Membership
Join as a Business
Cloud Customers
Cloud Solution Providers
SaaS Solution Providers
Current Business Members
CxO Trust
Contact Us
Join as an Individual
Regional Chapters
Circle Community Forum
Research Working Groups
STAR Program
STAR Registry
STAR Home
Submit to Registry
Provide Feedback
What is the STAR Registry?
Learn how to stay compliant in the cloud.
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
CSA Approved STAR Assessment Firms
Certificates & Training
Events
Learn and network while you earn CPE credits.
Events
Virtual Events & Webinars
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Train my entire team
Training Instructors
Become an Instructor
Training Partners
Become a Training Partner
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Zero Trust Advancement Center
CxO Trust
CloudBytes Webinars
Industry Specific Research
Financial Services
Healthcare
Getting Started with CSA Research
Best practices for cloud security
Assess your compliance to cloud standards
Security questionnaire for vendors
The top threats to cloud computing
Zero Trust Architecture
View more
Awards & Recognition
Ron Knode Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Internet of Things (IoT)
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Serverless
Security Services
Enterprise Resource Planning
Cloud Key Management
Security as a Service
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Incident Response
Top Threats
View all topics
Membership
Join as a Business
Cloud Customers
Cloud Solution Providers
SaaS Solution Providers
Current Business Members
CxO Trust
Contact Us
Join as an Individual
Regional Chapters
Circle Community Forum
Research Working Groups
STAR Program
STAR Registry
STAR Home
Submit to Registry
Provide Feedback
What is the STAR Registry?
Learn how to stay compliant in the cloud.
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
CSA Approved STAR Assessment Firms
Certificates & Training
Events
Learn and network while you earn CPE credits.
Events
Virtual Events & Webinars
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Train my entire team
Training Instructors
Become an Instructor
Training Partners
Become a Training Partner
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Zero Trust Advancement Center
CxO Trust
CloudBytes Webinars
Industry Specific Research
Financial Services
Healthcare
Getting Started with CSA Research
Best practices for cloud security
Assess your compliance to cloud standards
Security questionnaire for vendors
The top threats to cloud computing
Zero Trust Architecture
View more
Awards & Recognition
Ron Knode Awards
Research Fellows
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Internet of Things (IoT)
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Serverless
Security Services
Enterprise Resource Planning
Cloud Key Management
Security as a Service
Zero Trust
Threat Intelligence
Global Security Database (GSD)
Incident Response
Top Threats
View all topics
Circle
Events
Blog

CSA Research Publications

Whitepapers, Reports and Other Resources

Research Home
Topics
Publications
Working Groups
Peer Reviews
Home
Research
Publications

Browse Publications

Quantum-Safe Security Working Group Charter

Quantum-Safe Security Working Group Charter
Release Date: 07/07/2020

The focus of the Quantum‐Safe Security Working Group is on cryptographic methods that will remain safe after the widespread availability of the quantum compu...

Request to download
The Six Pillars of DevSecOps: Automation

The Six Pillars of DevSecOps: Automation
Release Date: 07/06/2020

Automation is a critical component of DevSecOps because it enables process efficiency, allowing developers, infrastructure, and information security teams to...

Request to download
Evolution of CASB Survey Report

Evolution of CASB Survey Report
Release Date: 07/05/2020

The study on CASB, which queried more than 200 IT and security professionals from a variety of organization sizes and locations, examined the expectations, t...

Request to download
Blockchain and Distributed Ledger Technology Working Group Charter

Blockchain and Distributed Ledger Technology Working Group Charter
Release Date: 06/28/2020

This Cloud Security Alliance charter outlines the mission, scope and responsibilities, structure, etc. of the Blockchain and Distributed Ledger Technology...

Request to download
Application Containers and Microservices Working Group Charter

Application Containers and Microservices Working Group Charter
Release Date: 06/26/2020

This Cloud Security Alliance charter outlines the mission, scope and responsibilities, structure, etc. of the Application Containers and Microservices Wor...

Request to download
Telehealth Data in the Cloud

Telehealth Data in the Cloud
Release Date: 06/16/2020

In the wake of COVID-19 Health Delivery Organizations (HDOs) are rapidly increasing their utilization of telehealth capabilities like Remote Patient Monitori...

