Cloud 101

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
DevSecOps Best Practices for Vulnerability Management in the Cloud
Published: 04/22/2022

This blog was originally published by Vulcan Cyber here. Written by Natalie Kriheli, Vulcan Cyber. With DevSecOps best practices, teams can remain on top of their security controls while taking full advantage of everything the cloud has to offer. A growing trend in the cloud ecosystem, DevSecOps ...

Security Performance Reporting
Published: 04/20/2022

Command guidance for CISO-to-stakeholder communications Written by John Hellickson, Field CISO, Coalfire There is tremendous urgency for security professionals to do a better job at communicating security program performance to enterprise stakeholders and boards of directors. For the Coalfire ...

Why You Need Application Security Testing for Business-Critical Applications
Published: 04/14/2022

This blog was originally published by Onapsis here. This blog is about the importance of building secure business-critical applications with application security testing. While many organizations employ defense-in-depth security models to protect their critical systems, not enough consideration i...

Governing the Organization
Published: 04/13/2022

This blog was originally published by Coalfire here. Written by Matt Klein, Field CISO, Coalfire. Security is the biggest risk to business today. Managing security has become one of the hardest jobs in the enterprise, and failing to do so effectively can create opportunities for severe operationa...

20 DevSecOps Best Practices Across People, Process and Technology
Published: 04/12/2022

This blog was originally published by Contino here. Written by Marcus Maxwell, Contino. How can secure software be developed at speed and scale!?This is the ultimate IT paradox for modern global enterprise organisations: go faster and innovate. But always stay secure.DevSecOps is the answer to in...

Put Your Trust in the Stack
Published: 04/11/2022

This blog was originally published by Entrust here. Written by Wayne Lewandowski, Vice President of Sales, Entrust Data Protection Solutions. Breaches, infiltration, exfiltration, compromised privileges, and interrupted access to critical systems are all parts of a well-written espionage movie, o...

Kubernetes for Beginners – A Step-by-Step Guide
Published: 03/28/2022

This blog was originally published by Vulcan Cyber here. Written by Natalie Kriheli, Vulcan Cyber. For beginners, Kubernetes can seem pretty daunting. It offers a feature-rich, flexible, and extensible platform, but the downside is that Kubernetes security can be quite challenging. Any misconfigu...

The Top 22 Digital Transformation Trends To Look Out For In 2022
Published: 03/22/2022

This blog was originally published by Contino here. Written by Deepak Ramchandani, Contino. 2021 was a big year in the world of digital transformation. The pandemic continued to push businesses to accelerate their digital journeys. From data-driven sustainability initiatives to cloud-first remote...

DevSecOps: Mission-Critical to Enterprise Resilience
Published: 03/11/2022

This blog was originally published by Coalfire here. Written by Caitlin Johanson, Director, Application Security, Coalfire. Whatever tolerance we had for failure has been turned upside down in the cloud. The consequences, never greater. So, what’s the solution? Nothing is more important to en...

CAASM Should Be an Early Security Investment in Every CISO’s Playbook
Published: 03/07/2022

This blog was originally published by JupiterOne here. Written by Jasmine Henry, JupiterOne. It’s possible to improve your security posture on a shoestring budget. There are a growing number of open source tools for security and compliance, but there are also key areas to invest in at the beginni...

Kubernetes Security Best Practices: Definitive Guide
Published: 03/03/2022

This blog was originally published by ARMO here. Written by Jonathan Kaftzan, VP Marketing & Business Development, ARMO. IntroductionKubernetes, an open-source microservice orchestration engine, is well known for its ability to automate the deployment, management, and, most importantly, scaling o...

DevSecOps Automation
Published: 03/03/2022

Getting to market faster requires top-down, customer-first prioritization Written by Adam Kerns, Managing Principal, Cloud Engineering, Coalfire. This blog is based on Coalfire’s Securerealities report, Smartest Path to DevSecOps Transformation. Automation is on everyone's path to DevS...

How Zero Trust Security Will Revolutionize DevSecOps
Published: 03/01/2022

This blog was originally published by Appgate here. Written by Kurt Glazemakers, Appgate. Due to the rise of the cloud and containers, software development has made giant steps forward in productivity, agility and scale. DevOps and DevSecOps have created controlled, easily deployable, secure and ...

What is DevSecOps and How Does it Create a Holistic Cloud Security Environment?
Published: 01/29/2022
Author: Nicole Krenz

What is DevSecOps?In the past, security needs were only addressed after application deployment or after security vulnerabilities were exploited. Businesses are now requiring a stronger collaboration between the development, security, and operational functions. Different combinations of security t...

Your Enterprise Cloud Risk Management Cheat Sheet
Published: 01/27/2022

Written by Fausto Lendeborg, Secberus Picture this: It’s 2022, and cloud risk is no longer the elusive threat it once was. It is tamed through better understanding, faster mitigation and bold, policy-first strategy. Read on for three starter tips. 01Understanding Comes First. Understanding ...

An Optimistic Outlook for 2022: Cloud Security Vulnerabilities are 100% Preventable
Published: 01/25/2022

Written by Josh Stella, CEO and Co-Founder of Fugue Originally published on Fugue’s Blog Predicting that more enterprises will suffer a cloud data breach in 2022 is not exactly going out on a limb. Migrating IT systems and applications out of the data center to cloud computing platforms is a ...

Securing DevOps: The ABCs of Security-as-Code
Published: 01/19/2022

Written by Tony Karam, Concourse Labs. Cybersecurity Built for Public Cloud Traditional cybersecurity architectures and models break down when applied to public cloud. Most public cloud breaches stem from misconfiguration of cloud services, not attacks on the underlying cloud infrastructure. Ho...

How Legacy AST Tools Fail to Secure Cloud Native Applications
Published: 12/17/2021

Written by Ron Vider, Co-Founder & CTO of Oxeye Organizations worldwide are building and deploying cloud native applications, where the architecture is quite different from yesterday’s monolithic counterparts. What used to be a custom code block installed on a single bare metal server or a vi...

DevOps Security Tools for Enterprise DevSecOps Teams
Published: 12/15/2021

This blog was originally published by Vulcan Cyber here. Written by Rhett Glauser, Vulcan Cyber. DevOps has revolutionized the pace at which new iterations of applications are released to meet the needs of customers. By nature, security teams are focused on securing company assets and data, which...

How to Adhere to the AWS Well Architected Framework
Published: 12/10/2021

Originally Published on Fugue’s Website on November 24, 2021 By Becki Lee, Senior Technical Writer The Amazon Web Services Well-Architected Framework is a set of recommendations AWS provides for designing infrastructure for cloud applications and workloads. By following the guidance in the ...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.