Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Listen Now: 'Real-Talk on Opportunities for Security Teams to Fight AI with AI'

All Articles

Home
All Articles
Announcing the Security@ San Francisco 2019 Agenda

Blog Published: 09/25/2019

By the HackerOne TeamThe agenda for the third annual hacker-powered security conference, Security@ San Francisco, is live! Security@ is the only conference dedicated to the booming hacker-powered security industry, where hackers and leaders come together to build a safer internet. The conference ...

Sidechains, beacon chains and why we shouldn’t give up on Blockchain performance quite yet

Blog Published: 09/18/2019

By Kurt Seifried, Chief Blockchain Officer, CSAIf you’ve been in IT you’ve probably learned one of the simple lessons:Scaling out is hard and can be expensive, but scaling up is easy and even more expensive. In simple terms if you can scale out you can keep costs down, ideally at a linear growth ...

CAIQ V3 Updates

Blog Published: 09/17/2019

Cloud Security Alliance (CSA) would like to present the next version of the Consensus Assessments Initiative Questionnaire (CAIQ) v3.1.The CAIQ offers an industry-accepted way to document what security controls exist in IaaS, PaaS, and SaaS services, providing security control transparency. It pr...

The Four Pillars of CASB: Data Protection

Blog Published: 09/16/2019

By Will Houcheime, Product Marketing Manager, BitglassIn this blog series, we discuss the key capabilities of cloud access security brokers (CASBs), and why organizations are turning to them as they migrate to the cloud. One of the four pillars of CASBs is data protection, which focuses on securi...

Egregious 11 Meta-Analysis Part 3: Weak Control Plane and DoS

Blog Published: 09/12/2019

By Victor Chin, Research Analyst, CSAThis is the third blog post in the series where we analyze the security issues in the new iteration of the Top Threats to Cloud Computing report. Each blog post features a security issue that is being perceived as less relevant and one that is being perceived ...

Cloud Security Alliance EMEA Congress 2019 to Host Career-Advancing Cloud Security and Privacy Training Opportunities

Press Release Published: 09/12/2019

Attendees can take advantage of top-ranked courses on CCSK Foundation, GDPR Lead Auditor, and Cloud Governance and Compliance Training Berlin, Germany – Sept. 12, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best pr...

Open API Survey Report

Blog Published: 09/11/2019

By the Open API CSA Working GroupCloud Security Alliance completed its first-ever Open API Survey Report, in an effort to see exactly where the industry stood on the knowledge surrounding Open APIs as well as how business professionals and consumers were utilizing them day to day. The key traits ...

Cloud Security Roadmap for 2019 & Beyond

Blog Published: 09/10/2019

By Amélie Darchicourt, Product Marketing Manager, ExtraHopHow to succeed under the shared responsibility modelCloud security is an evolving space where consumers and vendors must innovate quickly, not only to outpace attackers, but also to support rapid development while minimizing the risks pre...

CSA’s Certificate of Cloud Security Knowledge Exam Is Now Covered Under the U.S. Dept. of Veterans Affairs GI Bill®

Press Release Published: 09/10/2019

Eligible U.S. Veterans can now take advantage of opportunity to deepen their cloud security knowledge as part of GI Bill’s educational benefits SEATTLE – September 10, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness...

What Executives Should Know About the Capital One Breach

Blog Published: 09/09/2019

By Phillip Merrick, CEO of FugueMost enterprises are already using public cloud computing services at scale or are planning to adopt the cloud soon. As an executive, chances are you’re paying attention to the Capital One data breach and wondering how this event should impact your decision-making....

How to Share the Security Responsibility Between the CSP and Customer

Blog Published: 09/05/2019

By Dr. Kai Chen, Chief Security Technology Officer, Consumer BG, Huawei Technologies Co. Ltd. The behemoths of cloud service providers (CSPs) have released shared security responsibility related papers and articles, explaining their roles and responsibilities in cloud provisioning. Although they ...

Security Spotlight: iPhones Susceptible to a Hack via Text

Blog Published: 09/04/2019

By Juan Lugo, Product Marketing Manager at BitglassHere are the top stories of recent weeks: iPhones Susceptible to a Hack via TextDemocratic Senate campaign group exposed emails of 6.2 million AmericansState Farm says Hackers Successfully Conducted a Credentials Stuffing Attack96 Million Stream...

Cloud Security Alliance to Address Convergence of Privacy and Security 
at 2019 EMEA Congress

Press Release Published: 09/04/2019

Andreas Könen, Udo Helmbrecht, and Pearse O'Donohue join thought leaders from BSI, European Privacy Association, Adobe, and Google Cloud as speakers Berlin, Germany – Sept. 4, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certification...

Egregious 11 Meta-Analysis Part 2: Virtualizing Visibility

Blog Published: 08/28/2019

By Victor Chin, Research Analyst, CSAThis is the second blog post in the series where we analyze the security issues in the new iteration of the Top Threats to Cloud Computing report. Each blog post features a security issue that is being perceived as less relevant and one that is being perceived...

On-Chain vs Off-Chain governance. What are the rules to Calvinball?

Blog Published: 08/26/2019

By Kurt Seifried, Chief Blockchain Officer, CSAIf you don’t know what Calvin and Hobbes is you can skip the next bit, but it is amusing. Calvinball is a game invented by Calvin and Hobbes. Calvinball has no rules; the players make up their own rules as they go along, making it so that no Calvinba...

Egregious 11 Meta-Analysis Part 1: (In)sufficient Due Diligence and Cloud Security Architecture and Strategy

Blog Published: 08/13/2019

By Victor Chin, Research Analyst, CSA On August 6th, 2019, the CSA Top Threats working group released the third iteration of the Top Threats to Cloud Computing report. This is the first blog post in the series where we analyze the security issues in the new iteration of the Top Threats to Cloud C...

Cloud Security Alliance's D.C. Metro Area Chapter announces the event of the year: the Cybersecurity Cruise!

Blog Published: 08/12/2019

By: Anil Karmel, President, CSA-DC Chapter & Co-Founder and CEO of C2 Labs, Inc. About a year ago, CSA recognized the need to establish a local chapter serving the unique needs of the Washington D.C. Metro Area. It's been my honor and privilege to serve as the President of this new Chapter a...

CSA Releases “The Six Pillars of DevSecOps” Report

Press Release Published: 08/09/2019

Paper identifies areas critical to successful DevSecOps integration within an organization LAS VEGAS - AUGUST, 7, 2019 - BLACKHAT––The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud c...

CSA Releases New Research - Top Threats to Cloud Computing: 
Egregious Eleven

Press Release Published: 08/09/2019

Research shows traditional security issues falling by the wayside while those stemming from senior management decisions of increasing concern LAS VEGAS – AUGUST 6, 2019 – BLACKHAT2019 - The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certificat...

A Technical Analysis of the Capital One Cloud Misconfiguration Breach

Blog Published: 08/09/2019

This article was originally published on Fugue's blog hereBy Josh Stella, Co-founder & Chief Technology Officer, FugueThis is a technical exploration of how the Capital One breach might have occurred, based on the evidence we have from the criminal complaint. I want to start by saying that I ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
119
120
121
123
125
126
127
Last »