Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Online Training Platform
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Zero Trust Training (ZTT)
Micro-Trainings
Advanced Cloud Security Practitioner (ACSP) Training
Get Involved
Become an Instructor
Become a Training Partner
Train my entire team
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Security Services
Enterprise Resource Planning
Software-Defined Perimeter
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Top Threats
View all topics
Cloud 101
Circle
Events
Blog
Sign In

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Home
Industry Insights
The Challenges of Cloud Detection and Response
Published: 03/13/2023

Originally published by TrueFort. Written by Nik Hewitt. Detecting unexpected behavior in a cloud environment is often challenging due to the lack of instrumentation and the continual churn of devices and applications. Being able to separate legitimate attacks from everyday ‘noise’ is a critical ...

Identities: The New Enterprise Perimeter
Published: 03/03/2023

Written by Lior Yaari, Cofounder and CEO of Grip Security. Originally published on Forbes. In cybersecurity, the enterprise perimeter is the point where a company’s defenses begin. In the past, this was a physical perimeter defined by the company’s network, or a managed endpoint when the employee...

Not All Sandboxes Are for Children: How to Secure Your SaaS Sandbox
Published: 02/22/2023

Originally published by Adaptive Shield. Written by Hananel Livneh, Adaptive Shield. When creating a Sandbox, the mindset tends to be that the Sandbox is considered a place to play around, test things, and there will be no effect on the production or operational system. Therefore, people don’t ac...

10 SaaS Governance Best Practices to Protect Your Data
Published: 02/17/2023

Written by the SaaS Governance Working Group. In the context of cloud security, the focus is almost always on securing Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) environments. This is despite the reality that while organizations tend to consume 2-3 IaaS providers, they ar...

Ensuring SaaS Security in ISO Compliance
Published: 02/07/2023

Originally published by Adaptive Shield. The International Organization for Standardization (ISO) sets standards across various industries. As an internationally recognized standards organization, its two information technology security standards - ISO 27000:2018 and ISO 27001:2013 - can be used ...

5 Timely SaaS Security Recommendations for 2023
Published: 01/27/2023

Written by Jesse Butts, Head of Content & Communications, AppOmni. While our colleagues were winding down for the holidays, cybersecurity professionals spent the tail-end of 2022, and first week of 2023, responding to major SaaS breaches. Late December ushered in disclosures of Okta, Last...

Who Has Control: The SaaS App Admin Paradox
Published: 01/23/2023

Originally published by Adaptive Shield. Written by Eliana Vuijsje, Adaptive Shield. Imagine this: a company-wide lockout to the company CRM, like Salesforce, because the organization's external admin attempts to disable MFA for themselves. They don't think to consult with the security team and d...

Proxying Your Way to SaaS Security? There’s a Better Approach!
Published: 01/19/2023

Originally published by DoControl. Written by John Newsome, DoControl. Over the course of my 20 plus years in cybersecurity, I’ve had the opportunity to work for some outstanding companies and thought leaders in the industry. One of the most controversial and debated topics throughout this time h...

Security Tips to Keep in Mind for 2023
Published: 01/12/2023

Written by Rebecca Harrisson, Content Specialist, Ardoq. Fast-growing scale-ups constantly work to scale their security to match their growth. Ardoq has experienced the proverbial growing pains associated with our own fast growth. As 2023 starts, we’d like to share some tips for better security...

Key Takeaways from Forrester’s Embrace A Paradigm Shift In SaaS Protection: SaaS Security Posture Management Report
Published: 01/10/2023

Originally published by Adaptive Shield. Written by Zehava Musahanov, Adaptive Shield. Forrester, a research and advisory company, offers organization’s a variety of services including research and consulting. Their reports help professionals understand their customer’s behavior, concerns, and in...

How to Control (Maneuver) the Post-IdP Wasteland
Published: 01/04/2023

Originally published by DoControl. Written by Tony Klor, DoControl. In a world where digital transformation is the new normal and employees are more mobile than ever, organizations are inundated with managing often highly sensitive Software as a Service (SaaS) application data. To meet these dema...

7 Significant Findings from the 2022 SaaS Security Survey Report
Published: 12/19/2022

Originally published by Adaptive Shield. Written by Eliana Vuijsje, Adaptive Shield. Last year, we spearhead our first annual SaaS Security Survey Report, where the findings illuminated the SSPM landscape and where the market was holding. In the 2022 SaaS Security Survey Report, in collaborat...

Manual vs. SSPM: Research on What Streamlines SaaS Security Detection and Remediation
Published: 12/07/2022

Originally published by Adaptive Shield. Written by Zehava Musahanov, Adaptive Shield. When it comes to keeping SaaS stacks secure, IT and security teams need to be able to streamline detection and remediation of misconfigurations in order to best protect their SaaS stack from threats. However, w...

The Hidden Costs of Appliance-Based Models
Published: 11/30/2022

Originally published by Netography. Written by Martin Roesch, Netography. In the network security game, deep packet inspection (DPI) technologies are primarily delivered on appliance-based architectures, an approach suffering from major evolutionary pressure due to pervasive network encryption an...

Top 5 Configurations to Check When Setting Up a New SaaS App
Published: 11/21/2022

Originally published by Adaptive Shield. Written by Hananel Livneh, Adaptive Shield. The old days of buying new software, installing it on the company servers, and making sure everything works is gone. All hail the new IT king - SaaS platforms. Ready to go from the start, no installation needed, ...

SaaS Security Use Case Series: SaaS-to-SaaS Access
Published: 11/10/2022

Originally published by Adaptive Shield. Written by Eliana Vuijsje, Adaptive Shield. It's no secret that SaaS-to-SaaS apps can boost productivity, enable remote and hybrid work and are overall, essential in building and scaling a company's work processes.It's an innocuous process much like clicki...

SaaS Risk Report Reveals Exposed Cloud Data is a $28M Risk for Typical Company
Published: 11/03/2022

Originally published by Varonis. Written by Rachel Hunt, Varonis. Some people love taking risks — swimming with great white sharks, climbing El Capitan without a rope, camping in grizzly bear territory with an open jar of peanut butter, and scariest of all, assuming your SaaS data is secure a...

SaaS Security Use Case Series: Device-to-SaaS User Risk
Published: 10/26/2022

Originally published by Adaptive Shield here. Written by Eliana Vuijsje, Marketing Director, Adaptive Shield. Typically, when threat actors look to infiltrate an organization’s SaaS apps, they look to SaaS app misconfigurations as a means for entry. However, employees now use their personal devic...

Misconfigurations 101: The Three V’s of SaaS App Configurations Weaknesses
Published: 10/14/2022

Originally published by Adaptive Shield here. The ease with which SaaS apps can be deployed and adopted is remarkable, but it has quickly become a double-edged sword. On one hand, the availability of SaaS tools enables employees to work from anywhere. For IT and security teams however, the adopti...

Auto-Remediation in SaaS Security: Why SSPM Clients Frequently Prefer Guided Remediation
Published: 10/13/2022

Written by James Alston, Senior Solutions Engineer, AppOmni. In the ongoing struggle to relieve Security teams of tedious manual work while still providing exceptional protection, auto-remediation has emerged as a frequently-discussed topic related to SSPM solutions. And its potential is cert...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.

1
3
Last »