CSA Research
Best practices, guidance, frameworks and tools to help the industry secure the cloud. Read our research to get your questions around cloud security answered.

CSA Research is created by the industry for the industry and is both vendor-neutral and consensus driven. Our research is created by subject matter experts who volunteer for our working groups. Each working group focuses on a unique topic or aspect of cloud security, from IoT, DevSecOps, Serverless and more, we have working groups for over 20 areas of cloud computing. You can view a list of all active research working groups. To find out more about how our research is created and the process we follow you can view the CSA Research Lifecycle.
Contribute to CSA Research
Peer reviews allow security professionals from around the world to collaborate on CSA research. Provide your feedback on the following documents in progress.
Latest Research
Measuring Risk and Risk Governance
Release Date: 06/21/2022
The goal of this research project is to assess the maturity of public cloud and risk management within the enterprise. The key areas of interest include… Assess the maturity of public cloud consumption and risk management in enterprises Understand current challenges and perceived effectiveness of risk management in public cloud Understand the impact of effective risk management practices in the cloud Identify best practices to reduce risk and address risk tolerance in the cloud
Secure Connection Requirements of Hybrid Cloud - Japanese Translation
Release Date: 06/14/2022
This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translated content falls outside of the CSA Research Lifecycle. For any questions and feedback, contact [email protected] The National Institute of Standards and Technology (NIST) defines
C-Level Guidance to Securing Serverless Architectures - Japanese Translation
Release Date: 06/08/2022
This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translated content falls outside of the CSA Research Lifecycle. For any questions and feedback, contact [email protected] 本書「サーバーレスアーキテクチャのセキュリティを確保するためのCレベルへのガイダンス」は、Cloud Security Alliance (CSA)が公開している「C-Level Guidance to Securing Serverless Architectures...