ChaptersEventsBlog
Get Free Early Access to TAISE Module 3! Sample the Certificate Experience Today!

Working Group

CAVEaT™

The Joint CSA-MITRE Cloud Adversarial, Vectors, and Threats (CAVEaT) Collaboration to develop, curate, and host a cloud specific threat model to assist Cloud Security practitioners with threat-based analysis.
Cloud Adversarial Vectors, Exploits, and Threats (CAVEaT™): An Emerging Threat Matrix for Industry Collaboration
Cloud Adversarial Vectors, Exploits, and Threats (CAVEaT™): An Emerging Threat Matrix for Industry Collaboration

Download

CSA and the MITRE Corporation have established the Cloud Adversarial, Vectors, Exploits, and Threats (CAVEaT) collaboration to develop, curate, and host cloud specific threat models to assist Cloud Security practitioners with threat-based analysis.

Working Group Leadership

Kurt Seifried
Kurt Seifried

Kurt Seifried

Chief Innovation Officer, CSA

For over two decades, Kurt has excelled in information security, starting with Windows and Linux, and advancing to cloud computing and AI. With a strong focus on AI security, privacy, and open source, Kurt brings extensive expertise to the Cloud Security Alliance (CSA).

Read more

Dr. Mari Spina
Dr. Mari Spina

Dr. Mari Spina

Sr. Principal Cybersecurity Engineer / Cloud Security Capability Leader at MITRE

Dr. Spina joined MITRE in 2014 and has been supporting a multitude of MITRE Federal sponsors including DHS, DoD and the IC in the area of Cloud Security. At MITRE, she is a Principle Cybersecurity Engineer, leads the Cloud Security Capability Area, and teaches Cloud Security for the MITRE Institute. She has also taught many Information Technology courses for the George Washington University schools of engineering and business. Before joini...

Read more

Alex Kaluza
Alex Kaluza

Alex Kaluza

Research Analyst, CSA

Publications in ReviewOpen Until
Key Management in Cloud Services 2025 Update Sep 26, 2025
Applying Zero Trust Principles with Network-Infrastructure Hiding Protocol - Stealth Mode Software Defined Perimeter for Network InfrastructureOct 16, 2025
Enabling Zero Trust for Cellular Networks - Guidance for Securing Mobile NetworksOct 16, 2025
View all
Who can join?

Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.

What is the time commitment?

The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.

Open Peer Reviews

Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.

Learn how to participate in a peer review here.

Key Management in Cloud Services 2025 Update

Open Until: 09/26/2025

This document is an updated edition of the original “Key Management in Cloud Services” paper, first published in 2020. ...

Applying Zero Trust Principles with Network-Infrastructure Hiding Protocol - Stealth Mode Software Defined Perimeter for Network Infrastructure

Open Until: 10/16/2025

Our core TCP/IP networking systems and protocols have been with us since the 1970s, and have in many ways served us well. T...

Enabling Zero Trust for Cellular Networks - Guidance for Securing Mobile Networks

Open Until: 10/16/2025

The rapid evolution of cellular network technologies, particularly the rollout of 5G, Open Radio Access Network (ORAN), and...