Membership
Join as a Business
Cloud Customers
Cloud Solution Providers
SaaS Solution Providers
CxO Initiative
Contact Us
Current Business Members
Cloud Customers
Cloud Solution Providers
Join as an Individual
Regional Chapters
Circle Community Forum
Research Working Groups
STAR Program
STAR Registry
STAR Home
Submit to Registry
Provide Feedback
What is the STAR Registry?
Learn how to stay compliant in the cloud.
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
CSA Approved STAR Assessment Firms
Certificates & Training
Events & Webinars
Learn and network while you earn CPE credits.
Events
CloudBytes Webinars
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Train my entire team
Training Instructors
Become an Instructor
Training Partners
Become a Training Partner
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
CxO Initiative
CloudBytes Webinars
Awards & Recognition
Ron Knode Awards
Research Fellows
Industry Specific Research
Financial Services
Healthcare
Getting Started with CSA Research
Best practices for cloud security
Assess your compliance to cloud standards
Security questionnaire for vendors
The top threats to cloud computing
View more
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Internet of Things (IoT)
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Serverless
Security Services
Enterprise Resource Planning
Cloud Key Management
Security as a Service
Zero Trust
Threat Intelligence
Incident Response
Top Threats
View all working groups

Contribute to CSA Research

Research Home
Working Groups
Publications
Contribute
Webinars
Upcoming Webinars
Previous Webinars
Sponsorship
Home
Research
Contribute

Open Peer Reviews

Serverless Computing Security in 2021

Open Until: 06/13/2021

Like any solution, serverless computing brings with it a variety of cyber risks. This paper covers security for serverless appli...

Participate in peer review

Software-Defined Perimeter (SDP) Specification v2.0

Open Until: 06/18/2021

This document updates the Cloud Security Alliance (CSA) Software-Defined Perimeter (SDP) Specification. Version 1.0 was written ...

Participate in peer review

SecaaS Working Group Charter 2021

Open Until: 06/18/2021

This charter lays out the scope, responsibilities, and roadmap for the Security as a Service Working Group. We welcome all feedb...

Participate in peer review

International Standardization Council Charter 2021

Open Until: 06/18/2021

This charter lays out the scope, responsibilities, and roadmap for the International Standardization Council. We welcome all fee...

Participate in peer review

Recommendations for Adopting a Cloud-Native Key Management Service

Open Until: 06/30/2021

The purpose of this document is to provide general guidance for choosing, planning, and deploying cloud-native Key Management Sy...

Participate in peer review

Secure Connection Requirements of Hybrid Cloud

Open Until: 07/08/2021

Hybrid cloud environments provide enterprises with diverse resources to run different workloads depending on the Cloud Service C...

Participate in peer review

Ransomware in the Healthcare Industry

Open Until: 07/09/2021

Ransomware is the fastest-growing malware threat today. Over the last few years, it has risen to epidemic proportions, quickly b...

Participate in peer review

Surveys

Cloud Risk and Misconfigurations
Participate here! https://www.surveymonkey.com/r/CSAconfigwebsite

Deadline: July 2
Length: 30 questions, approximately 10 minutes
Prizes for participation:

  • First 100 participants will receive a $5 US Amazon Giftcard
  • All participants will have the chance at winning Bose Sport Earbuds

Research Goals:
The goal of this survey is to assess readiness of organizations that
leverage the public cloud for mitigating security and compliance risks due
to configuration mistakes. Key areas of interest include:

  • Top public cloud security risks including those due to configuration
    mistakes
  • Who is responsible for detecting and remediating cloud security and
    compliance risks?
  • What tools are being used for detecting and remediating cloud security
    and compliance risks
  • Key challenges security owners face in reducing configuration security
    and compliance risk
  • Where companies are in their Cloud Security Posture Management (CSPM)
    journey
  • How security owners measure progress and success in CSPM