CSA Blog

Originally published by StrongDM.Unauthorized access poses serious threats to businesses, compromising sensitive information and disrupting operations. Cybercriminals leverage vulnerabilities through advanced phishing attacks and API security breaches, underscoring the necessity...

Originally published by Tamnoon.Written by Idan Perez, CTO, Tamnoon.What role does automation play in cloud remediation? Will it replace or simply augment the role of security and R&D teams?Over 60% of the world’s corporate data now resides in the cloud, and securing this environment...

Document promotes and demonstrates the importance of clear measurements for security performance in DevSecOpsSEATTLE – May 15, 2024 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure...

Written by Denis Mandich, Member of the CSA Quantum-Safe Security Working Group and CTO of Qrypt.Apple recently updated their iMessage application with stronger security features, adopting cryptography believed to be secure against attack by quantum computers. They use common end...

Originally published by Valence.Written by Jason Silberman.Valence Security has released the 2024 State of SaaS Security Report. Among the primary themes we saw in the report—which combines an industry survey with data collected by Valence from hundreds of real enterprise SaaS applications...

As cloud computing continues to be a pivotal force in IT infrastructure, it’s crucial for organizations to understand and use effective cloud security strategies to protect their data. This blog provides a short guide based on CSA’s Security Guidance, showing key ways to secure cloud...

Originally published by BARR Advisory.Written by Brett Davis.In today’s business landscape, relationships are paramount. But while the focus often lies on customer relationships, relationships with vendors are equally crucial. Establishing trust with vendors facilitates smooth operations...

Originally published by Cyera.Written by Jonathan Sharabi.The Securities and Exchange Commission (SEC) rules set forth on July 26th, 2023, require that nearly all companies that file documents with the SEC (“registrants”) must describe the processes and management procedures they...

Written by Devin Maguire, ArmorCode.Security and risk are related but not synonymous. Security prevents, detects, and responds to attacks and is a key variable in the broader category of risk management. Risk management weighs the probability and impact of adverse events across the...

Originally published by Truyo.Written by Dan Clarke.Utah’s foray into the realm of artificial intelligence (AI) regulation is marked by the passage of Senate Bill 149, the Artificial Intelligence Policy Act. While many states grapple with the complexities of AI governance, Utah’s...

Originally published by Tamnoon.Written by Michael St.Onge, Principal Security Architect, Tamnoon.In the fast-evolving cloud security landscape, successful remediation isn’t just about fixing issues when they arise – it’s equally about preventing the recurrence of these issues.Prevention...

Originally published by Dazz.Written by Tomer Schwartz, Co-founder & CTO, Dazz.In the intricate world of software supply chain, the recent near-miss incident with CVE-2024-3094–the xz/liblzma backdoor–serves as a potent reminder of our system's fragility and the constant vigilance...

Originally published by Oasis Security.Written by Joel McKown, Solutions Engineer, Oasis Security.There are many inevitabilities in technology, among them is that rapid innovation will introduce unique risks and 3 letter acronyms will abide. Generative AI conversations have become...

Originally published by Automox.Episode SummaryThis episode of Automate IT with David van Heerden explores the topic of end user happiness and how it relates to automation in IT. David discusses two different approaches taken by ISPs to improve customer satisfaction: a tech-driven...

Originally published by CXO REvolutionaries. Written by Tony Fergusson, CISO in Residence, Zscaler.Trust is a fundamental aspect of human interaction, forming the foundation of relationships and societal harmony. However, trust can be deceptive, concealing hidden vulnerabilities...