CSA Research Publications
Whitepapers, Reports and Other Resources
Browse Publications
The State of Security Remediation 2024 Security remediation involves identifying, evaluating, and addressing security vulnerabilities to mitigate potential risks. In the ever-evolving landscape... Request to download | |
CCM v4.0 Addendum - ECUC PP v2.1 This document is an addendum to the 'ECUC Position Paper v2.1 (ECUC PP v2.1) that contains controls mapping between the CSA CCM v4.0 and the ECUC PPv2.1. ... Request to download | |
Top Threats Working Group Charter 2024 The Top Threats Working Group aims to provide up-to-date, industry-informed expert insights on cloud security risks, threats, and vulnerabilities to help ... Request to download | |
Health Information Management Working Group Charter 2024 The Health Information Management Working Group aims to directly influence how health information service providers deliver secure cloud solutions (servic... Request to download | |
CSA Data Security Glossary This CSA Data Security Glossary identifies and defines 127 terms relevant to data security. Based on the CSA Cloud Security Glossary, NIST Glossary, and o... Request to download | |
STAR Attestation Value Proposition - Japanese Translation This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download | |
Zero Trust Guiding Principles - Korean Translation This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download | |
Zero Trust Guiding Principles - Japanese Translation This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download | |
Key Management Lifecycle Best Practices Cryptographic keys are essential for securing digital assets, yet managing these keys can be challenging for organizations that run applications in the cl... Request to download | |
Communicating the Business Value of Zero Trust Zero Trust is a major industry trend that is being adopted and promoted by security teams around the globe, and for good reason - it delivers improved sec... Request to download | |
Recommendations for Adopting a Cloud-Native Key Management Service - Korean Translation Cloud-native key management services (KMS) offer organizations of any size and complexity a low-cost option for meeting their needs for key management, pa... Request to download | |
Cloud Adversarial Vectors, Exploits, and Threats (CAVEaT™): An Emerging Threat Matrix for Industry Collaboration An array of threat-based cybersecurity models and associated knowledge bases exist to inform cloud security practitioners. However, the rapid development ... Request to download | |
What is IAM for the Cloud? - Chinese Translation This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download | |
Data Loss Prevention and Data Security Survey Report - Chinese Translation This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download | |
High Performance Computing Tabletop Guide - Chinese Translation This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download | |
Medical Devices in A Zero Trust Architecture - Chinese Translation This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download | |
Security Implications of ChatGPT - Chinese Translation This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download | |
State of Financial Services in Cloud - Chinese Translation This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download | |
The Six Pillars of DevSecOps: Automation - Chinese Translation This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download | |
Understanding Cloud Attack Vectors - Chinese Translation This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download |