Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

Home
All Articles
Five Approaches for Securing Identity in Cloud Infrastructure

Blog Published: 05/20/2021

Written by Shai MoragAs clouds have drifted into the mainstream of business, it has become clear that they offer numerous advantages. They streamline processes, cut costs and create new ways to work. In some cases, the benefits are transformative. However, there’s a dark side to the public cloud,...

Application Security is Getting Worse, not Better

Blog Published: 05/19/2021

This blog was originally published by CyberCrypt here.There’s an app for everything, and hackers and thieves are taking advantage. What are enterprises doing about it? Not enough.Web and mobile application use has exploded in recent years as businesses have digitized and moved more of their opera...

Cloud Security Alliance Announces CxO Trust Initiative to Elevate Cloud and Cybersecurity Knowledge Among Executives

Press Release Published: 05/18/2021

Exclusive global community, publicly available research and education are features of programSEATTLE – May 18, 2021 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing env...

The Challenges Managing Multi-Cloud Environments

Blog Published: 05/18/2021

This blog was originally published by OpsCompass hereWritten by John Grange, OpsCompassWith multi-cloud deployments becoming the norm, ensuring the security of workloads deployed across different cloud platforms is a major focus point for many organizations. Yet even though security controls migh...

Cloud Security Alliance Enterprise Architecture Reference Guide v2 Harmonizes Business, Security, and Technology

Press Release Published: 05/18/2021

Guide provides a roadmap to a modern, identity-aware cloud infrastructure SEATTLE – May 18, 2021 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today ann...

Unified threat detection for AWS cloud and containers

Blog Published: 05/17/2021

This blog was originally published by Sysdig here.Written by Vicente Herrera García, SysdigImplementing effective threat detection for AWS requires visibility into all of your cloud services and containers. An application is composed of a number of elements: hosts, virtual machines, containers, c...

The Shift to Eight-Digit BINs

Blog Published: 05/14/2021

This blog was originally published by TokenEx hereWritten by Branden Morrow, TokenExThere is a lot of information going around about an eight-digit BIN mandate, and we wanted to give some clarity on what a BIN is, why it is important, how it relates to PCI DSS compliance, why a shift to an eight-...

CCAK Testimonials: From an Audit and Compliance Expert

Blog Published: 05/13/2021

The Certificate of Cloud Auditing Knowledge (CCAK) is the first credential available for industry professionals to demonstrate their expertise in the essential principles of auditing cloud computing systems. The CCAK credential and training program fills the gap in the market for technical educat...

How to Ensure Data Protection in Multi-Cloud

Blog Published: 05/12/2021

This blog was originally published by CyberCrypt here.Multi-cloud setups pose a handful of challenges: data ownership, control and responsibility are shared among different CSPs and different regions, leaving open the door to misconfigurations and increasing the attack surface available to malici...

Understanding the OWASP API Security Top 10

Blog Published: 05/11/2021

By Sekhar Chintaginjala (This blog originally appeared on CloudVector) As organizations embrace digital transformation initiatives, they are increasingly consuming and exposing APIs that increase their risk surface. The OWASP API Security Top 10 focuses on the strategies and solutions to un...

Security Spotlight: US Government Agencies Take Action Against Exchange Vulnerabilities and Social Media Giants Leak Data

Blog Published: 05/10/2021

This article was originally published by Bitglass hereWritten by Jeff Birnbaum, BitglassHere are the top security stories from recent weeks. FBI Removes Web Shells from Compromised Exchange Servers Without Notifying OwnersCISA Requires Federal Agencies to Patch Exchange Servers for Vulnerabilitie...

CCAK Testimonials: From a Cloud Security Expert

Blog Published: 05/06/2021

The Certificate of Cloud Auditing Knowledge (CCAK) is the first credential available for industry professionals to demonstrate their expertise in the essential principles of auditing cloud computing systems. The CCAK credential and training program fills the gap in the market for technical educat...

Application Container Security: Risks and Countermeasures

Blog Published: 05/05/2021

Written by Suria VenkataramanVirtualizations enable isolated, virtualized views of the operating systems (OS) to each application. Today’s OS virtualization technologies are primarily focused on providing a portable, reusable, and automatable way to package and run applications as containers-base...

Cloud Security Alliance’s New Cloud Incident Response Framework Serves as Transparent, Common Blueprint Through Which to Share Best Practices

Press Release Published: 05/04/2021

SEATTLE – May 4, 2021 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today announced the publication of the Cloud Incident Response (CIR) Framework, a ne...

And Again About 5G Network Security

Blog Published: 05/04/2021

Written by David Balaban5G network capabilities go beyond the highest ever speed of mobile internet connection. The new mobile communication standard can become a universal infrastructure for interaction between people, smart devices, organizations, and even the economy's sectors.Such total conne...

Cloud Security for SaaS Startups Part 2: Application & Platform Security

Blog Published: 05/03/2021

Based on the Cloud Security for Startups guidelines written by the CSA Israel ChapterAs a SaaS startup, how can your organization ensure you implement proper security for your applications and platforms? In this blog we provide a preview of the information and guidelines available in the Cloud Se...

A New Resource for API Security Best Practices

Blog Published: 04/30/2021

The applicative infrastructure is becoming more and more complex due to different requirements, design patterns, and technologies. In many of these cases, one of those requirements is to connect other parties to systems, and in other cases, to connect systems to other parties. Nowadays, the most ...

Six Key Characteristics of a Modern Secure Web Gateway

Blog Published: 04/29/2021

This blog was originally published by Bitglass here.As we head into the second quarter of 2021 and mark a full year of remote work for many organizations, it is clear that the COVID-19 pandemic has accelerated digital transformation globally and changed the future of work — likely permanently. A ...

What an Auditor Should Know about Cloud Computing Part 3

Blog Published: 04/27/2021

With the launch of the Certificate of Cloud Auditing Knowledge (CCAK) credential by ISACA and CSA, Moshe Ferber has put together some of the insights gained during the creation of the CCAK. This is the third in a series of three blogs dealing with the essentials an auditor needs to know about clo...

How to Secure Cloud Non-Native Workloads

Blog Published: 04/26/2021

This blog was originally published by Intezer here.Not All Applications are Cloud-NativeCompanies are adopting cloud at a faster pace but not all applications are born cloud-native. Many traditional applications are simply “lifted and shifted” to the cloud as a first step in the cloud transformat...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
109
110
111
113
115
116
117
Last »