Cloud 101CircleEventsBlog
Our website will be down for scheduled maintenance on February 13th from 4:00 PM to 5:00 PM PST. We apologize for any inconvenience and appreciate your patience!

All Articles

All Articles
What Is a Trusted Threat?

Blog Published: 01/15/2014

Last month I co-presented a webinar with ISIGHT Partners, a leader in cyber-threat intelligence, to discuss a white paper that exposes how keys and certificates can be used for nefarious intentions. Our purpose was to highlight some of the tactics malicious actors use and outline their profiles i...

Health Checking for Cloud Performance

Blog Published: 01/15/2014

Steve Malmskog has more than 15 years of experience as a chief network architect.In this best practices video, Steve provides an in depth look at information you can gather about the health of nodes based on the traffic itself through in-band health checking vs. out-of-band checking which can be ...

Why companies are adopting more cloud based IT security solutions

Blog Published: 01/09/2014

We have entered the age of pervasive connectivity.  Regardless of whether we are at home, in the office, or on the road, most of us are almost always connected. This trend is blurring the lines between work time and leisure time, with the same devices used for both contexts interchangeably...

Why Higher Education Institutions Need Cloud-Based Identity Providers

Blog Published: 01/09/2014

By Dan Dagnall, Chief Technology Strategist for Fischer International IdentityFederation is definitely a hot topic these days, with NSTIC attempting to create an identity ecosystem, InCommon continuing to build its service-providerfederation, and state-level initiatives gearing up (some are alrea...

Evolution of Distributed Policy Enforcement in the Cloud

Blog Published: 12/10/2013

By Krishna Narayanaswamy, chief scientist at NetskopeAs computing shifts to the cloud, so too must the way we enforce policy.Until recently, enterprise applications were hosted in private data centers under the strict control of centralized IT. Between firewalls and intrusion prevention systems, ...

Announcing the Consensus Assessments Initiative Questionnaire (CAIQ) V.3 Open Review Period

Press Release Published: 12/09/2013

At CSA Congress 2013 this week we are announcing the open review period of the Consensus Assessments Initiative Questionnaire (CAIQ) v.3 and we hope you will take a few moments and provide your input to this very important initiative. Lack of security control transparency is a leading inhibitor ...

What’s New With the Security as a Service Working Group?

Blog Published: 12/09/2013

CSA members are invited to join the Security-as-a-Service Working Group (SecaaS WG) which aims to promote greater clarity in the Security as a Service model. Why a Security as a Service Working Group? Numerous security vendors are now leveraging cloud based models to deliver security solutions....

CloudTrust Protocol (CTP) Working Group Kicks Off at CSA Congress

Blog Published: 12/06/2013

The Cloud Trust Protocol (CTP) aims to provide a protocol to enable Cloud Users to query Cloud Providers in real time about the security level of their service. It aims to foster transparency and trust in the cloud supply chain, bringing greater visibility to cloud users and providing them with d...

Cloud Security Alliance Releases Software Defined Perimeter (SDP) Framework Details

Press Release Published: 12/05/2013

New White Paper Outlines Best Practices to Deploy an SDP to Protect Application Infrastructure from Network-based Attacks Orlando, FL – CSA Congress 2013 – December 5, 2013 – The Cloud Security Alliance (CSA), a not-for-profit organization which promotes the use of best practices for providi...

SAFECode and the Cloud Security Alliance Release Guidance for the Secure Development of Cloud Applications

Press Release Published: 12/05/2013

New Paper Outlines Practical Software Security Recommendations to Address Threats Specific to Cloud Computing Orlando, Fla. – Cloud Security Alliance Congress – Dec. 5, 2013 – The Cloud Security Alliance (CSA), a not-for-profit organization which promotes the use of best practices for providing ...

Cloud Security Alliance Announces Annual Ron Knode Service Award Winners

Press Release Published: 12/04/2013

Six Outstanding Individual CSA Volunteers Selected to Honor the Legacy of Late CSA Member and Volunteer Contributor Ron Knode Orlando, FL – CSA CONGRESS 2013 - December 5, 2013 –The Cloud Security Alliance (CSA) today announced the recipients of its second annual Ron Knode Service Award, an annu...

Introducing the CSA Financial Services Working Group

Blog Published: 12/04/2013

At our annual CSA Congress today, the CSA is pleased to introduce the new Financial Services Working Group (FSWG), which aims to provide knowledge and guidance on how to deliver and manage secure cloud solutions in the financial industry, and to foster cloud awareness within the sector and relate...

Introducing the CSA’s Anti-Bot Working Group

Blog Published: 12/04/2013

Among the many exciting new working groups being established and meeting at CSA Congress, today we’d like to also introduce our Anti-Bot Working Group. Chaired by Shelbi Rombout from USBank, this group’s mission is to develop and maintain a research portfolio providing capabilities to assist the ...

Introducing the CSA’s New Virtualization Working Group

Blog Published: 12/03/2013

There’s been a lot of noise around the establishment of new working groups at this year’s Congress and today we’d like to also introduce another important addition: the Virtualization Working Group. Chaired by Kapil Raina of Zscaler, the Virtualization Working Group is chartered to lead research ...

Announcing the Consensus Assessments Initiative Questionnaire (CAIQ) V.3 Open Review Period

Blog Published: 12/03/2013

At CSA Congress 2013 this week we are announcing the open review period of the Consensus Assessments Initiative Questionnaire (CAIQ) v.3 and we hope you will take a few moments and provide your input to this very important initiative. Lack of security control transparency is a leading inhibitor ...

Cloud Security Alliance Announces Bonus Workshop Series At 2013 US Congress

Press Release Published: 11/22/2013

San Francisco, CA – November 21, 2013 –The Cloud Security Alliance (CSA) announced a series of five bonus workshops that will be featured at the 2013 US Congress event from December 3-6 in Orlando, Florida. The five workshops will provide participants with the opportunity to explore key topics in...

How Snowden Breached the NSA

Blog Published: 11/20/2013

NOVEMBER 12TH, 2013 - BY: KEVIN BOCEK How Edward Snowden did it and is your enterprise next? There’s one secret that’s still lurking at the NSA: How did Edward Snowden breach the world’s most sophisticated IT security organization? This secret has as much to do with the NSA as it does with your o...

Seeing Through the Clouds

Blog Published: 11/20/2013

By TK Keanini, CTO, LancopeThe economics of cyber-attacks have changed over the years. Fifteen years ago, it was all about network penetration, but today advanced attackers are more concerned about being detected. Similarly, good bank robbers are concerned about breaking into the bank, but great ...

Cloud Collaboration: Maintaining Zero Knowledge across International Boundaries

Blog Published: 11/20/2013

The increasingly global nature of business requires companies to collaborate more and more across borders, exchanging all manner of documents: contracts, engineering documents and other intellectual property, customer lists, marketing programs and materials, and so on. Unfortunately, the combinat...

Protecting Your Company from Backdoor Attacks – What You Need to Know

Blog Published: 11/20/2013

November 14th, 2013By Sekhar Sarukkai “We often get in quicker by the back door than the front” — Napoleon Bonaparte A rare example of a backdoor planted in a core industry security standard has recently come to light. It is now widely believed that the NSA compromised trust in NIST’s encrypti...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.