CSA Research Publications
Whitepapers, Reports and Other Resources
Browse Publications
AI in Medical Research: Applications & Considerations The advent of artificial intelligence (AI) has brought about a paradigm shift in numerous fields. AI technologies can process vast amounts of data, recogn... Request to download | |
AI Organizational Responsibilities - Core Security Responsibilities - Korean Translation This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download | |
AI Resilience: A Revolutionary Benchmarking Model for AI Safety - Japanese Translation This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download | |
Don’t Panic! Getting Real about AI Governance The excitement around Generative AI and its potential business value continues to grow. A major factor is AI systems' emerging capability to mimic human-l... Request to download | |
The State of Non-Human Identity Security Non-human identities (NHIs) include bots, API keys, service accounts, OAuth tokens, and secrets. These identities keep today’s organizations running smoot... Request to download | |
Confidential Computing Working Group Charter 2024 The working group is tasked with exploring and implementing Confidential Computing technologies to enhance data security across various industries. This g... Request to download | |
Zero Trust Guiding Principles v1.1 Zero Trust is a strategic mindset that is highly useful for organizations to adopt as part of their digital transformations. Based on the idea of "never t... Request to download | |
Data Privacy Engineering Working Group Charter 2024 The Data Privacy Engineering Working Group (DPE WG) is chartered with the mission to integrate privacy-centric methodologies into development workflows, a... Request to download | |
Fully Homomorphic Encryption Working Group Charter 2024 Through the use and deployment of cryptographic libraries, specialist software toolchains, and dedicated hardware and infrastructure, Fully Homomorphic En... Request to download | |
Securing LLM Backed Systems: Essential Authorization Practices Organizations are increasingly leveraging Large Language Models (LLMs) to tackle diverse business problems. Both existing companies and a crop of new star... Request to download | |
Strengthening Research Integrity with High-Performance Computing (HPC) Security High-Performance Computing (HPC) systems aggregate computing resources to gain performance greater than that of a single workstation. HPC systems have bec... Request to download | |
Using AI for Offensive Security Offensive security involves proactively simulating an attacker’s behavior by using tactics and techniques similar to those of an adversary to identify sys... Request to download | |
Top Threats to Cloud Computing 2024 The CSA Top Threats Report aims to raise awareness of current cloud security risks, threats, and vulnerabilities. In this 2024 installment, we surveyed ov... Request to download | |
Quantum-Safe Security Governance with the Cloud Controls Matrix For the last decade or so there have been major developments in the quantum and post-quantum cryptography spaces. The time has come for enterprise IT depa... Request to download | |
AI Model Risk Management Framework Sophisticated machine learning (ML) models present exciting opportunities in fields such as predictive maintenance and smart supply chain management. Whil... Request to download | |
Security Guidance for Critical Areas of Focus in Cloud Computing v5 Cloud computing has firmly cemented its place as the foundation of the information security industry. The Cloud Security Alliance’s Security Guidance v5 i... Request to download | |
Enterprise Authority To Operate (EATO) Controls Framework Many small and mid-sized cloud-based Anything-as-a-Service (XaaS) vendors struggle to implement robust information security controls. These security gaps ... Request to download | |
SaaS Governance Best Practices for Cloud Customers - Korean Translation This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download | |
CCM Lite and CAIQ Lite v4 - Japanese Translation This localized version of this publication was produced from the original source material (CCM Lite and CAIQ Lite) through the efforts of chapters and vol... Request to download | |
CSA Large Language Model (LLM) Threats Taxonomy This document aims to align the industry by defining key terms related to Large Language Model (LLM) risks and threats. Establishing a common language red... Request to download |