Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
Mitigating GenAI Risks in SaaS Applications

Blog Published: 02/28/2025

Originally published by Valence Security and Forbes. Written by Jason Silberman.   Artificial Intelligence (AI) tools have revolutionized the business landscape, offering unprecedented automation, efficiency, and innovation. Among these, Generative AI (GenAI) has gained particular tr...

Threat Report: BEC and VEC Attacks Continue to Surge, Outpacing Legacy Solutions

Blog Published: 11/08/2024

Originally published by Abnormal Security.Written by Callie Hinman Baron.While the way we work has evolved throughout the digital age, two constants remain: email is still the primary hub for professional communication, and employees are the weakest link in your cybersecurity chain. This combi...

Data Warehousing Demystified: From Basics to Advanced

Blog Published: 11/08/2024

Originally published by Actian.Written by Fenil Dedhia.Understanding the BasicsWelcome to data warehousing 101. For those of you who remember when “cloud” only meant rain and “big data” was just a database that ate too much, buckle up—we’ve come a long way. Here’s an overview:What is a Data Wa...

Identity Breaches in 2024 – An Ounce of Hygiene is Worth a Pound of Technology

Blog Published: 11/01/2024

Originally published by Pentera.Identity is a key to open a doorWho are you? Yes, you reading. Who are you?There’s probably a lot of ways you can answer that question, and that is because there are a lot of attributes that make up your identity. Let’s keep things simple because that’s what’s e...

Empowering Snowflake Users Securely

Blog Published: 11/01/2024

Originally published by Normalyze.Written by Joe Gregory.Two security leaders address data sprawl, user access, compliance, and scaleI recently moderated a webinar titled Unlocking the Power of Snowflake about the top challenges organizations face today: how to maximize their Snowflake investm...

ConfusedPilot: UT Austin & Symmetry Systems Uncover Novel Attack on RAG-based AI Systems

Blog Published: 11/12/2024

Originally published by Symmetry Systems.Written by Claude Mandy.Executive SummaryResearchers at the Spark Research Lab (University of Texas at Austin)[1], under the supervision of Symmetry CEO Professor Mohit Tiwari uncovered a novel attack method, dubbed ConfusedPilot. This novel attack meth...

ChatGPT and GDPR: Navigating Regulatory Challenges

Blog Published: 11/04/2024

Originally published by Truyo.As artificial intelligence technologies like OpenAI’s ChatGPT advance, they encounter increasing scrutiny from regulatory bodies, particularly concerning data protection and privacy. The European Data Protection Board (EDPB) has been investigating whether ChatGPT ...

What is Cloud Workload in Cloud Computing?

Blog Published: 11/13/2024

Written by Ashwin Chaudhary, CEO, Accedere.Cloud workload refers to the various tasks, applications, services, and processes run in cloud computing environments. Cloud workloads allow for scalability, flexibility, and efficiency, enabling businesses and individuals to access and run applicatio...

What Do the New NIST Password Guidelines Mean for Cloud Security?

Blog Published: 11/13/2024

Originally published by Skyhawk Security.Written by Jennifer Gill.The common joke around security folks is that everyone knows what a password is, but remembering their own passwords is challenging. Despite these challenges, passwords are an essential security mechanism. NIST is updating its r...

The Rocky Path of Managing AI Security Risks in IT Infrastructure

Blog Published: 11/15/2024

Written by David Balaban.Today, most people associate artificial intelligence (AI) with its generative facet manifested through services that create images, text, videos, and software code based on human input. While that’s arguably the most popular option among end-users, AI shows a lot of pr...

Zero Standing Privileges (ZSP): Vendor Myths vs. Reality

Blog Published: 11/15/2024

Originally published by CyberArk.Written by Sam Flaster.Several new vendors entering the privileged access management (PAM) market are boldly claiming they can – or will soon be able to – provide access with zero standing privileges (ZSP).In reality, these lofty vendor claims likely ignore the...

9 Tips to Simplify and Improve Unstructured Data Security

Blog Published: 11/18/2024

Originally published by Normalyze.Written by Vamsi Koduru.Data security specialists know the challenges of storing, managing, and securing unstructured data. Due to the sheer volume and variety of unstructured data, its searchability and data quality challenges, and the overarching issues of s...

Establishing an Always-Ready State with Continuous Controls Monitoring

Blog Published: 11/21/2024

Originally published by RegScale.Written by Esty Peskowitz.Securing and maintaining compliance has become increasingly challenging. Organizations must be agile, proactive, and continuously prepared to address evolving threats and regulatory demands. Are you looking for a way to stay ahead of t...

Securing Staging Environments: Best Practices for Stronger Protection

Blog Published: 11/07/2024

Originally published by Entro.Written by Itzik Alvas.Staging environments often serve as the critical last step before pushing code to production, mirroring the setup used in live systems. However, these environments are often neglected in terms of security, making them prime targets for breac...

The Future of Compliance: Adapting to Digital Acceleration and Ephemeral Technologies

Blog Published: 11/07/2024

Originally published by RegScale.Written by Ivy Shelby.As we move towards 2030, the landscape of governance, risk, and compliance (GRC) is undergoing a seismic shift. With the rapid digital acceleration, the pervasive adoption of cloud technologies, and the rise of ephemeral tech, organization...

When a Breach Occurs, Are We Ready to Minimize the Operational Effects

Blog Published: 11/08/2024

Written by Dr. Vito Nozza, Softchoice.“Plan for what is difficult while it is easy, do what is great while it is small” Sun TzuI love to quote Sun Tzu, as the art of war is indicative of what cyber professionals go through on a daily grind. The offensive security mindset and techniques that ar...

The EU AI Act Comes Into Force: How This Pioneering Legislation Impacts Your Organization

Blog Published: 11/12/2024

Originally published by Diligent.The EU AI Act comes into force on 1 August 2024. It is the world’s first comprehensive legislation designed to address artificial intelligence (AI) risks by establishing a set of rules and obligations aimed at safeguarding the health, safety, and fundamental ri...

5 Best Practices for Executive Reporting

Blog Published: 11/13/2024

Originally published by Vanta.Written by Toni Ng.In today's complex business landscape, effective executive reporting is not just about sharing information; it's about using the insights to take action and demonstrating the value of your compliance and security efforts. This blog outlines five...

Non-Human Identity Management Program: Guide Step-by-Step

Blog Published: 11/14/2024

Originally published by Oasis Security.Written by Marta Dern.We’ve covered the ins and outs of Non-Human Identity (NHI) Management—what it is, why it matters, and the best practices for handling these digital identities. But how do you translate theory into action? What does the deployment of ...

6 Top Benefits of Managed Cloud Security

Blog Published: 11/14/2024

Originally published by Tamnoon.As businesses continue migrating to the cloud and expanding their cloud footprint, scaling remediation of misconfigurations and reducing cloud threat exposure becomes a continuous battle for SecOps teams. Managed cloud security services offer the much-needed sol...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
184
185
186
188
190
191
192
Last »