Cloud Security Alliance’s Certificate of Competence in Zero Trust (CCZT) Selected as 2025 SC Awards Finalist
Press Release Published: 04/09/2025
Award-winning program named finalist for Best Professional Certification Program SEATTLE – April 9, 2025 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environmen...
Human and Non-Human Identities: The Overlooked Security Risk in Modern Enterprises
Blog Published: 04/11/2025
Originally published by CheckRed. Written by Amardip Deshpande, Senior Security Researcher, CheckRed. Cloud and SaaS identities are not just about people. They also include the digital personas of applications, services, and machines. These digital identities are crucial...
Cloud File Transfer: Upgrade to the Most Secure Cloud Configuration
Blog Published: 04/17/2025
Originally published by Axway. Written by Emmanuel Vergé, Senior Product & Solutions Marketing Director, Axway. I get it. You’re probably thinking, “Cloud file transfer? We already have an MFT solution and it’s checking all our boxes. Why rock the boat now?” Large org...
Defending Against SSRF Attacks in Cloud Native Applications
Blog Published: 04/18/2025
Originally published by Sweet Security. Written by Sarah Elkaim, Head of Product Marketing, Sweet Security. A Server-Side Request Forgery (SSRF) attack occurs when an attacker tricks a server into making requests to other internal or external services on behalf of the serv...
Oracle Cloud Infrastructure Breach: Mitigating Future Attacks with Agentic AI
Blog Published: 04/18/2025
Written by Ken Huang, CSA Fellow, Co-Chair of CSA AI Safety Working Groups. The cybersecurity community has been rocked by a significant breach of Oracle Cloud Infrastructure (OCI), specifically targeting its Identity Manager systems. This incident provides critical lessons for organi...
SOC 2 Meets HIPAA: A Unified Approach to Data Protection and Privacy
Blog Published: 04/14/2025
Originally published by Scrut Automation. Written by Amrita Agnihotri. Cyber threats in healthcare are rising at an alarming rate. Over the past five years, hacking-related breaches have surged by 256%, with ransomware incidents up by 264%, according to the U.S. Depar...
Securing Smart (and Not So Smart) Devices With Microsegmentation
Blog Published: 04/14/2025
Originally published by CXO REvolutionaries. Written by Ritesh Agrawal, VP of Product Management at Zscaler and Co-Founder of Airgap. There is a reason that a compromise of one smartphone doesn’t lead to a breach of every smartphone’s security: microsegmentation. Tel...
Final Countdown to Compliance: Preparing for PCI DSS v4.x
Blog Published: 04/15/2025
Originally published by VikingCloud. Written by Natasja Bolton. If your business processes payment card data, you’ve likely been working on transitioning from PCI DSS v3.2.1 to PCI DSS v4.x—but the work isn’t over yet. While the initial readiness deadline for PCI D...
Zero Trust is Not Enough: Evolving Cloud Security in 2025
Blog Published: 04/17/2025
Written by Sayali Paseband, Advisor, Cyber Security Engineering, Verisk. Zero Trust has been the foundation of cloud security, focusing on principles like least privilege access, continuous verification, and micro-segmentation. These principles have helped protect ag...
New Research from Cloud Security Alliance Highlights Critical Need for a More Unified, Purpose-built Approach to SaaS Security
Press Release Published: 04/22/2025
Collaboration and accountability remain the biggest barriers to risk remediation SEATTLE – April 22, 2025 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing envi...
The Evolution of Data Security: From Traditional DLP to DSPM
Blog Published: 04/18/2025
Originally published by Skyhigh Security. Written by Hari Prasad Mariswamy Director, Product Management Data Protection, Skyhigh Security. Overview In today’s landscape of digital transformation, data security challenges continue to evolve, exposing organizatio...
AI Red Teaming: Insights from the Front Lines of GenAI Security
Blog Published: 04/21/2025
Originally published by TrojAI. Written by Julie Peterson, Lead Product Marketing Manager, TrojAI. Innovating with artificial intelligence comes with significant risks. The unique nature of AI systems introduces a new threat landscape that traditional security measures are ...
The Five Keys to Choosing a Cloud Security Provider
Blog Published: 04/21/2025
Originally published by Tenable. Written by Shai Morag. Multi-cloud and hybrid environments, on the rise in recent years, have increased the complexity of security. Amid this complexity, risks have increased. But those risks don’t just come from threat actors. In fact, choosing clou...
Virtual Patching: How to Protect VMware ESXi from Zero-Day Exploits
Blog Published: 04/21/2025
Originally published by Vali Cyber. Written by Nathan Montierth. Recently, three VMware zero-day vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226) were patched amid concerns of active exploitation. These flaws allow attackers with virtual machine (VM) admin acces...
Unlocking the Distillation of AI and Threat Intelligence Models
Blog Published: 04/23/2025
Originally published by Koat. Summary Model distillation is a technique that trains smaller AI models to mimic the performance of larger, more complex models, reducing computational resources and enhancing efficiency. This technique is particularly valuable in threat intelligence, e...
Understanding Zero Trust Security Models - A Beginners Guide
Blog Published: 04/24/2025
Written by Abel E. Molina, Cybersecurity Architect, Softchoice. In today's fast-changing digital world, old ways of protecting data aren't enough anymore. As cyber threats get smarter, companies are using Zero Trust Security Models to keep their information safe. This new ...
Getting Started with Kubernetes Security: A Practical Guide for New Teams
Blog Published: 04/25/2025
Writtn by Ethan Chen, Expel. Kubernetes continues to change how organizations build and scale applications. Originally born out of Google’s experience running distributed systems, Kubernetes—or K8s—has become the go-to tool for orchestrating containers across environments. But lik...
Breaking the Cloud Security Illusion: Putting the App Back in CNAPP
Blog Published: 04/30/2025
Written by Lea Edelstein, Sweet Security. Cloud security has undergone a rapid evolution over the past few years. Initially, organizations relied on CSPM to identify misconfigurations in their cloud environments. As threats became more sophisticated, CWPP emerged to provide runt...
AI and Privacy 2024 to 2025: Embracing the Future of Global Legal Developments
Blog Published: 04/22/2025
Written by Aashita Jain, Informatica. We are ushering in an exciting new era where Data Privacy and Artificial Intelligence (AI) innovation move beyond guidelines to become powerful catalysts for change, revolutionizing business operations. Recently, AI's explosive marke...
Prioritizing Continuity of Care in the Face of Cyber Risks in Healthcare
Blog Published: 04/22/2025
Originally published by CXO REvolutionaries. Written by Tamer Baker, CTO in Residence, Zscaler. Technological progress continues to reshape patient care, improve operational efficiencies, and redefine the overall healthcare experience. Economic justification for the digital ...