blog Published: 07/22/2022

This blog was originally published by Alert Logic here. Written by Josh Davies and Gareth Protheroe, Alert Logic. The ice cream blog series continues by documenting another activity cluster first observed in our dataset in 2019. This threat cluster has been well documented in the security comm...

CCSK Success Stories: From the Head of Digital Architecture

Blog Published: 07/23/2022

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverag...

Cloud Security Alliance Releases Guidance on Third-Party Vendor Risk Management in Healthcare

Press Release Published: 07/20/2022

Document outlines the security challenges facing the use of third-party vendors for Healthcare Delivery Organizations and offers assessment and protection recommendationsSEATTLE – July 20, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standard...

9 Questions You Should Ask About Your Cloud Security

Blog Published: 07/25/2022

Originally published on Fugue’s blog on May 13, 2022. Written by Josh Stella, Chief Architect, Snyk and Co Founder, Fugue. In order for business leaders and cybersecurity professionals to gain the knowledge they need to thwart the hackers constantly targeting their cloud infrastructure and...

Hunting a Global Telecommunications Threat: DecisiveArchitect and Its Custom Implant JustForFun

Blog Published: 07/26/2022

This blog was originally published by CrowdStrike on May 25, 2022. Written by Jamie Harries, CrowdStrike. The security landscape is constantly developing to provide easier ways to establish endpoint visibility across networks through the use of endpoint detection and response (EDR) utilities. ...

How to Protect Data in AWS S3

Blog Published: 07/22/2022

This blog was originally published by BigID here. Written by Dimitri Sirota, BigID. S3 object store has become a popular foundation for storing unstructured documents and mixed file types with elastic scale. However, like with any wide and deep data lake, it creates unique data security challe...

Security Tools Need to Get with the API Program

Blog Published: 07/25/2022

This blog was originally published by LogicHub here. Written by Willy Leichter, Chief Marketing Officer, LogicHub. No cloud API is an island The evolution of cloud services has coincided with the development of advanced Application Programming Interfaces (APIs) that allow developers to link ...

Lessons Learned from Scanning Over 10,000 Kubernetes Clusters

Blog Published: 07/25/2022

This blog was originally published by ARMO here. Written by Jonathan Kaftzan, VP Marketing & Business Development, ARMO. With Kubernetes adoption continuing to rise, we've seen multiple studies add to the growing body of research for enterprise K8s deployments this past year. Companies lev...

Will the Cloud Kill Security Agents?

Blog Published: 07/26/2022

This blog was originally published by Sysdig here. Written by Anna Belak, Sysdig. The “agents or no agents” debate is ancient and eternal. Every decade or so, we go through another round of “agents are terrible, let’s end them” and “we need more visibility and control to secure the system, may...

Securely Enable Multi-Cloud Architecture for a Future-Ready Workplace

Blog Published: 07/26/2022

This blog was originally published by HCL Technologies here. Written by Magnus Hultman, Sales Director, Cybersecurity & GRC Services, HCL Technologies. The adoption of new technologies has invariably accelerated the digital transformation of businesses and their ways of working. With co...

What is CSA STAR Certification and Why it is Important for ISO/IEC 27001 Certified Organizations?

Blog Published: 07/27/2022

This blog was originally published by MSECB here. What is CSA STAR Certification? Building security and data protection into the DNA of an organization’s management system and operations is very important considering the intensive use of cloud computing by all organizations nowadays. CSA S...

C-SCRM and the C-Suite: Securing Executive Buy-In for Supply Chain Risk Management

Blog Published: 07/27/2022

This blog was originally published by CXO REvolutionaries here.Written by Brad Moldenhauer, CISO, Americas, ZScaler.Unfortunately, it's not enough for today's IT leaders to concern themselves with the security of their own organizations. Complex and convoluted supply chains have seized their a...

What Is an Acceptable Risk for Online Payments?

Blog Published: 07/27/2022

This blog was originally published by TokenEx here.Written by Valerie Hare, Content Marketing Specialist, TokenEx.If your business handles online payments, there are risks associated with this. These risks include everything from chargebacks and fraud to data breaches and payment declines. Wit...

The 5 Faces of Development Risk

Blog Published: 07/28/2022

Written by Tony Karam, Strategic Marketing Leader, Concourse Labs.Which of these development risks do you recognize?Delivering cloud-native applications, quickly, is an existential requirement for most businesses. Security, Risk Management, and DevSecOps leaders are tasked with ensuring cloud ...

Should You Outsource or Manage Security In-House?

Blog Published: 07/29/2022

This blog was originally published by LogicHub here.Written by Willy Leichter, Chief Marketing Officer, LogicHub.Cybersecurity professionals Colin Henderson and Ray Espinoza share their take on in-house versus outsourced threat detection and response.Your in-house team has the context necessar...

Using the CSA STAR Program for Procurement

Blog Published: 07/29/2022

This blog was originally published by PivotPoint Security here.Among cloud service categories, Software as a Service (SaaS) offerings are not only the most numerous—up to a million providers worldwide—but also arguably the weakest on security. While infrastructure and platform providers are mo...

Why Penetration Testing Is the First Step to Better Prepare for Hacks

Blog Published: 07/28/2022

Originally published by A-LIGN here. Written by Joseph Cortese, Technical Knowledge Leader and Research and Development Director, A-LIGN. The threat landscape is in a constant state of evolution. What may have been a best practice a year ago to help protect your organization against cyber th...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
104
105
106
108
110
111
112
Last »