Hybrid Cloud Security
This working group intends to provide suggestions on hybrid cloud governance, hybrid cloud threat profiles and hybrid cloud security evaluation, guiding both users and cloud service providers to choose and provide secure hybrid cloud solutions, and promoting security planning and implementation.Sign-Up
Working Group Leadership
Zou Feng (CISSP-ISSAP, CISA) has been working in IT for 20+ years with strong technical background and broad experience in heterogeneous system and multi-culture environment. Starting as Communication Engineer in ICBC, Feng had taken different roles including Support Supervisor, Regional Network Manager, Senior Security Manager in different industry. His main responsibilities are including designing, engineering, and implementing security t...
Head of IT Security
Narudom is a certified information security professional with more than 20 years of experience. His primary areas of interest in information security are in solution designing, analytics, and application security.
Narudom is currently working with Kiatnakin Bank as SVP and Head of IT Security. He established the bank's information security in a holistic approach, especially in a security architecture and secure software development li...
|Publications in Review||Open Until|
|The Six Pillars of DevSecOps - Pragmatic Implementation||Oct 10, 2022|
|Security Guidance for Critical Areas of Focus in Cloud Computing v5 - Outline||Dec 07, 2022|
Who can join?
Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.
What is the time commitment?
The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.
Open Peer Reviews
Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.
The Six Pillars of DevSecOps - Pragmatic Implementation
Open Until: 10/10/2022
This document provides a high-level overview of the various tools and processes that should be considered when building out...
Security Guidance for Critical Areas of Focus in Cloud Computing v5 - Outline
Open Until: 12/07/2022
The proposed outline for the Cloud Security Alliance Security Guidance for Critical Areas of Focus in Cloud Computing v5 is...