Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
AI Controls Matrix (AICM)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Controls
AI Safety
Enterprise Architecture
Blockchain
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
STAR for AI
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
AI Controls Matrix (AICM)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Education
Online Education Platforms
CSA Training
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Trusted AI Safety Expert (TAISE)
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Controls
AI Safety
Enterprise Architecture
Blockchain
Zero Trust
Top Threats
Strategic Initiatives
Explore CSA's Strategic Initiatives
AI Safety Initiative
Compliance Automation Revolution
Zero Trust Advancement Center
CxO Trust
FinCloud Security
Trusted Cloud Consultant
ChaptersEventsBlog
Card testing is hitting revenue, not just fraud. What should payment companies do now? Register for this March 10 webinar →

CSA Research Publications

Whitepapers, Reports and Other Resources

Research Home
Publications
Working Groups
Peer Reviews
Upcoming Meetings
Home
Research
Publications

Browse Publications

SecaaS Category 7 // Security Information and Event Management Implementation Guidance

SecaaS Category 7 // Security Information and Event Management Implementation Guidance

Release Date: 10/29/2012

This document provides guidance on how to evaluate, architect, and deploy cloud-based SIEM services to both enterprise and cloud-based networks, infrastructu...

Request to download
SecaaS Category 9 // BCDR Implementation Guidance

SecaaS Category 9 // BCDR Implementation Guidance

Release Date: 10/08/2012

When using the cloud for operational processes and/or production systems, an organization’s BC/DR requirements must be included in their procurement, plannin...

Request to download
SecaaS Category 8 // Encryption Implementation Guidance

SecaaS Category 8 // Encryption Implementation Guidance

Release Date: 10/08/2012

Encryption is a primary data (and application) protection technique. For encryption to be useful, encryption keys must be properly managed and protected. Thi...

Request to download
SecaaS Category 6 // Intrusion Management Implementation Guidance

SecaaS Category 6 // Intrusion Management Implementation Guidance

Release Date: 10/08/2012

Because of the limited market maturity and lack of widely accepted best practices, this document provides implementation guidelines for cloud-based intrusion...

Request to download
SecaaS Category 5 // Security Assessments Implementation Guidance

SecaaS Category 5 // Security Assessments Implementation Guidance

Release Date: 10/08/2012

There are many choices for an assessment framework standard and there is no "one size fits all" solution for security assessments. One could reasonably expec...

Request to download
SecaaS Category 4 // Email Security Implementation Guidance

SecaaS Category 4 // Email Security Implementation Guidance

Release Date: 10/08/2012

Due to its ubiquitous use, electronic mail is both the prime target of, and primary vehicle for, attacks, and must be protected on both ends: sending and rec...

Request to download
SecaaS Category 2 // Data Loss Prevention Implementation Guidance

SecaaS Category 2 // Data Loss Prevention Implementation Guidance

Release Date: 10/08/2012

DLP must be considered an essential element for achieving an effective information security strategy for protecting data as it moves to, resides in and depar...

Request to download
SecaaS Category 3 // Web Security Implementation Guidance

SecaaS Category 3 // Web Security Implementation Guidance

Release Date: 10/08/2012

The vendor and academic community have come together to form a set of solutions called Security as a Service. This document specifically addresses one elemen...

Request to download
SecaaS Category 10 // Network Security Implementation Guidance

SecaaS Category 10 // Network Security Implementation Guidance

Release Date: 10/08/2012

In a cloud environment, a major part of network security is likely to be provided by virtual security devices and services, alongside traditional physical ne...

Request to download
Mobile Top Threats

Mobile Top Threats

Release Date: 10/04/2012

Request to download
CSA/ISACA Cloud Market Maturity Study Results

CSA/ISACA Cloud Market Maturity Study Results

Release Date: 09/27/2012

A collaborative project by ISACA and CSA, the Cloud Market Maturity study provides business and IT leaders with insight into the maturity of cloud computing ...

Request to download
SecaaS Category 1 // Identity and Access Management Implementation Guidance

SecaaS Category 1 // Identity and Access Management Implementation Guidance

Release Date: 09/26/2012

This document addresses personnel involved in the identification and implementation of the IAM solution in the cloud. It will be of particular interest to th...

Request to download
Mobile Device Management: Key Components

Mobile Device Management: Key Components

Release Date: 09/20/2012

With the growth in the number of applications, content, and data being accessed through a variety of devices, Mobile Device Management (MDM) is vital to mana...

Request to download
Cloud Controls Matrix v1.3

Cloud Controls Matrix v1.3

Release Date: 09/20/2012

This is an old version of the Cloud Controls Matrix (CCM). You learn more and download the latest version of the CCM here: https://cloudsecurityalliance.org/...

Request to download
PLA Initiative Research Sponsorship Outline

PLA Initiative Research Sponsorship Outline

Release Date: 08/27/2012

Request to download
OCF Vision Statement

OCF Vision Statement

Release Date: 08/17/2012

The CSA Open Certification Framework is a program for flexible, incremental and multi-layered cloud provider certification according to the Cloud Security Al...

Request to download
Innovation Initiative Overview Powerpoint

Innovation Initiative Overview Powerpoint

Release Date: 02/24/2012

Request to download
Innovation Initiative Charter

Innovation Initiative Charter

Release Date: 02/24/2012

Request to download
Cloud Consumer Advocacy Questionnaire

Cloud Consumer Advocacy Questionnaire

Release Date: 11/16/2011

The purpose of this survey was to capture the current state of data governance and data security capabilities offered by leading cloud service providers in t...

Request to download
CSA Security Guidance Domain 3: Legal Issues: Contracts and Electronic Discovery

CSA Security Guidance Domain 3: Legal Issues: Contracts and Electronic Discovery

Release Date: 11/14/2011

This domain highlights some of the legal aspects raised by cloud computing. It provides general background on legal issues that can be raised by moving data ...

Request to download
« First
21
22
23
25
27
Last »