Membership
Join as a Business
Cloud Customers
Cloud Solution Providers
SaaS Solution Providers
Current Business Members
CxO Initiative
Contact Us
Join as an Individual
Regional Chapters
Circle Community Forum
Research Working Groups
STAR Program
STAR Registry
STAR Home
Submit to Registry
Provide Feedback
What is the STAR Registry?
Learn how to stay compliant in the cloud.
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
CSA Approved STAR Assessment Firms
Certificates & Training
Events
Learn and network while you earn CPE credits.
Events
Virtual Events & Webinars
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Train my entire team
Training Instructors
Become an Instructor
Training Partners
Become a Training Partner
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
CxO Initiative
CloudBytes Webinars
Awards & Recognition
Ron Knode Awards
Research Fellows
Industry Specific Research
Financial Services
Healthcare
Getting Started with CSA Research
Best practices for cloud security
Assess your compliance to cloud standards
Security questionnaire for vendors
The top threats to cloud computing
View more
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Internet of Things (IoT)
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Serverless
Security Services
Enterprise Resource Planning
Cloud Key Management
Security as a Service
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Incident Response
Top Threats
View all working groups
Membership
Join as a Business
Cloud Customers
Cloud Solution Providers
SaaS Solution Providers
Current Business Members
CxO Initiative
Contact Us
Join as an Individual
Regional Chapters
Circle Community Forum
Research Working Groups
STAR Program
STAR Registry
STAR Home
Submit to Registry
Provide Feedback
What is the STAR Registry?
Learn how to stay compliant in the cloud.
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
CSA Approved STAR Assessment Firms
Certificates & Training
Events
Learn and network while you earn CPE credits.
Events
Virtual Events & Webinars
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Train my entire team
Training Instructors
Become an Instructor
Training Partners
Become a Training Partner
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
CxO Initiative
CloudBytes Webinars
Awards & Recognition
Ron Knode Awards
Research Fellows
Industry Specific Research
Financial Services
Healthcare
Getting Started with CSA Research
Best practices for cloud security
Assess your compliance to cloud standards
Security questionnaire for vendors
The top threats to cloud computing
View more
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Internet of Things (IoT)
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Serverless
Security Services
Enterprise Resource Planning
Cloud Key Management
Security as a Service
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Incident Response
Top Threats
View all working groups
Circle
Events
Blog

CSA Research

Best practices, guidance, frameworks and tools to help the industry secure the cloud. Read our research to get your questions around cloud security answered.
View Latest ResearchView Working Groups
Research Home
Working Groups
Publications
Contribute
Home
Research

CSA Research is created by the industry for the industry and is both vendor-neutral and consensus driven. Our research is created by subject matter experts who volunteer for our working groups. Each working group focuses on a unique topic or aspect of cloud security, from IoT, DevSecOps, Serverless and more, we have working groups for over 20 areas of cloud computing. You can view a list of all active research working groups. To find out more about how our research is created and the process we follow you can view the CSA Research Lifecycle.

Want to learn how to stay secure in the cloud?

Read CSA’s recommendations

Join a Working Group Meeting

Community
Begins at
Enterprise Resource Planning Working Group
Jan 26, 2022, 09:00AM PST
Cloud Key Management Working Group
Jan 26, 2022, 09:00AM PST
Blockchain/Distributed Ledger Working Group
Jan 26, 2022, 10:00AM PST
See all meetings

Contribute to CSA Research

Peer reviews allow security professionals from around the world to collaborate on CSA research. Provide your feedback on the following documents in progress.

Publications in Review
Open Until
Guide to the IoT Security Controls Framework v3
Feb 04, 2022
IoT Security Controls Framework v3
Feb 04, 2022
IoT Charter 2022
Feb 10, 2022
C-Level Guidance to Securing Serverless Architectures
Feb 10, 2022
Cloud Data Breach Investigation Working Group Charter
Feb 25, 2022
View all

Latest Research

Artificial Intelligence in Healthcare

Artificial Intelligence in Healthcare

Release Date: 01/06/2022

Artificial intelligence (AI) now has the potential to be integrated into all aspects of healthcare, from management to delivery and diagnosis. These advancements can help improve clinical outcomes, reduce cost, and improve population health. However, there remain some issues with AI that must be addressed. These include ethical and legal issues, a lack of data exchange, regulatory compliance requirements, and patient and provider adoption. This document from our Health Information Management Working Group provides an overview of the fu...

Download Now
Corda Enterprise 4.8 - Architecture Security Report

Corda Enterprise 4.8 - Architecture Security Report

Release Date: 12/15/2021

Blockchain technology is being rapidly adopted by enterprises to bring traceability and transparency to external business workflows. Considering that many of these workflows involve transactions and custody of value in the form of digital assets or other high-value data, cybersecurity attributes such as privacy, confidentiality, integrity, and availability certainly take center stage in the blockchain space. This report from our Blockchain/Distribu...

Download Now
Corda Enterprise 4.8 - Security Controls Checklist

Corda Enterprise 4.8 - Security Controls Checklist

Release Date: 12/15/2021

In this spreadsheet, our Blockchain/Distributed Ledger Working Group delivers a fully implementable security controls checklist for the blockchain framework Corda Enterprise 4.8. These controls are aligned with the NIST Cybersecurity Framework’s controls to proactively prevent, detect and respond to the risks of Fabric 2.0, thus mitigating the business impacts downstream caused by loss of trade, trust, and ownership. In the accompanying Corda Enterprises ...

Download Now
View All Research