Request to download

Financial Services Stakeholders Platform Working Group Charter
Release Date: 06/09/2020

Information security plays an integral role in the regulation and protection of customers in the financial industry. Exploring cloud computing and the underl...

Request to download

SDP: The Most Advanced Zero Trust Architecture
Release Date: 05/27/2020

Today’s “Zero Trust” implementations are like putting up a wall with multiple doors and allowing people to come and pick a lock on the door. We are then just...

Request to download
Software-Defined Perimeter (SDP) and Zero Trust

Software-Defined Perimeter (SDP) and Zero Trust
Release Date: 05/27/2020

A Zero Trust implementation using Software-Defined Perimeter enables organizations to defend new variations of old attack methods that are constantly surfaci...

Request to download
Privacy Level Agreement Code of Conduct Translation in 10 Languages

Privacy Level Agreement Code of Conduct Translation in 10 Languages
Release Date: 05/07/2020

Cloud Security Alliance (CSA) in the context of an agreement with OneTrust has translated the Privacy Level Agreement Code of Conduct (PLA CoC) v3.1 in 10 la...

Request to download
CCM Translation in 10 Languages

CCM Translation in 10 Languages
Release Date: 05/07/2020

Cloud Security Alliance (CSA) in the context of an agreement with OneTrust has translated the Cloud Control Matrix (CCM) v3.0.1 in 10 languages in order to f...

Request to download
CAIQ Translation in 10 Languages

CAIQ Translation in 10 Languages
Release Date: 05/07/2020

Cloud Security Alliance (CSA) in the context of an agreement with OneTrust has translated the Consensus Assessments Initiative Questionnaire (CAIQ) v3.0.1 in...

Request to download
Cloud Industrial Internet of Things (IIoT) - Industrial Control Systems Security Glossary

Cloud Industrial Internet of Things (IIoT) - Industrial Control Systems Security Glossary
Release Date: 05/05/2020

The Industrial Control Systems (ICS) Security Glossary is a reference document that brings together ICS and IT/OT related terms and definitions. Bringing t...

Request to download
Cloud Incident Response Framework – A Quick Guide

Cloud Incident Response Framework – A Quick Guide
Release Date: 04/21/2020

What this Quick Guide aims to do is to distill and give readers an overview of key contributions of the work currently undertaken in the CIR WG, towards a co...

Request to download
Consensus Assessment Initiative Questionnaire (CAIQ) v3.1 [No Longer Supported]

Consensus Assessment Initiative Questionnaire (CAIQ) v3.1 [No Longer Supported]
Release Date: 04/01/2020

Cloud Security Alliance (CSA) would like to present the next version of the Consensus Assessments Initiative Questionnaire (CAIQ) v3.1. The CAIQ offers an ...

Request to download
Managing the Risk for Medical Devices Connected to the Cloud

Managing the Risk for Medical Devices Connected to the Cloud
Release Date: 03/16/2020

With the increased number of Internet of Things devices, Healthcare Delivery Organizations are experiencing a digital transformation bigger than anything in ...

Request to download

PLA Code of Practice Template Annex 1 (Updated - March 2020)
Release Date: 03/12/2020

CSA PLA Code of Conduct for GDPR Compliance provides a consistent and comprehensive framework for complying with the EU’s GDPR. The CSA PLA Code of Conduct f...

Request to download
Software-Defined Perimeter ARCHITECTURE GUIDE - Japanese Translation

Software-Defined Perimeter ARCHITECTURE GUIDE - Japanese Translation
Release Date: 03/11/2020

Software Defined Perimeter (SDP) Architecture Guide is designed to leverage proven, standards-based components to stop network attacks against application in...

Request to download
Best Practices for Implementing a Secure Application Container Architecture - Japanese Translation

Best Practices for Implementing a Secure Application Container Architecture - Japanese Translation
Release Date: 02/27/2020

Application containers and a microservices architecture are being used to design, develop and deploy applications leveraging agile software development appro...

Request to download
Best Practices in Implementing a Secure Microservices Architecture

Best Practices in Implementing a Secure Microservices Architecture
Release Date: 02/24/2020

Application containers and a microservices architecture are being used to design, develop, and deploy applications leveraging agile software development appr...

Request to download
« First
4
5
6
8
10
11
12
Last »