This group aims to benefit all parties in the Software-as-a-Service (SaaS) ecosystem by supporting a common understanding of SaaS related risks from the perspectives of the cloud customer and cloud service provider.View Current Projects
Working Group Leadership
Ronald has served CSA in numerous capacities, including as a member of CSA's APAC Research Advisory and International Standardization Council. Additionally, he co-chairs the Open Certification Framework (OCF), SaaS Governance, and DevSecOps working groups. He is the founder and CEO of Ribose, where under his leadership the company has been consistently awarded the industry's highest cloud security ratings, including being the on...
|Publications in Review||Open Until|
|Telesurgery Tabletop Guide Book||Dec 16, 2022|
|Security Guidance for Critical Areas of Focus in Cloud Computing v5 - Section 2: Organization Management||Dec 18, 2022|
|ATT&CK & D3FEND with a CAVEAT||Dec 23, 2022|
|Security Guidance for Critical Areas of Focus in Cloud Computing v5 - Outline||Mar 31, 2023|
Who can join?
Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.
What is the time commitment?
The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.
Attend our next meeting. You can just listen in to decide if this group is a good for you or you can choose to actively participate. During these calls we discuss current projects, and well as share ideas for new projects. This is a good way to meet the other members of the group. You can view all research meetings here.
No scheduled meetings for this working group in the next 60 days.
Open Peer Reviews
Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.
Telesurgery Tabletop Guide Book
Open Until: 12/16/2022
The purpose of this guidebook is to assist healthcare providers in planning and facilitating a discussion and evaluation of...
Security Guidance for Critical Areas of Focus in Cloud Computing v5 - Section 2: Organization Management
Open Until: 12/18/2022
With the growing amount of cloud applications that customers are using, it is as important as ever to get a handle on the m...
ATT&CK & D3FEND with a CAVEAT
Open Until: 12/23/2022
Cybersecurity practitioners continue to search for adversarial threat models to drive system assessment and operational ana...
Security Guidance for Critical Areas of Focus in Cloud Computing v5 - Outline
Open Until: 03/31/2023
The proposed outline for the Cloud Security Alliance Security Guidance for Critical Areas of Focus in Cloud Computing v5 is...