In 2023, a threat actor launched a social engineering campaign on Retool involving smishing & credential harvesting, leading them to a one-time password token.

This comprehensive glossary combines all the glossaries created by CSA Working Groups and research contributors into one place. If you have a question or need other assistance please reach out to ...

This mapping aims to identify the alignment between the AICM’s controls and the EU AI Act’s requirements, identifying areas of full, partial, or no coverage. Each control in the AICM is compared ...

These organizations have signed the CSA AI Trustworthy Pledge, demonstrating their commitment to responsible AI development and deployment. Each signed organization has affirmed their alignment with ...

The flexibility and scalability of virtualization comes with significant risks if security and management practices are not ...

Why do manual identity workflows continue to exist, when the consequences of getting them wrong are so serious and when ...

With real-time insight, defined ownership, & tools that uncover more than surface-level, teams can turn SaaS from a ...

Find resources to learn more about microservices and application containers to implement secure DevOps within your organization.

AI agents are non-human identities that don’t just hold credentials—they do something with them. How can we apply Zero Trust ...

CSA is moving toward a more streamlined community experience for joining working groups, connecting with local chapters, and ...

Most companies have not turned cybersecurity awareness—especially in cloud & SaaS environments—into action. They need to ...

Hypervisors have demonstrated the potential for widespread outages and data loss. SOC 2 offers a robust compliance framework ...