CSA Research Publications
Whitepapers, Reports and Other Resources
Browse Publications
 | The 12 Most Critical Risks for Serverless Applications The 12 Most Critical Risks for Serverless Applications 2019 document is meant to serve as a security awareness and education guide. This report was curated a... Request to download |
 | Cloud Incident Response Charter To develop a holistic Cloud Incident Response (CIR) framework that comprehensively covers key causes of cloud outages (both security and non-security related... Request to download |
| CCM v3.0.1 Addendum - BSI Germany C5 v1 This document is an addendum to the Cloud Controls Matrix (CCM) V3.0.1 controls. It contains the additional controls that serves to bridge the gap between CC... Request to download |
| CCM v3.0.1 Addendum - ISO 27002 27017 27018 v1.1 This document is an addendum to the Cloud Controls Matrix (CCM) V3.0.1 controls. It contains the additional controls that serves to bridge the gap between CC... Request to download |
 | Enterprise Resource Planning and Cloud Adoption The “Impact of Cloud on ERP” survey report was designed to assess the impact of ERP solutions on organizations and better understand cloud preparation and da... Request to download |
 | Guideline on Effectively Managing Security Service in the Cloud - Chinese Translation This initiative aims to develop a research whitepaper, focusing on building up a cloud security services management platform. This whitepaper will serve as a... Request to download |
 | Guideline on Effectively Managing Security Service in the Cloud This initiative aims to develop a research whitepaper, focusing on building up a cloud security services management platform. This whitepaper will serve as a... Request to download |
 | Streamlining Vendor IT Security and Risk Assessments Cloud computing has rapidly gained traction as a significant and even default IT system for many different organizations. In such a dynamic environment, cybe... Request to download |
 | Blockchain DLT Use Cases Thanks to the rise in popularity of Bitcoin cryptocurrency, the innovative technologies of Blockchain and other systems of distributed ledger technology (DLT... Request to download |
 | HIM Working Group Charter The use of new technologies, such as cloud services and the Internet of Things (IoT), will disrupt legacy systems and the chain of data processing in the sup... Request to download |
| Security Guidance v4.0 Info Sheet This version, the first major update since 2011, is the culmination of over a year of dedicated research and public participation from the CSA community, wor... Request to download |
| CCM v3.0 - Chinese Translation The Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) provides fundamental security principles to guide cloud vendors and cloud customers seeking to ... Request to download |
 | Security Guidance for Critical Areas of Focus in Cloud Computing v4.0 (Spanish Translation) Con este documento, nuestro objetivo es proporcionar tanto orientación como inspiración para respaldar los objetivos comerciales, mientras se gestionan y m... Request to download |
 | Using BlockChain Technology to Secure the Internet of Things - Japanese Translation 本書「IoT セキュリティのためのブロックチェーン技術の活用」は、Cloud Security Alliance (CSA)が公開して いる「Using Blockchain Technology to Secure the Internet of Things」の日本語訳です。本書は、CSA ジャパ ンが、CS... Request to download |
 | IoT Firmware Update Processes The traditional approach to updating software for IT assets involves analysis, staging and distribution of the update—a process that usually occurs during of... Request to download |
 | Code of Conduct for GDPR Compliance - Japanese Translation 説明: 本書「GDPR 準拠の為の行動規範」は、Cloud Security Alliance (CSA)が公開している「CODE OF CONDUCT FOR GDPR COMPLIANCE」の日本語訳および一般社団法人日本クラウドセキュリティアライア ンス(CSAジャパン)が解説を加えたもので... Request to download |
 | Top Threats to Cloud Computing: Deep Dive This case study attempts to connect all the dots when it comes to security analysis by using nine anecdotes cited in the Top Threats for its foundation. Each... Request to download |
 | OWASP Secure Medical Devices Deployment Standard With the explosion of botnets and other malware that now target IoT devices (of which medical devices can be considered a subtype) the need for security-min... Request to download |
 | Security Position Paper Network Function Virtualization - Chinese Translation 近五年来,随着云基础设施的能力和复杂性飞速演进,安全风险也相应上升。 虽然虚拟化已不是一个很新的概念,但几乎任何人都可以对计算、存储、网络和应 用程序等资源进行虚拟化的想法会增加安全威胁的影响和速度。同时,全球地缘政 治格局已从由机遇驱动的网络攻击转变为资金充足的国家行动 Request to download |
 | Using BlockChain Technology to Secure the Internet of Things - Chinese Translation This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translated c... Request to download |