In 2023, a threat actor launched a social engineering campaign on Retool involving smishing & credential harvesting, leading them to a one-time password token.

The Cloud Security Alliance (CSA) events are available worldwide and allow attendees to network while learning more about best practices for cloud security.

Traditional cybersecurity risk management is becoming ineffective. This survey report shows how data security risk assessment practices still need to change.

Why do manual identity workflows continue to exist, when the consequences of getting them wrong are so serious and when ...

This comprehensive glossary combines all the glossaries created by CSA Working Groups and research contributors into one place. If you have a question or need other assistance please reach out to ...

Security remediation involves identifying, evaluating, and addressing security vulnerabilities to mitigate potential risks. In the ever-evolving landscape of cybersecurity, this remains a critical ...

Working Group Overview This working group aims to develop Zero Trust standards to achieve consistency for cloud, hybrid and mobile endpoint environments. The topic of group discourse include Zero ...

Establishing AI governance and compliance standards, shaping policy, and setting the industry benchmark.

CSA’s working groups develop best practices, research and tools for cloud security. Each group focuses on a unique topic or aspect of cloud security.

CSA's AI Controls Matrix represents a paradigm shift in AI governance, providing the first comprehensive framework designed for trustworthy AI implementation.

These organizations have signed the CSA AI Trustworthy Pledge, demonstrating their commitment to responsible AI development and deployment. Each signed organization has affirmed their alignment with ...

This survey analyzes the level of adoption of cloud solutions and requirements from financial institutions’ perspectives. The study analyzed the cloud usage of financial institutions across three main ...