Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Listen Now: 'Real-Talk on Opportunities for Security Teams to Fight AI with AI'

All Articles

Home
All Articles
Incident Detection and Response in the Cloud

Blog Published: 11/08/2022

Written by Lior Zatlavi, Senior Cloud Security Architect, Ermetic. Cloud technology is not the future of business. Not anymore; now it’s the present. Businesses born today are often cloud-native, and older businesses are migrating their workloads to the cloud, looking for agility and efficien...

Cloud Data Security Means Shrinking the “Data Attack Surface”

Blog Published: 11/08/2022

Originally published by Sentra. Traditionally, the attack surface was just the sum of the different attack vectors that your IT was exposed to. The idea being as you removed vectors through patching and internal audits. With the adoption of cloud technologies, the way we managed the attack surfac...

ISO 27018 vs. ISO 27701

Blog Published: 11/08/2022

Originally published by Schellman. Written by Danny Manimbo, Schellman. Famed baseball player and possessor of a great name, Yogi Berra, once said, “When you come to a fork in the road, take it.” Granted, he was likely being funny, but he obviously never had to pay for an ISO certification. When ...

What is FedRAMP? Complete Guide to FedRAMP Authorization and Certification

Blog Published: 11/07/2022

Originally published by A-LIGN. Written by Tony Bai, Federal Practice Lead, A-LIGN. With the rise in cybersecurity attacks comes wariness from customers — no one wants to work with an organization that has an increased risk of falling victim to an attack. And when it comes to the Federal governme...

How to Accelerate Government Transformation by Reducing Risk, Complexity, and Cost

Blog Published: 11/07/2022

Originally published by Thales. Written by Marcelo Delima, Senior Manager, Global Solutions Marketing, Thales. The days of dreadful long lines at crowded and inefficient government agencies may be coming to an end. Digitalization of services and adoption of new platforms are reinventing governmen...

Don’t Leave it to Your Apps: Why Security Needs to be a Shared Responsibility

Blog Published: 11/07/2022

Originally published by Lookout. Written by Hank Schless, Senior Manager, Security Solutions, Lookout. Here’s a scenario that was unlikely just two years ago: permanently telecommuting from Honolulu to your financial job on Wall Street. Fast forward to today, the world has accepted that productiv...

Top Threat #7 to Cloud Computing: System Vulnerabilities

Blog Published: 11/06/2022

Written by the CSA Top Threats Working Group. The CSA Top Threats to Cloud Computing Pandemic Eleven report aims to raise awareness of threats, vulnerabilities, and risks in the cloud. The latest report highlights the Pandemic Eleven top threats, in which the pandemic and the complexity of worklo...

IoT Security: Why We Need to Develop Secure IoT Devices

Blog Published: 11/05/2022

Internet of Things (IoT) devices represent a wide variety of non-traditional, internet connected devices such as medical devices, cars, drones, simple sensors, and more. These devices often pose a security challenge due to their limited size and the inability to secure them with traditional secur...

SecurityScorecard Partners with Cloud Security Alliance - Why Continuous Cyber Risk Monitoring Across Industries is Crucial

Blog Published: 11/04/2022

Originally published by SecurityScorecard. Effectively evaluating risk goes a long way toward improving an organization’s cybersecurity posture. The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a sec...

2022 Threat Report: Cloud-Native Threats are Increasing and Maturing

Blog Published: 11/04/2022

Originally published by Sysdig. Written by Michael Clark. Sysdig. The first annual cloud-native threat report from Sysdig explores some of the year’s most important security topics in the cloud. As the use of containers and cloud services keeps growing, threat actors are increasingly turning thei...

Definitive Guide to Hybrid Clouds, Chapter 1: Navigating the Hybrid Cloud Journey

Blog Published: 11/04/2022

Originally published by Gigamon. Written by Stephen Goudreault, Gigamon. This post explores Chapter 1 of the Definitive Guide™ to Network Visibility and Analytics in the Hybrid Cloud. Many organizations are deploying assets to the cloud, which is often the start of their cloud migration journey. ...

A Practical Guide to Container Networking

Blog Published: 11/03/2022

Originally published by Tigera. Written by Reza Ramezanpour, Tigera. An important part of any Kubernetes cluster is the underlying containers. Containers are the workloads that your business relies on, what your customers engage with, and what shapes your networking infrastructure. Long story s...

SaaS Risk Report Reveals Exposed Cloud Data is a $28M Risk for Typical Company

Blog Published: 11/03/2022

Originally published by Varonis. Written by Rachel Hunt, Varonis. Some people love taking risks — swimming with great white sharks, climbing El Capitan without a rope, camping in grizzly bear territory with an open jar of peanut butter, and scariest of all, assuming your SaaS data is secure a...

How to Combat Insider Threats to Critical Data

Blog Published: 11/03/2022

Originally published by TrueFort. Written by Matt Hathaway, TrueFort. Malicious cyber attackers have had unprecedented success in the past few years, but their attacks often rely on tricking or exploiting people inside an organization. Employees, software developers, partners, and even executives...

OpenSSL Critical Vulnerability - What is Affected?

Blog Published: 11/02/2022

Originally published by Dazz on October 31, 2022. Written by Alon Kollmann, Director of Product Strategy, Dazz. Everything we know about the vulnerability so far and some insights to help you prioritize your remediation efforts‍If you are reading these lines, you are probably already well aware o...

How to Contain Breaches in the Cloud

Blog Published: 11/02/2022

Written by PJ Kirner, CTO and Co-Founder, Illumio. Hyperconnectivity, hybrid work and an increasingly distributed enterprise have all caused the modern attack surface to explode. In the past 2 years alone, 76 percent of organizations have been attacked by ransomware and 66 percent have experien...

What Lawyers Need to Do to Defend Their Clients and Themselves from Cyber Risk

Blog Published: 11/02/2022

Originally published by Ericom. Written by Nick Kael, CTO, Ericom. Absolute trust is the essential basis of the relationship between law firms and their clients. Lawyers steer clients through complex and often sensitive personal and business situations, helping them navigate difficult issues to g...

Supply Chain Attack via a Trojanized Comm100 Chat Installer

Blog Published: 11/02/2022

Originally published by CrowdStrike. Leveraging a combination of advanced machine learning and artificial intelligence, a new supply chain attack was identified during the installation of a chat-based customer engagement platform. The supply chain attack involved a trojanized installer for the Co...

IAM and Security Automation: How Companies Can Stay Safer in the Cloud

Blog Published: 11/01/2022

Originally published by ShardSecure. Written by Anthony Whitehead, Lead Developer, ShardSecure. Automation of security measures is a long-running topic of discussion. But despite the many benefits, including increased productivity, effectiveness, efficiency, and accuracy, many organizations hav...

Planning for Attacks: How to Hunt for Threats in BigQuery

Blog Published: 11/01/2022

Originally published by Mitiga. Written by Lionel Saposnik and Dan Abramov, Mitiga. BigQuery (also referred as BQ) is a managed service of Google Cloud Platform (GCP), which provides data warehouse capabilities, such as storing large amounts of logs, machine learning (ML), analytics, and other ty...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
61
62
63
65
67
68
69
Last »