Download Publication
Who it's for:
- Cloud security practitioners who analyze threats, assess system preparedness, or design cloud systems and services
- CIOs, CISOs, and senior managers
- Developers and architects
Cloud Threat Modeling
Release Date: 07/29/2021
Working Group: Top Threats
- The baseline threat modeling processes taken from various standards and best practices
- The differences between standard threat modeling and cloud threat modeling
- How to create a cloud threat model from scratch
- A basic cloud threat model reference
- What should be included in a detailed security design report
- Example cloud threat modeling cards
Download this Resource
Acknowledgements
Michael Roza
Risk, Audit, Control and Compliance Professional at EVC
Since 2012, Michael Roza has been a pivotal member of the Cloud Security Alliance (CSA) family. He has contributed to over 125 projects, as a Lead Author or Author/Contributor and many more as a Reviewer/Editor.
Michael's extensive contributions encompass critical areas including Artificial Intelligence, Zero Trust/Software Defined Perimeter, Internet of Things, Top Threats, Cloud Control Matrix, DevSecOps, and Key Management. His lea...
Vani Murthy
Sr. Information Security Compliance Advisor, Akamai Technologies
Vani has 20+ years of IT experience in the areas such as Security, Risk, Compliance, Cloud services (IaaS/PaaS/SaaS) architecture
Sean Heide
Technical Research Director, CSA
Jon-Michael Brook
Jon-Michael C. Brook is a certified, 25-year practitioner of cybersecurity, cloud, and privacy. He is the principal contributor to certification sites for privacy and cloud security, and has published books on privacy. Jon-Michael received numerous awards and recognition during his time with Raytheon, Northrop Grumman, Symantec, and Starbucks. He holds patents and trade secrets in intrusion detection, GUI design, and semantic data redaction...
Vic Hargrave
Senior Cyber Analyst/Engineer
Vic Hargrave has 20 years of experience in cybersecurity working for Everfox, Forcepoint Federal, Trend Micro, and VMware developing a broad range of security solutions including user-entity behavior analytics, threat management, and content filtering. Vic specializes in behavior analytics and insider threat risk. He has co-authored several publications with the Top Treat Working Group and is active in the CSA AI Technology and Risk Worki...
Randall Brooks
Adalberto Valle
Nirenj George
Ken Dunham
Ebudo Osime
Fadi Sodah
James Bore
Vladi Sandler
John Yeoh
Global Vice President of Research, CSA
With over 15 years of experience in research and technology, John excels at executive-level leadership, relationship management, and strategy development. He is a published author, technologist, and researcher with areas of expertise in cybersecurity, cloud computing, information security, and next generation technology (IoT, Big Data, SecaaS, Quantum). John specializes in risk management, third party assessment, GRC, data protection, incid...
Interested in helping develop research with CSA?
Related Certificates & Training
Learn more