CSA Research Publications

Whitepapers, Reports and Other Resources

Home
Publications

Browse Publications

The Six Pillars of DevSecOps: Automation

The Six Pillars of DevSecOps: Automation
Release Date: 07/06/2020

Automation is a critical component of DevSecOps because it enables process efficiency, allowing developers, infrastructure, and information security teams to...

Request to download
Evolution of CASB Survey Report

Evolution of CASB Survey Report
Release Date: 07/05/2020

The study on CASB, which queried more than 200 IT and security professionals from a variety of organization sizes and locations, examined the expectations, t...

Request to download

Application Containers and Microservices Working Group Charter
Release Date: 06/26/2020

This charter outlines the mission, scope and responsibilities, structure, etc. of the Application Containers and Microservices Working Group through 2021.

Request to download
Telehealth data in the cloud

Telehealth data in the cloud
Release Date: 06/16/2020

In the wake of COVID-19 Health Delivery Organizations (HDOs) are rapidly increasing their utilization of telehealth capabilities like Remote Patient Monitori...

Request to download

Financial Services Stakeholders Platform Working Group Charter
Release Date: 06/09/2020

Information security plays an integral role in the regulation and protection of customers in the financial industry. Exploring cloud computing and the underl...

Request to download

SDP: The Most Advanced Zero Trust Architecture
Release Date: 05/27/2020

Today’s “Zero Trust” implementations are like putting up a wall with multiple doors and allowing people to come and pick a lock on the door. We are then just...

Request to download
Software-Defined Perimeter (SDP) and Zero Trust

Software-Defined Perimeter (SDP) and Zero Trust
Release Date: 05/27/2020

A Zero Trust implementation using Software-Defined Perimeter enables organizations to defend new variations of old attack methods that are constantly surfaci...

Request to download
Privacy Level Agreement Code of Conduct Translation in 10 Languages

Privacy Level Agreement Code of Conduct Translation in 10 Languages
Release Date: 05/07/2020

Cloud Security Alliance (CSA) in the context of an agreement with OneTrust has translated the Privacy Level Agreement Code of Conduct (PLA CoC) v3.1 in 10 la...

Request to download
CCM Translation in 10 Languages

CCM Translation in 10 Languages
Release Date: 05/07/2020

Cloud Security Alliance (CSA) in the context of an agreement with OneTrust has translated the Cloud Control Matrix (CCM) v3.0.1 in 10 languages in order to f...

Request to download
CAIQ Translation in 10 Languages

CAIQ Translation in 10 Languages
Release Date: 05/07/2020

Cloud Security Alliance (CSA) in the context of an agreement with OneTrust has translated the Consensus Assessments Initiative Questionnaire (CAIQ) v3.0.1 in...

Request to download
Cloud Industrial Internet of Things (IIoT) - Industrial Control Systems Security Glossary

Cloud Industrial Internet of Things (IIoT) - Industrial Control Systems Security Glossary
Release Date: 05/05/2020

The Industrial Control Systems (ICS) Security Glossary is a reference document that brings together ICS and IT/OT related terms and definitions. Bringing t...

Request to download
Cloud Incident Response Framework – A Quick Guide

Cloud Incident Response Framework – A Quick Guide
Release Date: 04/21/2020

What this Quick Guide aims to do is to distill and give readers an overview of key contributions of the work currently undertaken in the CIR WG, towards a co...

Request to download
CAIQ-Lite

CAIQ-Lite
Release Date: 04/07/2020

CSA and Whistic identified the need for a lighter-weight assessment questionnaire in order to accommodate the shift to cloud procurement models, and to enabl...

Request to download
Consensus Assessment Initiative Questionnaire (CAIQ) v3.1

Consensus Assessment Initiative Questionnaire (CAIQ) v3.1
Release Date: 04/01/2020

Cloud Security Alliance (CSA) would like to present the next version of the Consensus Assessments Initiative Questionnaire (CAIQ) v3.1. The CAIQ offers an ...

Request to download
Managing the Risk for Medical Devices Connected to the Cloud

Managing the Risk for Medical Devices Connected to the Cloud
Release Date: 03/16/2020

With the increased number of Internet of Things devices, Healthcare Delivery Organizations are experiencing a digital transformation bigger than anything in ...

Request to download

PLA Code of Practice Template Annex 1 (Updated - March 2020)
Release Date: 03/12/2020

CSA PLA Code of Conduct for GDPR Compliance provides a consistent and comprehensive framework for complying with the EU’s GDPR. The CSA PLA Code of Conduct f...

Request to download
Software-Defined Perimeter ARCHITECTURE GUIDE - Japanese Translation

Software-Defined Perimeter ARCHITECTURE GUIDE - Japanese Translation
Release Date: 03/11/2020

Software Defined Perimeter (SDP) Architecture Guide is designed to leverage proven, standards-based components to stop network attacks against application in...

Request to download
Open Certification Framework Working Group Charter

Open Certification Framework Working Group Charter
Release Date: 03/01/2020

The CSA Open Certification Framework (OCF) is an industry initiative to allow global, trusted independent evaluation of cloud providers. It is a program for ...

Request to download
Best Practices for Implementing a Secure Application Container Architecture - Japanese Translation

Best Practices for Implementing a Secure Application Container Architecture - Japanese Translation
Release Date: 02/27/2020

Application containers and a microservices architecture are being used to design, develop and deploy applications leveraging agile software development appro...

Request to download
Best Practices in Implementing a Secure Microservices Architecture

Best Practices in Implementing a Secure Microservices Architecture
Release Date: 02/24/2020

Application containers and a microservices architecture are being used to design, develop, and deploy applications leveraging agile software development appr...

Request to download