Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
SolarWinds - How Cybersecurity Teams Should Respond

Published: 12/16/2020

By Paul Kurtz Co-founder and Executive Chairman, TruSTAR Technology SolarWinds perhaps represents the most severe hack of the digital age. The playbook of our adversaries continues to evolve, but defenders are losing, and the gap is widening. Discussion of imposing consequences on adversaries see...

Cloud Security: The Necessity of Threat Hunting

Published: 10/28/2020

By the CSA Minnesota Chapter What is threat hunting? Threat hunting is the proactive search for real and potential threats that may be hidden in a network’s environment. These threats are tricky and malicious and are designed to pass through endpoint defenses undetected. If unfound, these att...

Abusing Privilege Escalation in Salesforce Using APEX

Published: 07/16/2020

By Nitay Bachrach, Senior Security Researcher, PolyrizeThis article describes in detail a Salesforce privilege escalation scenario whereby a malicious insider exploits Author Apex permission to take over an organization’s Salesforce account and all data within it. The user abuses the fact that so...

Cloud Security Challenges in 2020

Published: 02/18/2020

By Ashwin Chaudhary, Chief Executive Officer, Accedere Inc.The worldwide public cloud services market is forecast to grow 17% in 2020 to total $266.4 billion, up from $227.8 billion in 2019 according to Gartner. As the cloud continues to be more and more heavily adopted, it’s important to be awa...

Egregious 11 Meta-Analysis Part 3: Weak Control Plane and DoS

Published: 09/12/2019

By Victor Chin, Research Analyst, CSAThis is the third blog post in the series where we analyze the security issues in the new iteration of the Top Threats to Cloud Computing report. Each blog post features a security issue that is being perceived as less relevant and one that is being perceived ...

Egregious 11 Meta-Analysis Part 2: Virtualizing Visibility

Published: 08/28/2019

By Victor Chin, Research Analyst, CSAThis is the second blog post in the series where we analyze the security issues in the new iteration of the Top Threats to Cloud Computing report. Each blog post features a security issue that is being perceived as less relevant and one that is being perceived...

Egregious 11 Meta-Analysis Part 1: (In)sufficient Due Diligence and Cloud Security Architecture and Strategy

Published: 08/13/2019

By Victor Chin, Research Analyst, CSA On August 6th, 2019, the CSA Top Threats working group released the third iteration of the Top Threats to Cloud Computing report. This is the first blog post in the series where we analyze the security issues in the new iteration of the Top Threats to Cloud ...

Uncovering the CSA Top Threats to Cloud Computing with Jim Reavis

Published: 08/08/2019

By Greg Jensen, Sr. Principal Director - Security Cloud Business Group, OracleFor the few that attend this year’s BlackHat conference kicking off this week in Las Vegas, many will walk away with an in depth understanding and knowledge on risk as well as actionable understandings on how they can w...

Organizations Must Realign to Face New Cloud Realities

Published: 07/30/2019

Jim Reavis, Co-founder and Chief Executive Officer, CSAWhile cloud adoption is moving fast, many enterprises still underestimate the scale and complexity of cloud threatsTechnology advancements often present benefits to humanity while simultaneously opening up new fronts in the on-going and incre...

CSA on This Millennium Alliance Podcast

Published: 04/26/2019

By Cara Bernstein, Manager/Executive Education Partnerships, The Millennium AllianceThis podcast episode features The Millennium Alliance partner, The Cloud Security Alliance. We sat down with Vince Campitelli, Enterprise Security Specialist, and Jon-Michael C. Brook, Principal, Guide Holdings, L...

Browse by Topic