Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

All Articles

Home
All Articles
The OWASP Top 10 for LLMs: CSA’s Strategic Defense Playbook

Blog Published: 05/09/2025

Written by Olivia Rempe, Community Engagement Manager, CSA.   As large language models (LLMs) reshape how businesses operate and innovate, they also introduce new categories of risk. Recognizing this, the OWASP Top 10 for LLM Applications (2025) provides a standardized framework...

Demystifying Integrations: APIs, Connectors, Collectors, and Agents

Blog Published: 05/12/2025

Originally published by Symmetry Systems.  Written by Claude Mandy.   If you’ve been evaluating Data Security Posture Management (DSPM) solutions, you’ve likely encountered marketing language that liberally —and often incorrectly— uses terms like APIs, connectors, collector...

ISO 42001 Requirements Explained: What You Need for Compliance

Blog Published: 05/14/2025

Originally published by BARR Advisory.   ISO 42001, formally known as ISO/IEC 42001:2023, is a first-of-its-kind, internationally recognized compliance framework that offers a structured approach to managing and securing AI systems. Compliance with ISO 42001 ensures that organization...

AI vs. AI: What Attackers Know Could Hurt You

Blog Published: 05/01/2025

Originally Published by Abnormal AI. Written by Richard Orange.   We hired an ethical hacker to stage real-time social engineering attacks with AI powering the engine. The results confirm that it's a golden age for scammers… and show you exactly where to put your cyber s...

Ethical and Responsible AI in Business: Finding the Right Balance

Blog Published: 05/02/2025

Originally published by Koat.   Summary Ethical AI Importance: Ethical AI is crucial for businesses to ensure fair, transparent, and accountable use of AI technologies, fostering trust and maintaining reputations. AI Benefits and Risks: AI offers opportunities for b...

Manufacturing’s Hidden Cybersecurity Crisis: Why ESXi Hypervisor Security Can’t Wait

Blog Published: 05/06/2025

Originally published by Vali Cyber.   Industry 4.0 transforming manufacturing, making operations smarter, faster, and more efficient. But with increased connectivity comes increased risk. Hypervisor threats are evolving fast—especially for organizations relying on VMware ESXi to po...

Securing the Media Industry

Blog Published: 05/06/2025

Originally published by CXO REvolutionaries. Written by Kavita Mariappan, Former EVP, Customer Experience and Transformation, Zscaler.   A zero trust strategy can help media companies protect their assets, ensure the authenticity of their content, and build a more resilient fu...

Taming the Beast: The 5 Essential Pillars of SaaS Security

Blog Published: 05/07/2025

Originally published by Valence. Written by John Filitz.   Generative AI represents just one element of the broader SaaS revolution transforming enterprise IT. Most organizations are becoming SaaS-first enterprises, permanently displacing centralized IT architectures....

ISO 42001: Lessons Learned from Auditing and Implementing the Framework

Blog Published: 05/08/2025

Originally published by Schellman. Written by Joe Sigman.   As the adoption of artificial intelligence (AI) continues to grow and evolve across industries, so do concerns about security, trust, and responsible use and management. In response, as a joint effort between the Inter...

Unpacking the 2024 Snowflake Data Breach

Blog Published: 05/07/2025

CSA’s Top Threats to Cloud Computing Deep Dive 2025 reflects on eight recent real-world cybersecurity breaches. The report presents each incident as both a detailed narrative and as a threat model with the relevant cloud security risks and mitigations. Today we’re taking a closer look at ...

Cybersecurity for SMBs: Statistics and Threats You Can’t Afford to Ignore

Blog Published: 05/08/2025

Originally published by VikingCloud.   Small and medium-sized businesses (SMBs) play a crucial role in the U.S. economy, making up 99.9% of all businesses and contributing to half of the nation's GDP. However, these vital economic growth drivers face an escalating threat —cyberatta...

Agentic AI: Understanding Its Evolution, Risks, and Security Challenges

Blog Published: 05/12/2025

Originally published by TrojAI. Written by Phil Munz.   The evolution of agentic AI systems Agentic systems - software systems composed of multiple interacting agents - have been used to solve complex problems for many years. The field of AI safety has grown around agentic systems to...

Cloud and SaaS Security in Critical Infrastructure: Lessons from Recent Attacks

Blog Published: 05/13/2025

Originally published by CheckRed. Written by Amardip Deshpande, Senior Security Researcher at CheckRed.   Cyberattacks on critical infrastructure have become a growing concern, with sectors like water supply, energy, and other essential utilities increasingly in the crosshai...

5 Trust Trends Shaping Security Strategies in 2025

Blog Published: 05/13/2025

Originally published by Vanta.  Written by Jess Munday.   Trust is critical to the success of every business. And in 2024, we saw that building, scaling, and demonstrating trust is getting more difficult for organizations. Vanta’s second annual State of Trust Report un...

Integrity: An Overlooked Foundation of Zero Trust

Blog Published: 05/15/2025

Written by Scott Fuhriman, CISM, CISSP, Invary.   Executive Summary Zero Trust security models are designed to eliminate implicit trust and enforce strict, continuous verification across users, devices, networks, applications, and data. However, one foundational element remains lar...

Applying NIST CSF 2.0 to Hypervisor Security: A Framework for Resilience in Virtualized Environments

Blog Published: 05/16/2025

Originally published by Vali Cyber. Written by Chris Goodman.   Executive Summary The NIST Cybersecurity Framework (CSF) 2.0 offers organizations a structured path to building cyber resilience in the modern cyber-scape. Its five core functions—Identify, Protect, Detect, ...

Shields Up: What IT Professionals Wish They Knew About Preventing Data Breaches

Blog Published: 05/14/2025

Originally published by Axway. Written by Chris Payne, Principal Product & Solutions Marketing Manager for Axway MFT.   There’s an old IT saying that nobody notices MFT until something goes wrong. MFT hums along in the background at many enterprises, running on autopilot,...

8 Questions to Ask Your Security Vendors About AI

Blog Published: 05/15/2025

Originally published by Abnormal AI. Written by Emily Burns.   The rapid integration of artificial intelligence (AI) into cybersecurity solutions has created both opportunities and challenges. AI-driven systems promise advanced threat detection, automation, and adaptability, but ...

Implementing CCM: Human Resources Controls

Blog Published: 05/16/2025

The Cloud Controls Matrix (CCM) is a framework of controls that are essential for cloud computing security. It is created and updated by CSA and aligned to CSA best practices. You can use CCM to systematically assess and guide the security of any cloud implementation. CCM also provides guida...

Open-Source Models vs. Closed-Source Models: A Simple Guide

Blog Published: 05/19/2025

Originally published by Kaot.ai.   Summary Open-source models are free, customizable, and community-driven, while closed-source models are proprietary with limited customization and professional support. Open-source offers better control over data privacy, while closed-sourc...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
199
200
201
203
Last »