Working Group

Top Threats

Introduction

The shift from traditional client/server to service-based models is transforming the way technology departments think about, designing, and delivering computing technology and applications. However, the improved value offered by cloud computing advances have also created new security vulnerabilities, including security issues whose full impacts are still emerging.The CSA Top Threats Working Group aims to provide organizations with an up-to-date, expert-informed understanding of cloud security risks, threats and vulnerabilities in order to make educated risk-management decisions regarding cloud adoption strategies.

Artifacts

Top Threats to Cloud Computing: Egregious Eleven
Top Threats to Cloud Computing: Egregious Eleven

The report provides organizations with an up-to-date, expert-informed understanding of cloud security concerns in order to make educated risk...

Cloud Penetration Testing Playbook
Cloud Penetration Testing Playbook

This work focuses on testing systems and services hosted in public cloud environments. This refers to customer-controlled or customer-managed...

Top Threats to Cloud Computing: Deep Dive
Top Threats to Cloud Computing: Deep Dive

This case study attempts to connect all the dots when it comes to security analysis by using nine anecdotes cited in the Top Threats for its ...

The Treacherous 12 – Top Threats to Cloud Computing + Industry Insights - Japanese Translation
The Treacherous 12 – Top Threats to Cloud Computing + Industry Insights - Japanese Translation

誰も予測できなかった速さで、クラウドコンピューティングはビジネスや政府に等しく変容を迫り、そ して新たなセキュリティ課題をもたらしている。クラウドのサービスモデルが開発されることで、ビジ ネスを支える技術はかつてないほど効率性の高いものになった。サーバを保有する発想からサービ ス利...

Top Threats to Cloud Computing Plus: Industry Insights
Top Threats to Cloud Computing Plus: Industry Insights

Abstract: The Top Threats to Cloud Computing Plus: Industry Insights serves as a validation of the relevance of security issues discussed in ...

‘The Treacherous Twelve’ Cloud Computing Top Threats in 2016
‘The Treacherous Twelve’ Cloud Computing Top Threats in 2016

“The Treacherous 12 - Cloud Computing Top Threats in 2016” plays a crucial role in the CSA research ecosystem. The purpose of the report is t...

The Notorious Nine: Cloud Computing Top Threats in 2013
The Notorious Nine: Cloud Computing Top Threats in 2013

Providing organizations with up-to-date, expert-informed understanding of cloud security threats in order to make educated risk-management de...

Open Peer Reviews

Artifact reviews allow security professionals from around the world to collaborate on CSA research. Provide your feedback on the following documents in progress.

Leadership

Jon-Michael Brook Headshot

Jon-Michael C. Brook, Principal at Guide Holdings, LLC, has 20 years of experience in Information Security with such organizations as Raytheon, Northrop Grumman, Booz Allen Hamilton, Optiv Security...

 
Jon-Michael Brook
 
Scott Field Headshot Missing
Scott Field
Dave Shackleford Headshot Missing
Dave Shackleford