Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

All Articles

Home
All Articles
Cloud Security Alliance Issues Best Practices for Healthcare Delivery Organizations (HDO) to Mitigate Supply Chain Cyber Risks

Press Release Published: 05/12/2022

HDOs must take a multidisciplinary approach that includes criteria for supplier evaluation, risk management, risk treatment, and monitoring and responseSEATTLE – May 12, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and...

Google Cloud CISO Phil Venables to Keynote Cloud Security Alliance’s SECtember

Press Release Published: 05/12/2022

Targeted sessions and state-of-the-art educational activities at this year's event provide a deep awareness of today’s most pressing strategic cloud, cybersecurity issuesSEATTLE – May 12, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, c...

SSE: The MVP of The Cybersecurity Mesh Architecture

Blog Published: 05/12/2022

This blog was originally published by Axis Security here. Overtime IT has adopted a number of siloed security services. These services work adjacent to one another, rather than WITH one another. As you would’ve guessed, this increases complexity and decreases efficiency. This is why we must do aw...

SAP Security Patch Day April 2022: In Focus: Spring4Shell and SAP MII

Blog Published: 05/11/2022

This blog was originally published by Onapsis here. Written by Thomas Fritsch, Onapsis. Highlights of April SAP Security Notes analysis include:April Summary - 35 new and updated SAP security patches released, including six HotNews Notes and six High Priority Notes. SAP affected by Spring4Shell -...

Threat Activity Clusters: Project Ice Cream

Blog Published: 05/11/2022

This blog was originally published by Alert Logic here. Written by Josh Davies, Product Manager, Alert Logic. The Challenge Continuously hunting for the latest and emerging threats and campaigns requires dedicated SOC analysts, data scientists, and security researchers. This human led pro...

Threat Detection Software: A Deep Dive

Blog Published: 05/10/2022

This blog was originally published by Panther here. Written by Mark Stone, Panther. As the threat landscape evolves and multiplies with more advanced attacks than ever, defending against these modern cyber threats is a monumental challenge for almost any organization. Threat detection is about an...

Container Security Best Practices

Blog Published: 05/10/2022

This blog was originally published by Sysdig here. Written by Álvaro Iradier, Sysdig. Sticking to container security best practices is critical for successfully delivering verified software, as well as preventing severe security breaches and its consequences.According to the 2020 CNFC Survey, 92 ...

Why Machine Identity Management Has Become a Critical Priority for Organizations

Blog Published: 05/09/2022

This blog was originally published by Entrust here. Written by Samantha Mabey, Product Marketing Management Director, Certificate Solutions at Entrust. As the number of machine identities continues to rise, so does the urgency to make sure they are being properly managed. In fact, in a recent s...

How to Secure Deployments in Kubernetes?

Blog Published: 05/09/2022

This blog was originally published by ARMO here. Written by Leonid Sandler, CTO & Co-founder, ARMO. Security is crucial ‌for containerized applications that run on a shared infrastructure. With more and more organizations moving their container workloads to Kubernetes, K8s has become the go-t...

Ultimate Guide to Observability: What It Is and How to Do It Well

Blog Published: 05/06/2022

This blog was originally published by Contino here. Written by Matthew Macdonald-Wallace, Contino. The complexity of software systems is ever increasing; organisations need to invest in ensuring that their systems are operable.In this blog, we’re taking a deep dive into observability: what it is,...

The Five Universal Fundamentals for Securing Your Cloud

Blog Published: 05/06/2022

This blog was originally published on fugue.co on April 7, 2022.Written by Josh Stella, chief architect at Snyk. The word “misconfiguration” can seem quite innocuous — an innocent mistake that’s easy to fix, like putting your car into drive while the parking brake is still engaged. You quickl...

CCSK Success Stories: From the Vice President of Strategic Alliances

Blog Published: 05/05/2022

This is part of a blog series interviewing cybersecurity professionals who have earned their Certificate of Cloud Security Knowledge (CCSK). In these blogs we invite individuals to share some of the challenges they face in managing security for cloud computing and how they were able to leverage k...

What’s Zero Trust Data Access?

Blog Published: 05/04/2022

This blogs was originally published by DoControl here. Written by Adam Gavish, DoControl. “Zero trust is a way of thinking, not a specific technology or architecture,” says Gartner Distinguished VP Analyst Neil MacDonald. “It’s really about zero implicit trust, as that’s what we want to get rid o...

What is a BLOB (Binary Large Object)? Can it be Tokenized?

Blog Published: 05/04/2022

This blog was originally published by TokenEx here. Written by Anni Burchfiel, TokenEx. BLOB Definition BLOB stands for a “Binary Large Object,” a data type that stores binary data. Binary Large Objects (BLOBs) can be complex files like images or videos, unlike other data strings that only store...

Accelerating Transaction Success by Applying Zero Trust Principles to Mergers, Acquisitions, and Divestitures

Blog Published: 05/03/2022

This blog was originally published by CXO REvolutionaries here. Written by Stephen Singh, Global Vice President, M&A/Divestiture and ITO Strategy, Planning, and Implementation, Zscaler. Mergers, acquisitions, and divestitures create value by seizing chances to drive growth, enhance margins, b...

Who Owns Third-Party Risks: Breaking Down Management and Compliance Silos

Blog Published: 05/03/2022

This blog was originally published by OneTrust here. Third-party risk management (TPRM) can have a different meaning for different business units, but one thing is for certain: visibility and proper oversight is an absolute must. There are a variety of stakeholders in the business who require...

Security Service Edge (SSE) is the Way to Go, But How Do You Choose?

Blog Published: 05/02/2022

This blog was originally published by Lookout here. Written by Pravin Kothari, Executive Vice President, Product and Strategy, SASE, Lookout. Gartner® recently predicted that “By 2025, 80% of enterprises will have adopted a strategy to unify web, cloud services and private application access from...

The State of Data Security in 2022

Blog Published: 05/02/2022

This blog was originally published by BigID here. Written by Neil Patel, BigID. Data is an organization’s single most valuable asset, relied upon to make critical strategic and operational decisions every day. Much of this information is highly sensitive or critical — and in some cases vulnerable...

The Cloud Has No Hard Edges

Blog Published: 04/29/2022

Written by Tim Sedlack, Sr. Director, Product Management, BeyondTrust You’ve seen the popular meme “I’m old enough to remember when …”, I’m certain. Well, as trite as it sounds, I am old enough to remember when cybersecurity had some pretty hard and fast rules. Passwords had to be complex, and n...

Kubernetes Version 1.24: Everything You Should Know

Blog Published: 04/29/2022

This blog was originally published by ARMO here. Written by Amir Kaushansky, ARMO. The first Kubernetes release of 2022 will be released on May 3rd. The new release, version 1.24, is full of enhancements, new features, and bug fixes.We’ve written this post so you can adjust your Kubernetes resour...

Looking for the CCM?

Start using the Cloud Controls Matrix to simplify compliance with multiple standards & regulations.

Learn more
 
« First
86
87
88
90
92
93
94
Last »