Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Listen Now: 'Real-Talk on Opportunities for Security Teams to Fight AI with AI'

All Articles

Home
All Articles
SOARs vs. No-Code Security Automation: The Case for Both

Blog Published: 10/17/2022

Originally published by The New Stack. Also published by Torq here. Written by Chris Tozzi, Torq. Just a few years ago, security orchestration, automation and response (SOAR) was the new buzzword associated with security modernization.Today, however, SOAR platforms are increasingly assuming a leg...

Top Threat #5 to Cloud Computing: Insecure Software Development

Blog Published: 10/17/2022

Written by the CSA Top Threats Working Group.The CSA Top Threats to Cloud Computing Pandemic Eleven report aims to raise awareness of threats, vulnerabilities, and risks in the cloud. The latest report highlights the Pandemic Eleven top threats, in which the pandemic and the complexity of workloa...

Misconfigurations 101: The Three V’s of SaaS App Configurations Weaknesses

Blog Published: 10/14/2022

Originally published by Adaptive Shield here. The ease with which SaaS apps can be deployed and adopted is remarkable, but it has quickly become a double-edged sword. On one hand, the availability of SaaS tools enables employees to work from anywhere. For IT and security teams however, the adopti...

What is Cloud Data Security?

Blog Published: 10/14/2022

Originally published by Laminar Security here. Written by Andy Smith, Laminar Security. Shifting to the cloud is a necessary step in the digital transformation required for businesses to get and stay ahead. The cloud allows employees to access resources from almost anywhere at any time, enhances ...

Best Defense? Good Cloud Offense

Blog Published: 10/14/2022

Originally published by Cloudtango here. Written by Jordi Vilanova, Cloudtango. Ever since cybersecurity began in the 70s, the focus was always building a good defense as part of the main strategy. The problem with conventional security has traditionally been its reactive nature to security, such...

Can You “Fail” a SOC 2 Examination?

Blog Published: 10/13/2022

Originally published by A-LIGN here. Written by Alex Welsh, Manager, ISO Practice, A-LIGN. Although you can’t “fail” your SOC 2 report, it can result in report opinions to be noted as “modified” or “qualified”. Learn what this means for your organization.Is your organization planning for a SOC 2 ...

Auto-Remediation in SaaS Security: Why SSPM Clients Frequently Prefer Guided Remediation

Blog Published: 10/13/2022

Written by James Alston, Senior Solutions Engineer, AppOmni. In the ongoing struggle to relieve Security teams of tedious manual work while still providing exceptional protection, auto-remediation has emerged as a frequently-discussed topic related to SSPM solutions. And its potential is cert...

Types of Sensitive Data: What Cloud Security Teams Should Know

Blog Published: 10/13/2022

Originally published by Sentra here. Not all data is created equal. If there’s a breach of your public cloud, but all the hackers access is company photos from your last happy hour… well, no one really cares. It’s not making headlines. On the other hand if they leak a file which contains the paym...

What is SAP Security (and Why Does It Matter?)

Blog Published: 10/12/2022

Originally published by Onapsis here. An Overview of SAP Applications Business-critical applications such as ERP, SCM, CRM, SRM, PLM, HCM, BI and others support essential business functions and processes of the world’s largest commercial and governmental organizations, including supply chain, man...

Cybersecurity Skills Shortage Provides Rare Cross-Training Opportunities

Blog Published: 10/12/2022

Originally published by CXO REvolutionaries here. Written by Kavitha Mariappan, EVP, Customer Experience and Transformation, Zscaler. Are you familiar with the saying, “you are the average of the five people you spend the most time with?” It speaks to how our social environment and relationships ...

It’s Not ‘See You Later.’ It’s ‘Goodbye’: Moving on from Tokenization in the Age of Ransomware

Blog Published: 10/12/2022

Written by Arti Raman, CEO, Titaniam. Invented in 2001, tokenization addresses the risk of losing cardholder data from eCommerce platforms and remains the golden standard for protecting sensitive information.The concept was simple: Swap payment card numbers for substitute numbers, i.e., tokens, w...

What Is a Feistel Cipher?

Blog Published: 10/11/2022

Originally published by TokenEx here. Written by Valerie Hare, Content Marketing Specialist, TokenEx. Quick Hits: Feistel cipher is a design model designed to create different block ciphers, such as DES. The model uses substitution and permutation alternately. This cipher structure is based on th...

26 AWS Security Best Practices to Adopt in Production

Blog Published: 10/11/2022

Originally published by Sysdig here. Written by Alejandro Villanueva, Sysdig. One of the most important pillars of a well-architected framework is security. Thus, it is important to follow these AWS security best practices to prevent unnecessary security situations. So, you’ve got a problem to so...

Preventing Security Risks by Controlling SaaS Sprawl

Blog Published: 10/11/2022

Originally published by Axonius here. Written by Kathleen Ohlson, Axonius. The rapid growth of SaaS adoption continues. The necessity of SaaS applications for productivity and collaboration moved organizations to onboard them as fast as they could. But now these organizations have this sprawl of ...

Grand Theft Hacker: A Look at The Rockstar Games and Uber Hack

Blog Published: 10/10/2022

Originally published by Skyhigh Security here. Written by Arnie Lopez, WW Systems Engineering, Skyhigh Security. What does one of the most successful ride-sharing platforms and one of the world’s most popular video games share in common?If you said, “Cars,” you would be right.If you said, “Both w...

What Is Lockdown Mode for iOS and iPadOS and Why Should I Care?

Blog Published: 10/10/2022

Originally published by Lookout here.Written by Christoph Hebeisen, Director, Security Intelligence Research, Lookout.Apple recently announced a new feature in its upcoming iOS and iPadOS called Lockdown Mode. The aim is to protect users such as corporate executives, government officials, journal...

CSA’s New Zero Trust Training and Why It's Needed

Blog Published: 10/10/2022

Zero Trust has possibly been the most mentioned concept in the cybersecurity arena over the last 12 months. For some, it is a revolutionary approach. For others, it is an evolution of a series of trends already ongoing for over a decade. Finally, there are people who consider it just a buzzword a...

How to Detect Ransomware

Blog Published: 10/08/2022

Thanks to Dr. Jim Angle, Michael Roza, and Vince CampitelliOnce you know what ransomware is and how to protect your organization against it, it’s important to learn how to respond if a ransomware attack occurs. The first step: detecting the ransomware attack! The Detect Function of the National I...

Protecting Against Ransomware

Blog Published: 10/07/2022

Thanks to Dr. Jim Angle, Michael Roza, and Vince CampitelliRansomware is a form of malware used by an attacker to encrypt a victim’s data and demand a ransom for the encryption key, which allows the victim access to their data. Part 1 of this blog series further explains what ransomware is and th...

Think Zero Trust Applies Only to Federal Agencies? Think Again!

Blog Published: 10/07/2022

Originally published by Thales here. In my last blog post, I explained how Federal Civilian Executive Branch (FCEB) agencies can comply with The White House Executive Order (E.O.) around implementing zero trust. These solutions do this by offering various capabilities like Bring-Your-Own-Encrypti...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
64
65
66
68
70
71
72
Last »