Download Publication

Who it's for:
- Cloud security architects, engineers, analysts, and decision-makers
- Developers
- Infrastructure professionals
- Consultants
Cloud and Compromise (C&C): Gamifying of Cloud Security
Release Date: 07/10/2023
Working Group: Top Threats
- Understand how to build and secure basic cloud architectures
- Understand basic security team roles when building a cybersecurity program
- Identify and protect key assets with cloud security controls and countermeasures
- Protect, detect, and respond to cloud threats and threat indicators
Download this Resource
Related Resources
Acknowledgements

Michael Roza
Risk, Audit, Control, and Compliance Professional
Since 2012 Michael has contributed to over 85 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud Ke...

Jon-Michael Brook
Jon-Michael C. Brook, Principal at Guide Holdings, LLC, has 20 years of experience in Information Security with such organizations as Raytheon, Northrop Grumman, Booz Allen Hamilton, Optiv Security and Symantec. Mr. Brook's work traverses the government, financial, healthcare, gaming, oil and gas and pharmaceutical industries. Mr. Brook obtained a number of industry certifications, including CISSP and CCSK, has patents and trade secrets in...

Randall Brooks
This person does not have a biography listed with CSA.

Alexander Getsin
Alexander Stone Getsin is a financial technologies security leader with particular expertise and interest in cloud security, secure application design, and security governance. Alex is the lead author of industry security best practices, particularly with the Cloud Security Alliance, Top Threats research group, and the (ISC)2 Israeli Chapter, which he helps champion as a co-chairman. Alex leverages a decade of experience in finance, military, ...

Shira Shamban
This person does not have a biography listed with CSA.

Adrian Lane
Adrian Lane is a principle with research firm Securosis, and developer with cloud security firm DisruptOps. Adrian has over 25 years experience in data security and software development. Prior to joining Securosis, Adrian served as the CTO/VP at companies such as IPLocks, Touchpoint, CPMi and Transactor/Brodia. Presently Adrian focuses DevSecOps and Cloud security, performing cloud security audits, training and building solutions for secure...