Cloud 101CircleEventsBlog
Register for CSA's AI Summit at RSAC on May 6!

CSA Research Publications

Whitepapers, Reports and Other Resources

Home
Publications

Browse Publications

Standardizing Security in Diverse Sectors: A Template for STAR-Aligned Sector-Specific Standards

Standardizing Security in Diverse Sectors: A Template for STAR-Aligned Sector-Specific Standards
Release Date: 03/06/2024

The CSA Security, Trust, Assurance, and Risk (STAR) program encompasses the key principles of transparency, rigorous auditing, and harmonization of cybers...

Request to download
Defining the Zero Trust Protect Surface

Defining the Zero Trust Protect Surface
Release Date: 03/05/2024

Enterprise adoption and implementation of Zero Trust is broad and growing. Venture Beat reports that 90% of organizations moving to the cloud are adopting...

Request to download
Beyond Passwords: The Role of Passkeys in Modern Web Security - Japanese Translation

Beyond Passwords: The Role of Passkeys in Modern Web Security - Japanese Translation
Release Date: 02/28/2024

This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate...

Request to download
EU Cloud CoC FAQ

EU Cloud CoC FAQ
Release Date: 02/26/2024

The Cloud Security Alliance (CSA) has partnered with the European Union Cloud Code of Conduct (EU Cloud CoC) on a pioneering initiative setting market sta...

Request to download
The Six Pillars of DevSecOps - Collaboration and Integration

The Six Pillars of DevSecOps - Collaboration and Integration
Release Date: 02/20/2024

“Security can only be achieved through collaboration, not confrontation” is one of the defining principles of DevSecOps. Essentially, security is a team s...

Request to download
STAR Lead Auditor Training FAQ

STAR Lead Auditor Training FAQ
Release Date: 02/14/2024

Developed in collaboration with the CSA and British Standards Institution (BSI), the STAR Lead Auditor training is a comprehensive program that aims to eq...

Request to download
The State of Security Remediation 2024

The State of Security Remediation 2024
Release Date: 02/13/2024

Security remediation involves identifying, evaluating, and addressing security vulnerabilities to mitigate potential risks. In the ever-evolving landscape...

Request to download
CCM v4.0 Addendum - ECUC PP v2.1

CCM v4.0 Addendum - ECUC PP v2.1
Release Date: 02/12/2024

This document is an addendum to the 'ECUC Position Paper v2.1 (ECUC PP v2.1) that contains controls mapping between the CSA CCM v4.0 and the ECUC PPv2.1. ...

Request to download
Health Information Management Working Group Charter 2024

Health Information Management Working Group Charter 2024
Release Date: 01/31/2024

The Health Information Management Working Group aims to directly influence how health information service providers deliver secure cloud solutions (servic...

Request to download
CSA Data Security Glossary

CSA Data Security Glossary
Release Date: 01/22/2024

This CSA Data Security Glossary identifies and defines 127 terms relevant to data security. Based on the CSA Cloud Security Glossary, NIST Glossary, and o...

Request to download
STAR Attestation Value Proposition - Japanese Translation

STAR Attestation Value Proposition - Japanese Translation
Release Date: 01/02/2024

This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate...

Request to download
Zero Trust Guiding Principles - Korean Translation

Zero Trust Guiding Principles - Korean Translation
Release Date: 01/02/2024

This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate...

Request to download
Zero Trust Guiding Principles - Japanese Translation

Zero Trust Guiding Principles - Japanese Translation
Release Date: 12/22/2023

This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate...

Request to download
Key Management Lifecycle Best Practices

Key Management Lifecycle Best Practices
Release Date: 12/19/2023

Cryptographic keys are essential for securing digital assets, yet managing these keys can be challenging for organizations that run applications in the cl...

Request to download
Communicating the Business Value of Zero Trust

Communicating the Business Value of Zero Trust
Release Date: 12/18/2023

Zero Trust is a major industry trend that is being adopted and promoted by security teams around the globe, and for good reason - it delivers improved sec...

Request to download
Recommendations for Adopting a Cloud-Native Key Management Service - Korean Translation

Recommendations for Adopting a Cloud-Native Key Management Service - Korean Translation
Release Date: 12/07/2023

This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate...

Request to download
Cloud Adversarial Vectors, Exploits, and Threats (CAVEaT™): An Emerging Threat Matrix for Industry Collaboration

Cloud Adversarial Vectors, Exploits, and Threats (CAVEaT™): An Emerging Threat Matrix for Industry Collaboration
Release Date: 11/20/2023

An array of threat-based cybersecurity models and associated knowledge bases exist to inform cloud security practitioners. However, the rapid development ...

Request to download
Certificate of Competence in Zero Trust (CCZT) FAQ

Certificate of Competence in Zero Trust (CCZT) FAQ
Release Date: 11/14/2023

Discover everything you need to know about the industry's leading Zero Trust certificate in this FAQ. Developed by the Cloud Security Alliance (CSA), the ...

Request to download
What is IAM for the Cloud? - Chinese Translation

What is IAM for the Cloud? - Chinese Translation
Release Date: 11/13/2023

This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate...

Request to download
Data Loss Prevention and Data Security Survey Report - Chinese Translation

Data Loss Prevention and Data Security Survey Report - Chinese Translation
Release Date: 11/13/2023

This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate...

Request to download