Register for CSA’s SECtember conference and trainings today




Circle
Events
Blog

CSA Research

Best practices, guidance, frameworks and tools to help the industry secure the cloud. Read our research to get your questions around cloud security answered.
Research

CSA Research is created by the industry for the industry and is both vendor-neutral and consensus driven. Our research is created by subject matter experts who volunteer for our working groups. Each working group focuses on a unique topic or aspect of cloud security, from IoT, DevSecOps, Serverless and more, we have working groups for over 20 areas of cloud computing. You can view a list of all active research working groups. To find out more about how our research is created and the process we follow you can view the CSA Research Lifecycle.

Contribute to CSA Research

Peer reviews allow security professionals from around the world to collaborate on CSA research. Provide your feedback on the following documents in progress.

Latest Research

Accedere: Using a SOC 2 Approach to Help Organizations Achieve CSA STAR Level 2

Accedere: Using a SOC 2 Approach to Help Organizations Achieve CSA STAR Level 2

Release Date: 09/19/2022

Cybersecurity frameworks, standards and certifications can be quite complicated to understand, making it difficult to identify which standard an organization should aim to achieve. Luckily, CSA auditors are here to help. Accedere Inc. is a global provider of assurance services for cybersecurity...
The State of Cloud Security Risk, Compliance, and Misconfigurations - Korean Translation

The State of Cloud Security Risk, Compliance, and Misconfigurations - Korean Translation

Release Date: 09/07/2022

This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translated content falls outside of the CSA Research Lifecycle. For any questions and feedback, contact [email protected].
Zero Trust Architecture (SP 800-207)

Zero Trust Architecture (SP 800-207)

Release Date: 08/23/2022

The US National Institute of Standards and Technology (NIST) Zero Trust Architecture (ZTA) document describes ZT for enterprise security architects. It is meant to aid understanding of ZTA and provide an enterprise implementation roadmap for zero trust security concepts. Cybersecurity managers...