Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Controls
AI Safety
Enterprise Architecture
Blockchain
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Controls
AI Safety
Enterprise Architecture
Blockchain
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersEventsBlog
Join Cyera’s DataSecAI in Dallas, Nov 12–14 to adopt, activate, and scale AI security for the future.

All Articles

Home
All Articles
Agentless Mobile Security: No More Tradeoffs

Blog Published: 02/15/2018

By Kevin Lee, Systems QA Engineer, Bitglass Have you ever seen a "Pick two out of three” diagram? They present three concepts and force individuals to select the one that they see as the least important. The tradeoffs between convenience, privacy, and security serve as a perfect exampl...

Malware P.I. – Odds Are You're Infected

Blog Published: 02/19/2018

By Jacob Serpa, Product Marketing Manager, BitglassIn Bitglass' latest report, Malware P.I., the Next-Gen CASB company uncovered startling information about the rate of malware infection amongst organizations. Additionally, experiments with a new piece of zero-day malware yielded shocking resu...

A Home for CASB

Blog Published: 02/21/2018

By Kyle Watson, Partner, Information Security, CedrusOver the past 18 months, I’ve been working on CASB in some form or another including:—Educational architectural and technical videos—Request for Proposal (RFP) assistance—Pre-sales presentations and demos—Proof of Concepts (POCs)—Implementat...

Unmanaged Device Controls, External Sharing, and Other Real CASB Use Cases

Blog Published: 02/23/2018

By Salim Hafid, Product Marketing Manager, Bitglass Many in the security industry have heard about CASBs (cloud access security brokers) as the go-to solutions for data and threat protection in the cloud. But where exactly do CASBs slot in? If you already have a NGFW (next-gen firewal...

Saturday Security Spotlight: Malware, AWS, and US Defense

Blog Published: 02/26/2018

By Jacob Serpa, Product Marketing Manager, BitglassHere are the top cybersecurity stories of recent weeks:—AndroRAT malware spies on Android users—Smart TVs easily hackable—BuckHacker tool finds unsecured data in AWS buckets—Octoly breach exposes social media stars' personal data—Russian hacke...

CASBs and Education's Flight to the Cloud

Blog Published: 03/01/2018

By Jacob Serpa, Product Marketing Manager, Bitglass Cloud is becoming an integral part of modern organizations seeking productivity and flexibility. For higher education, cloud enables online course creation, dynamic collaboration on research documents, and more. As many cloud services like G ...

Securing the Internet of Things: Connected Cars

Blog Published: 03/05/2018

By Ranjeet Khanna, Director of Product Management–IoT/Embedded Security, Entrust DatacardEstablishing safety and security in automotive design goes far beyond crash test dummies.By 2022, the global automotive Internet of Things (IoT) market is expected to skyrocket to $82.79 billion – and manu...

FedRAMP - Three Stages of Vulnerability Scanning and their Pitfalls

Blog Published: 03/07/2018

By Matt Wilgus, Practice Leader, Threat & Vulnerability Assessments, Schellman & Co.Though vulnerability scanning is only one of the control requirements in FedRAMP, it is actually one of the most frequent pitfalls in terms of impact to an authorization to operate (ATO), as FedRAMP req...

Saturday Security Spotlight: Tesla, FedEx, & the White House

Blog Published: 03/08/2018

By Jacob Serpa, Product Marketing Manager, BitglassHere are the top cybersecurity stories of recent weeks:—Tesla hacked and used to mine cryptocurrency—FedEx exposes customer data in AWS misconfiguration—White House releases cybersecurity report—SEC categorizes knowledge of unannounced breache...

Zero-Day in the Cloud – Say It Ain't So

Blog Published: 03/09/2018

By Steve Armstrong, Regional Sales Director, BitglassZero-day vulnerabilities are computer or software security gaps that are unknown to the public – particularly to parties who would like to close said gaps, like the vendors of vulnerable software.To many in the infosec community, the term "z...

Securing the Internet of Things: Devices & Networks

Blog Published: 03/12/2018

By Ranjeet Khanna, Director of Product Management–IoT/Embedded Security, Entrust Datacard The Internet of Things (IoT) is changing manufacturing for the better.With data from billions of connected devices and trillions of sensors, supply chain and device manufacturing operators are taking adva...

AWS Cloud: Proactive Security and Forensic Readiness – Part 2

Blog Published: 03/13/2018

By Neha Thethi, Information Security Analyst, BH Consulting Part 2: Infrastructure-level protection in AWS This is the second in a five-part blog series that provides a checklist for proactive security and forensic readiness in the AWS cloud environment. This post relates to protecting your vi...

You Are the Weakest Link – Goodbye

Blog Published: 03/14/2018

By Jacob Serpa, Product Marketing Manager, BitglassSecurity in the cloud is a top concern for the modern enterprise. Fortunately, provided that organizations do their due diligence when evaluating security tools, storing data in the cloud can be even more secure than storing data on premises. ...

Are Healthcare Breaches Down Because of CASBs?

Blog Published: 03/19/2018

By Salim Hafid, Product Marketing Manager, Bitglass Bitglass just released its fourth annual Healthcare Breach Report, which dives into healthcare breaches over 2017 and compares the rate of breach over previous years. A big surprise this year was the precipitous drop in the volume of breaches...

34 Cloud Security Terms You Should Know

Blog Published: 03/23/2018

By Dylan Press, Director of Marketing, AvananWe hope you use this as a reference not only for yourself but for your team and in training your organization. Print this out and pin it outside your cubicle.How can you properly research a cloud security solution if you don't understand what you ar...

AWS Cloud: Proactive Security and Forensic Readiness – Part 3

Blog Published: 03/27/2018

Part 3: Data protection in AWSBy Neha Thethi, Information Security Analyst, BH Consulting This is the third in a five-part blog series that provides a checklist for proactive security and forensic readiness in the AWS cloud environment. This post relates to protecting data within AWS. Data pro...

The "Ronald Reagan" Attack Allows Hackers to Bypass Gmail's Anti-phishing Security

Blog Published: 04/02/2018

By Yoav Nathaniel, ‎Customer Success Manager, AvananWe started tracking a new method hackers use to bypass Gmail's SPF check for spear-phishing. The hackers send from an external server, the user sees an internal user (For example, your CEO) and Gmail's SPF-check, designed to indicate the vali...

CSA Summit at RSA Conference 2018 Turns Its Focus to Enterprise Grade Security: Will you be there?

Blog Published: 04/03/2018

By J.R. Santos, Executive Vice President of Research, Cloud Security AllianceToday’s enterprise cloud adoption has moved well beyond the early adopters to encompass a wide range of mission-critical business functions. As financial services, government and other industries with regulatory mand...

Australia's First OAIC Breach Forecasts Grim GDPR Outcome

Blog Published: 04/04/2018

By Rich Campagna, Chief Marketing Officer, BitglassThe first breach under the Office of the Australian Information Commissioner's (OAIC) Privacy Amendment Bill was made public on March 16. While this breach means bad press for the offending party, shipping company Svitzer Australia, more frigh...

Five Reasons to Reserve Your Seat at the CCSK Plus Hands-on Course at RSAC 2018

Blog Published: 04/05/2018

By Ryan Bergsma, Training Program Director, Cloud Security AllianceThe IT job market is tough and it’s even tougher to stand out from the pack, whether it’s to your current boss or a prospective one. There is one thing, though, that can put you head and shoulders above the rest—achieving your ...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
50
51
52
54
56
57
58
Last »