Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

Home
All Articles
Cloud Security Alliance's D.C. Metro Area Chapter announces the event of the year: the Cybersecurity Cruise!

Blog Published: 08/12/2019

By: Anil Karmel, President, CSA-DC Chapter & Co-Founder and CEO of C2 Labs, Inc. About a year ago, CSA recognized the need to establish a local chapter serving the unique needs of the Washington D.C. Metro Area. It's been my honor and privilege to serve as the President of this new Chapter a...

CSA Releases “The Six Pillars of DevSecOps” Report

Press Release Published: 08/09/2019

Paper identifies areas critical to successful DevSecOps integration within an organization LAS VEGAS - AUGUST, 7, 2019 - BLACKHAT––The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud c...

CSA Releases New Research - Top Threats to Cloud Computing: 
Egregious Eleven

Press Release Published: 08/09/2019

Research shows traditional security issues falling by the wayside while those stemming from senior management decisions of increasing concern LAS VEGAS – AUGUST 6, 2019 – BLACKHAT2019 - The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certificat...

A Technical Analysis of the Capital One Cloud Misconfiguration Breach

Blog Published: 08/09/2019

This article was originally published on Fugue's blog hereBy Josh Stella, Co-founder & Chief Technology Officer, FugueThis is a technical exploration of how the Capital One breach might have occurred, based on the evidence we have from the criminal complaint. I want to start by saying that I ...

Uncovering the CSA Top Threats to Cloud Computing with Jim Reavis

Blog Published: 08/08/2019

By Greg Jensen, Sr. Principal Director - Security Cloud Business Group, OracleFor the few that attend this year’s BlackHat conference kicking off this week in Las Vegas, many will walk away with an in depth understanding and knowledge on risk as well as actionable understandings on how they can w...

Challenges & Best Practices in Securing Application Containers and Microservices

Blog Published: 08/08/2019

By Anil Karmel, Co-Chair, CSA Application Containers and Microservices (ACM) Working GroupApplication Containers have a long and storied history, dating back to the early 1960s with virtualization on mainframes up to the 2000s with the release of Solaris and Linux Containers (LXC). The rise of Do...

The Cloud in the Fight Against Cyber-Bullying

Blog Published: 08/07/2019

By the Cybersecurity International Institute (CSI)Learn about the upcoming innovative social project on Cyber-bullying using a cloud platform.The CSI Institute (Cybersecurity International Institute) is a non-governmental and not-for-profit organization. Our goal is to contribute to the informati...

Facebook Project Libra - the good, the bad, the ugly and why you should care

Blog Published: 08/05/2019

By Kurt Seifried, Chief Blockchain Officer, CSASo you’ve probably heard by now that Facebook will be creating a crypto-currency called “Project Libra” and if you haven’t well, now you know.So first let’s cover what is good about this. Facebook has announced Project Libra as a Stablecoin, its valu...

CCM v3.0.1. Update for AICPA, NIST and FedRAMP Mappings

Blog Published: 08/02/2019

Victor Chin and Lefteris Skoutaris, Research Analysts, CSA The CSA Cloud Controls Matrix (CCM) Working Group is glad to announce the new update to the CCM v3.0.1. This minor update will incorporate the following mappings:Association of International Certified Professional Accountants (AICPA) Trus...

Quantum Technology Captures Headlines in the Wall Street Journal

Blog Published: 08/01/2019

By the Quantum-Safe Security Working GroupLast month, we celebrated the 50th anniversary of the Apollo 11 moon landing. Apollo, which captured the imagination of the whole world, epitomizes the necessity for government involvement in long term, big science projects. What started as a fierce race ...

Use Cases for Blockchain Beyond Cryptocurrency

Blog Published: 07/31/2019

CSA’s white paper, Documentation of Relevant Distributed Ledger Technology and Blockchain Use Cases v2 is a continuation of the efforts made in v1. The purpose of this publication is to describe relevant use cases beyond cryptocurrency for the application of these technologies.In the process of o...

Organizations Must Realign to Face New Cloud Realities

Blog Published: 07/30/2019

Jim Reavis, Co-founder and Chief Executive Officer, CSAWhile cloud adoption is moving fast, many enterprises still underestimate the scale and complexity of cloud threatsTechnology advancements often present benefits to humanity while simultaneously opening up new fronts in the on-going and incre...

It's Time for Security Leadership to Embrace the Cloud-First Future

Blog Published: 07/29/2019

By Arif Kareem, CEO and President at ExtraHop NetworksOn the campus at Stanford Business School is a plaque engraved with a quote from Phil Knight, graduate of the business school and co-founder of Nike. I've visited the campus many times, and each time the words stop me in my tracks."There comes...

Cloud Security Alliance Releases Best Practices for Implementing a Secure Application Container Architecture

Press Release Published: 07/26/2019

Second report in series provides mitigation options for 18 possible risks surrounding integration of application containers into trustworthy, secure systemsSEATTLE – July 26, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications...

FedSTAR Pilot Program Status

Blog Published: 07/24/2019

As the use of cloud technology has become more widespread, the concern about cloud security has increased. Government agencies and private sector users are concerned with protecting data and ensuring service availability. Many countries and private entities have designed and implemented security...

4 Reasons Why IT Supervision is a Must in Content Collaboration

Blog Published: 07/23/2019

By István Molnár, Compliance Specialist, TresoritFor many organizations, workflow supervision is one of the biggest challenges to solve. Ideally users should be properly managed and monitored but sadly, countless organizations suffer from a lack of IT supervision. As a result, there is no telling...

Signal vs. Noise: Banker Cloud Stories by Craig Balding

Blog Published: 07/19/2019

A good question to ask any professional in any line of business is: which "industry events" do you attend and why? Over a few decades of attending a wide variety of events - and skipping many more - my primary driver is "signal to noise" ratio. In other words, I look for events attended by peop...

“Shift Left” to Harden Your Cloud Security Posture

Blog Published: 07/18/2019

This article was originally published on Fugue's blog here. By Josh Stella, Co-founder & Chief Technology Officer, FugueAfter a decade-long uneasy courtship with cloud computing, enterprises are migrating their IT systems to platforms like AWS and Azure as fast as they can. This means the key...

Cloud Security Alliance Releases New Research Identifying Challenges in Securing Application Containers and Microservices

Press Release Published: 07/16/2019

Report identifies challenges in securing application containers and microservices through the lens of the developer, operator and architect SEATTLE – July 16, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practi...

Cloud Security Alliance Releases Cloud Penetration Testing Playbook

Press Release Published: 07/12/2019

Reports provides foundation for public cloud penetration testing methodology SEATTLE – July 12, 2019 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, tod...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
126
127
128
130
132
133
134
Last »