Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
AI Controls Matrix (AICM)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Controls
AI Safety
Enterprise Architecture
Blockchain
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
AI Controls Matrix (AICM)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Controls
AI Safety
Enterprise Architecture
Blockchain
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
CSAIChaptersEventsBlog
On April 2, CSA will offer 50% off online training and certificate exams. Get ready for CSA Day →

All Articles

Home
All Articles
1Campaign: A New Cloaking Platform Helping Attackers Abuse Google Ads

Blog Published: 03/23/2026

1Campaign is a new cloaking platform that helps attackers bypass Google Ads screening, evade security researchers, and keep phishing and crypto drainer pages online longer. Varonis Threat Labs uncovered 1Campaign, a full-service cloaking platform built to help threat actors run malicious Goo...

Control the Chain, Secure the System: Fixing AI Agent Delegation

Blog Published: 03/25/2026

This is the fourth blog in a seven-part series on identity security as AI security. TL;DR: Delegation chains are becoming high-leverage targets in autonomous systems. Each agent handoff multiplies access, and with almost all (97%) of non-human identities already carrying ...

Cloud Security Alliance’s AI Controls Matrix (AICM) Named 2026 CSO Awards Winner

Press Release Published: 03/10/2026

Honored as the first framework built to address real-world generative AI risks SEATTLE, March 10, 2026 — The Cloud Security Alliance (CSA), the world’s leading not-for-profit organization committed to AI, cloud, and Zero Trust cybersecurity education, is pleased to announce that its AI Contr...

Cloud Security Alliance’s Trusted AI Safety Expert (TAISE) Certificate Honored as Finalist of the 2026 SC Awards

Press Release Published: 03/19/2026

Comprehensive AI safety certification program earns finalist spot for Best Professional Certification Program SEATTLE, March 19, 2026 — The Cloud Security Alliance (CSA), the world’s leading not-for-profit organization committed to AI, cloud, and Zero Trust cybersecurity education, is proud...

Islands of Agents: Why One IAM to Rule Them All Doesn't Work

Blog Published: 03/10/2026

This week I was at the [un]prompted AI security conference, put on by CSA’s very own Gadi Evron. It was an amazing event with stellar presentations and awesome networking. It was also a bit weird to be at a conference, wondering if everything we were learning and discussing would be out of d...

Cloud Security Alliance Expands Enterprise Membership Program to Directly Improve Member Security Outcomes

Press Release Published: 03/18/2026

New program provides structured expert guidance, hands-on workshops, and operational maturity roadmaps to help organizations translate CSA research into real-world security improvements SEATTLE, March 18, 2026 — The Cloud Security Alliance (CSA), the world’s leading not-for-profit organizatio...

From Guardrails to Governance: Why Enterprise AI Needs a Control Layer

Blog Published: 03/17/2026

Enterprise AI began with conversations. Early deployments centered on assistants that generated responses, summarized documents, and answered questions. In that context, the primary risk was what the system might say. Organizations focused on preventing hallucinations, blocking sensitive d...

Rethinking Authorization for the Age of Agentic AI

Blog Published: 03/19/2026

  Why “Mean Time to Understand (MTU)” should become a core service level objective (SLO) for identity governance   Abstract AI agents now operate at speeds and patterns fundamentally different from human users. They generate plans, select tools dynamically, and change course mid‑...

5 Retail Misconfigurations Attackers Exploit First

Blog Published: 03/26/2026

Attackers do not always rely on sophisticated exploits. In many retail breaches, the real opportunity comes from something much simpler: a misconfiguration that no one noticed. Recent retail exposures demonstrate how easily sensitive information can become accessible through overlooked SaaS ...

When Saving on Kubernetes Costs Creates Security Debt: The FinOps Guardrails Most Teams Miss

Blog Published: 03/27/2026

Kubernetes has a habit of turning “we’re finally getting efficient” into “why are we suddenly fragile?” It usually starts innocently: FinOps flags idle capacity, a platform team trims requests, and someone posts a chart showing the spend dropping week over week. Then the weirdness begins. A ...

More Than Two-Thirds of Organizations Cannot Clearly Distinguish AI Agent from Human Actions as Over-Privileged Access Becomes Widespread, Cloud Security Alliance Study Finds

Press Release Published: 03/24/2026

Rapid AI agent expansion is exposing structural gaps in access control maturity, credential hygiene, and identity attribution   RSAC (SAN FRANCISCO) – March 24, 2026  – Seventy-three percent of organizations expect AI agents to become vital within the next year, yet 68% can’t cle...

The Agentic Trust Deficit: Why MCP's Authentication Vacuum Demands a New Security Paradigm

Blog Published: 03/24/2026

Written by Sunil Gentyala, HCLTech. We find ourselves staring into an abyss of our own construction, and the vertiginous depth of our collective negligence ought to give every security practitioner pause. Fourteen months ago, Anthropic unveiled the Model Context Protocol as the co...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
217
218
219
221