Cloud 101
Circle
Events
Blog

CSA Research

Best practices, guidance, frameworks and tools to help the industry secure the cloud. Read our research to get your questions around cloud security answered.
Research

CSA Research is created by the industry for the industry and is both vendor-neutral and consensus driven. Our research is created by subject matter experts who volunteer for our working groups. Each working group focuses on a unique topic or aspect of cloud security, from IoT, DevSecOps, Serverless and more, we have working groups for over 20 areas of cloud computing. You can view a list of all active research working groups. To find out more about how our research is created and the process we follow you can view the CSA Research Lifecycle.

Contribute to CSA Research

Peer reviews allow security professionals from around the world to collaborate on CSA research. Provide your feedback on the following documents in progress.

Latest Research

CSA CCM v4.0 Addendum - Spain National Security Framework (ENS)

CSA CCM v4.0 Addendum - Spain National Security Framework (ENS)

Release Date: 12/08/2022

This document is an addendum to the CCM V4.0 that contains controls mapping between the CSA CCM and Spain's National Security Framework (ENS).


The document aims to help ENS compliant organizations meet CCM requirements. This is achieved by identifying compliance gaps in ENS in relation to the...
Demystifying Zero Trust for the C-Level (and the rest of us)

Demystifying Zero Trust for the C-Level (and the rest of us)

Release Date: 11/21/2022

The advent of Zero Trust should be regarded as an opportunity to better align IT with an organization’s business strategy. The whole purpose of modern networked computing is to facilitate collaboration, both with others that are part of the organization, but more importantly with entities that...
Zero In: Executive Considerations in a Zero Trust World

Zero In: Executive Considerations in a Zero Trust World

Release Date: 11/21/2022

What does implementing Zero Trust mean for CISO’s or other leadership roles in the enterprise? When approached with a Zero Trust project idea, what must leaders consider? What are the budgeting considerations involved in Zero trust? What key features should you concern yourself with, and how...