Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
Cloud Security Alliance’s Certificate of Competence in Zero Trust (CCZT) Selected as 2025 SC Awards Finalist

Press Release Published: 04/09/2025

Award-winning program named finalist for Best Professional Certification Program SEATTLE – April 9, 2025 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environmen...

Human and Non-Human Identities: The Overlooked Security Risk in Modern Enterprises

Blog Published: 04/11/2025

Originally published by CheckRed.  Written by Amardip Deshpande, Senior Security Researcher, CheckRed.   Cloud and SaaS identities are not just about people. They also include the digital personas of applications, services, and machines. These digital identities are crucial...

Cloud File Transfer: Upgrade to the Most Secure Cloud Configuration

Blog Published: 04/17/2025

Originally published by Axway. Written by Emmanuel Vergé, Senior Product & Solutions Marketing Director, Axway.   I get it. You’re probably thinking, “Cloud file transfer? We already have an MFT solution and it’s checking all our boxes. Why rock the boat now?” Large org...

Defending Against SSRF Attacks in Cloud Native Applications

Blog Published: 04/18/2025

Originally published by Sweet Security. Written by Sarah Elkaim, Head of Product Marketing, Sweet Security.   A Server-Side Request Forgery (SSRF) attack occurs when an attacker tricks a server into making requests to other internal or external services on behalf of the serv...

Oracle Cloud Infrastructure Breach: Mitigating Future Attacks with Agentic AI

Blog Published: 04/18/2025

Written by Ken Huang, CSA Fellow, Co-Chair of CSA AI Safety Working Groups.   The cybersecurity community has been rocked by a significant breach of Oracle Cloud Infrastructure (OCI), specifically targeting its Identity Manager systems. This incident provides critical lessons for organi...

SOC 2 Meets HIPAA: A Unified Approach to Data Protection and Privacy

Blog Published: 04/14/2025

Originally published by Scrut Automation. Written by Amrita Agnihotri.   Cyber threats in healthcare are rising at an alarming rate. Over the past five years, hacking-related breaches have surged by 256%, with ransomware incidents up by 264%, according to the U.S. Depar...

Securing Smart (and Not So Smart) Devices With Microsegmentation

Blog Published: 04/14/2025

Originally published by CXO REvolutionaries. Written by Ritesh Agrawal, VP of Product Management at Zscaler and Co-Founder of Airgap.   There is a reason that a compromise of one smartphone doesn’t lead to a breach of every smartphone’s security: microsegmentation. Tel...

Final Countdown to Compliance: Preparing for PCI DSS v4.x

Blog Published: 04/15/2025

Originally published by VikingCloud. Written by Natasja Bolton.   If your business processes payment card data, you’ve likely been working on transitioning from PCI DSS v3.2.1 to PCI DSS v4.x—but the work isn’t over yet.  While the initial readiness deadline for PCI D...

Zero Trust is Not Enough: Evolving Cloud Security in 2025

Blog Published: 04/17/2025

Written by Sayali Paseband, Advisor, Cyber Security Engineering, Verisk.   Zero Trust has been the foundation of cloud security, focusing on principles like least privilege access, continuous verification, and micro-segmentation. These principles have helped protect ag...

New Research from Cloud Security Alliance Highlights Critical Need for a More Unified, Purpose-built Approach to SaaS Security

Press Release Published: 04/22/2025

Collaboration and accountability remain the biggest barriers to risk remediation SEATTLE – April 22, 2025 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing envi...

The Evolution of Data Security: From Traditional DLP to DSPM

Blog Published: 04/18/2025

Originally published by Skyhigh Security. Written by Hari Prasad Mariswamy Director, Product Management Data Protection, Skyhigh Security.   Overview In today’s landscape of digital transformation, data security challenges continue to evolve, exposing organizatio...

AI Red Teaming: Insights from the Front Lines of GenAI Security

Blog Published: 04/21/2025

Originally published by TrojAI. Written by Julie Peterson, Lead Product Marketing Manager, TrojAI.     Innovating with artificial intelligence comes with significant risks. The unique nature of AI systems introduces a new threat landscape that traditional security measures are ...

The Five Keys to Choosing a Cloud Security Provider

Blog Published: 04/21/2025

Originally published by Tenable. Written by Shai Morag.   Multi-cloud and hybrid environments, on the rise in recent years, have increased the complexity of security. Amid this complexity, risks have increased. But those risks don’t just come from threat actors. In fact, choosing clou...

Virtual Patching: How to Protect VMware ESXi from Zero-Day Exploits

Blog Published: 04/21/2025

Originally published by Vali Cyber. Written by Nathan Montierth.   Recently, three VMware zero-day vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226) were patched amid concerns of active exploitation. These flaws allow attackers with virtual machine (VM) admin acces...

Unlocking the Distillation of AI and Threat Intelligence Models

Blog Published: 04/23/2025

Originally published by Koat.   Summary Model distillation is a technique that trains smaller AI models to mimic the performance of larger, more complex models, reducing computational resources and enhancing efficiency. This technique is particularly valuable in threat intelligence, e...

Understanding Zero Trust Security Models - A Beginners Guide

Blog Published: 04/24/2025

Written by Abel E. Molina, Cybersecurity Architect, Softchoice.   In today's fast-changing digital world, old ways of protecting data aren't enough anymore. As cyber threats get smarter, companies are using Zero Trust Security Models to keep their information safe. This new ...

Getting Started with Kubernetes Security: A Practical Guide for New Teams

Blog Published: 04/25/2025

Writtn by Ethan Chen, Expel.   Kubernetes continues to change how organizations build and scale applications. Originally born out of Google’s experience running distributed systems, Kubernetes—or K8s—has become the go-to tool for orchestrating containers across environments. But lik...

Breaking the Cloud Security Illusion: Putting the App Back in CNAPP

Blog Published: 04/30/2025

Written by Lea Edelstein, Sweet Security.   Cloud security has undergone a rapid evolution over the past few years. Initially, organizations relied on CSPM to identify misconfigurations in their cloud environments. As threats became more sophisticated, CWPP emerged to provide runt...

AI and Privacy 2024 to 2025: Embracing the Future of Global Legal Developments

Blog Published: 04/22/2025

Written by Aashita Jain, Informatica.   We are ushering in an exciting new era where Data Privacy and Artificial Intelligence (AI) innovation move beyond guidelines to become powerful catalysts for change, revolutionizing business operations. Recently, AI's explosive marke...

Prioritizing Continuity of Care in the Face of Cyber Risks in Healthcare

Blog Published: 04/22/2025

Originally published by CXO REvolutionaries. Written by Tamer Baker, CTO in Residence, Zscaler.   Technological progress continues to reshape patient care, improve operational efficiencies, and redefine the overall healthcare experience. Economic justification for the digital ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
197
198
199
201
203
Last »