The Serverless working group seeks to develop best practices to help organizations that want to run their business with a serverless business model. With the complexity of this business model, it is imperative that industry best practices are established to provide companies with guidelines to achieve compliance and security.View Current Projects
- We are creating a FaaS Serverless Control Framework (Set) based on NIST 800-53 R5 controls.
- Document drafts
- Group charter
Working Group Leadership
Senior Director Executive- Cloud Security
Aradhna serves as a Senior Director Executive- Cloud Security at TIAA, a financial services company. She is responsible for the cloud security vision, strategy, standards, security patterns for a multi-cloud hybrid enterprise and engineer security solutions, to support the vision. Aradhna has worked in various Cybersecurity leadership roles at JP Morgan Chase, Boeing Company, Microsoft & T-Mobile.
Aradhna is an active member in the cy...
Chief Technologist at McAfee Enterprise, Head of Cloud Native Security
Vishwas is the co-chair of CSA’s Serverless working group and a contributor to theApplication Containers and Microservices working group. He has served as a presenter at the CSA Virtual EU Summit 2020, and as chair of the Silicon Valley chapter. He is the head of Cl...
|Publications in Review||Open Until|
|Annex 10 to the CSA Code of Conduct for GDPR Compliance||Apr 10, 2023|
|CCPA - CSA Code of Conduct Gap Resolution||Apr 10, 2023|
|CCMV4-Lite||May 15, 2023|
|Security Guidance for Critical Areas of Focus in Cloud Computing v5 - Outline||Jun 01, 2023|
Who can join?
Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.
What is the time commitment?
The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.
Attend our next meeting. You can just listen in to decide if this group is a good for you or you can choose to actively participate. During these calls we discuss current projects, and well as share ideas for new projects. This is a good way to meet the other members of the group. You can view all research meetings here.
No scheduled meetings for this working group in the next 60 days.
Open Peer Reviews
Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.
Annex 10 to the CSA Code of Conduct for GDPR Compliance
Open Until: 04/10/2023
This annex from the Privacy Le...
CCPA - CSA Code of Conduct Gap Resolution
Open Until: 04/10/2023
This spreadsheet from the Priv...
Open Until: 05/15/2023
Purpose and Scope of CCMv4-LiteCloud Security Alliance and the CCM WG have been developing a li...
Security Guidance for Critical Areas of Focus in Cloud Computing v5 - Outline
Open Until: 06/01/2023
The proposed outline for the Cloud Security Alliance Security Guidance for Critical Areas of Focus in Cloud Computing v5 is...