CSA Research Publications

Whitepapers, Reports and Other Resources

Home
Publications

Browse Publications

CSA's Perspective on Cloud Risk Management

CSA's Perspective on Cloud Risk Management
Release Date: 08/20/2020

The rapid growth in both scope and market share, combined with the inherent complexity of cloud computing, appears to be straining the capabilities of existi...

Request to download

STAR Certification Guidance Document: Auditing the Cloud Controls Matrix (CCM)
Release Date: 08/05/2020

There are a number of control areas on the CCM that will each be awarded a management capability score on a scale of 1-15. This 2nd version release includes ...

Request to download
Software-Defined Perimeter (SDP) and Zero Trust - Japanese Translation

Software-Defined Perimeter (SDP) and Zero Trust - Japanese Translation
Release Date: 07/24/2020

A Zero Trust implementation using Software-Defined Perimeter enables organizations to defend new variations of old attack methods that are constantly surfaci...

Request to download
Healthcare Big Data in the Cloud

Healthcare Big Data in the Cloud
Release Date: 07/21/2020

We are living in the information age. There are large and complex data sets generated daily. Data is generated by social media, emails, as well as numerous d...

Request to download
Mobile Application Security Testing – Sum-Up & Landscape Overview

Mobile Application Security Testing – Sum-Up & Landscape Overview
Release Date: 07/13/2020

Users place a good deal of trust in mobile app stores’ abilities to review, test, flag and block apps that exhibit undesirable behavior. However, even with t...

Request to download
Hybrid Cloud and Its Associated Risks

Hybrid Cloud and Its Associated Risks
Release Date: 07/13/2020

Cloud computing is flourishing. Hybrid clouds, especially, have been gaining more traction as cloud customers increasingly understand that using public cloud...

Request to download
The Six Pillars of DevSecOps: Automation

The Six Pillars of DevSecOps: Automation
Release Date: 07/06/2020

Automation is a critical component of DevSecOps because it enables process efficiency, allowing developers, infrastructure, and information security teams to...

Request to download
Evolution of CASB Survey Report

Evolution of CASB Survey Report
Release Date: 07/05/2020

The study on CASB, which queried more than 200 IT and security professionals from a variety of organization sizes and locations, examined the expectations, t...

Request to download

Application Containers and Microservices Working Group Charter
Release Date: 06/26/2020

This charter outlines the mission, scope and responsibilities, structure, etc. of the Application Containers and Microservices Working Group through 2021.

Request to download
Telehealth Data in the Cloud

Telehealth Data in the Cloud
Release Date: 06/16/2020

In the wake of COVID-19 Health Delivery Organizations (HDOs) are rapidly increasing their utilization of telehealth capabilities like Remote Patient Monitori...

Request to download

Financial Services Stakeholders Platform Working Group Charter
Release Date: 06/09/2020

Information security plays an integral role in the regulation and protection of customers in the financial industry. Exploring cloud computing and the underl...

Request to download

SDP: The Most Advanced Zero Trust Architecture
Release Date: 05/27/2020

Today’s “Zero Trust” implementations are like putting up a wall with multiple doors and allowing people to come and pick a lock on the door. We are then just...

Request to download
Software-Defined Perimeter (SDP) and Zero Trust

Software-Defined Perimeter (SDP) and Zero Trust
Release Date: 05/27/2020

A Zero Trust implementation using Software-Defined Perimeter enables organizations to defend new variations of old attack methods that are constantly surfaci...

Request to download
Privacy Level Agreement Code of Conduct Translation in 10 Languages

Privacy Level Agreement Code of Conduct Translation in 10 Languages
Release Date: 05/07/2020

Cloud Security Alliance (CSA) in the context of an agreement with OneTrust has translated the Privacy Level Agreement Code of Conduct (PLA CoC) v3.1 in 10 la...

Request to download
CCM Translation in 10 Languages

CCM Translation in 10 Languages
Release Date: 05/07/2020

Cloud Security Alliance (CSA) in the context of an agreement with OneTrust has translated the Cloud Control Matrix (CCM) v3.0.1 in 10 languages in order to f...

Request to download
CAIQ Translation in 10 Languages

CAIQ Translation in 10 Languages
Release Date: 05/07/2020

Cloud Security Alliance (CSA) in the context of an agreement with OneTrust has translated the Consensus Assessments Initiative Questionnaire (CAIQ) v3.0.1 in...

Request to download
Cloud Industrial Internet of Things (IIoT) - Industrial Control Systems Security Glossary

Cloud Industrial Internet of Things (IIoT) - Industrial Control Systems Security Glossary
Release Date: 05/05/2020

The Industrial Control Systems (ICS) Security Glossary is a reference document that brings together ICS and IT/OT related terms and definitions. Bringing t...

Request to download
Cloud Incident Response Framework – A Quick Guide

Cloud Incident Response Framework – A Quick Guide
Release Date: 04/21/2020

What this Quick Guide aims to do is to distill and give readers an overview of key contributions of the work currently undertaken in the CIR WG, towards a co...

Request to download
Consensus Assessment Initiative Questionnaire (CAIQ) v3.1

Consensus Assessment Initiative Questionnaire (CAIQ) v3.1
Release Date: 04/01/2020

Cloud Security Alliance (CSA) would like to present the next version of the Consensus Assessments Initiative Questionnaire (CAIQ) v3.1. The CAIQ offers an ...

Request to download
Managing the Risk for Medical Devices Connected to the Cloud

Managing the Risk for Medical Devices Connected to the Cloud
Release Date: 03/16/2020

With the increased number of Internet of Things devices, Healthcare Delivery Organizations are experiencing a digital transformation bigger than anything in ...

Request to download