Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersCircleEventsBlog

All Articles

Home
All Articles
Cloud Cybersecurity and the Modern Applications (part 1)

Blog Published: 05/26/2020

By Francesco Cipollone, Chair at Cloud Security Alliance UK Chapter and Director at NSC42 Ltd.Modern enterprises tend to utilize a mix or hybrid of cloud services like IaaS, PaaS and SaaS (Infrastructure/Platform/Software as a Service) to develop cloud applications. In a hybrid situation desi...

Cloud Cybersecurity and the Modern Applications (part 2)

Blog Published: 05/27/2020

By Francesco Cipollone, Chair at Cloud Security Alliance UK Chapter and Director at NSC42 Ltd. Use cases and common pitfallsSecurity appliance vendors are still updating their appliances to include typical cloud architecture that integrates into the cloud provider fabric more efficiently. Some...

Cloud Cybersecurity and the Modern Applications (part 3)

Blog Published: 05/28/2020

By Francesco Cipollone, Chair at Cloud Security Alliance UK Chapter and Director at NSC42 Ltd.Hybrid Patterns in AzureIn new cloud deployment, it is common to see organizations using a combination of multiple cloud environments or methodologies. Managing access control in a single appliance is...

Pen Testing in the Age of Cloud

Blog Published: 05/26/2020

By Josh Stella, CTO and co-founder of FugueLately, we at Fugue have been demonstrating live hacks against cloud infrastructure based on real events in the news. We often walk through a theft of data from Amazon S3 by exploiting little-known misconfigurations of Security Groups, EC2, IAM, and S...

Detect and Track Threats Through UEBA and Incident Governance

Blog Published: 06/02/2020

By Ishani Sircar, Product Marketing Manager at CipherCloudThe Rise of the Unmanaged DevicesMost organizations are predicting an increased remote workforce and adoption of SaaS apps in the coming years. Remote work environments have led to a rapid adoption of data sharing and collaboration apps...

Cloud Security Alliance Announces Phoenix One as Authorized CCSK Training Partner in the Philippines

Press Release Published: 05/28/2020

Training the next generation of cybersecurity professionals in the PhilippinesManila, May 28, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today...

New Paper Offers Practical Guidance on Automating Security in DevSecOps

Blog Published: 07/07/2020

By Souheil Moghnie, NortonLifeLock Today, SAFECode is excited to join the Cloud Security Alliance in sharing a new report offering practical guidance on integrating security automation into the software development lifecycle. The paper, The Six Pillars of DevSecOps: Automation, was developed i...

Cloud Security Alliance Announces Availability of Key Cloud Security Assessment and Guidance Documents in 10 Additional Languages

Press Release Published: 06/23/2020

Cloud Controls Matrix, Consensus Assessments Initiative Questionnaire, and PLA Code of Conduct for GDPR Compliance available to global audienceSEATTLE – June 23, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best...

General James Mattis, Secretary of Defense (2017-2018), to Headline Cloud Security Alliance’s SECtember Premier Event

Press Release Published: 06/22/2020

Andy Kirkland, Joe Schatz join Mattis to provide a global perspective on strategic cloud, cybersecurity issuesSEATTLE – June 22, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secur...

Cloud Security Alliance Partners with Digital Economy Promotion Agency in National Support Initiative for Learning During COVID-19

Press Release Published: 06/03/2020

Keeping the doors of learning open and continuing education in cloud securityBangkok, June 3, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, announced ...

New Data Protection Law Enacted in Dubai Emirate

Blog Published: 06/08/2020

By Francoise Gilbert, Cybersecurity and Privacy Expert, Cloud Security AllianceDubai has enacted a new data protection law that replaces the current privacy law, law N. 1 of 2007. The new 50-page law, which modernizes the current data protection law, will come into effect on July 1, 2020, at w...

The Octopus Scanner Malware: Attacking the open source supply chain

Blog Published: 06/10/2020

By Alvaro Muñoz at GitHubSecuring the open source supply chain is an enormous task. It goes far beyond a security assessment or just patching for the latest CVEs. Supply chain security is about the integrity of the entire software development and delivery ecosystem. From the code commits thems...

Cloud Security Alliance Announces KORNERSTONE as Authorized CCSK Training Partner

Press Release Published: 06/08/2020

Training the next generation of cybersecurity professionals Hong Kong, June 8, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today announced that...

Five Step UEBA to Detect and Stop Insider Attacks

Blog Published: 06/16/2020

By Ishani Sircar, Manager, Product Marketing at CipherCloudEvery year, more than 34% of businesses worldwide are affected by insider threats. (Source: Sisa Infosec)Despite various investments in security, most organizations are still susceptible to data breaches due to bad actors. The losses ...

3 Big Amazon S3 Vulnerabilities You May Be Missing

Blog Published: 06/18/2020

By Drew Wright, Co-Founder Fugue, Inc. When there’s a data breach involving Amazon Web Services (AWS), more often than not it involves the Amazon S3 object storage service. The service is incredibly popular. Introduced way back in 2006 when few knew what the cloud was, S3 is highly scalable, r...

Cloud Security Alliance Issues Call for Papers for EMEA Congress 2020

Press Release Published: 06/11/2020

Papers examining new frontiers accelerating change in information security are soughtBerlin, Germany – June 11, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing ...

CSA Federal Summit 2020 Announces New Venue, Enhanced Safety Measures for Attendees

Press Release Published: 06/16/2020

SEATTLE – June 16, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, announced that in response to the ongoing concerns surrounding COVID-19, its ann...

Cloud Security Alliance Offers Guidance on Adhering to Privacy, Security Protocols for Telehealth Data in the Cloud

Press Release Published: 06/18/2020

Paper addresses privacy, security concerns related to processing, storing, and transmitting patient data in the cloudSEATTLE – June 18, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure ...

How to secure cloud-based collaboration, emails, and messaging apps

Blog Published: 06/23/2020

By Ishani Sircar, Product Marketing Manager at CipherCloudWe can secure information across multiple enterprise cloudsData leaks. Data breaches. Tighter security controls. Yet more breaches. A continuing cat-and-mouse-game. As both the way we do business in a distributed environment and apps ma...

Cloud Security Alliance Announces PT Mitra Integrasi Informatika as an Authorized CCSK Training Partner

Press Release Published: 06/23/2020

Training the next generation of cybersecurity professionalsJakarta, June 23, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today announced that P...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
63
64
65
67
69
70
71
Last »