Join CSA & AWS at RSAC for Evolution of the Cyber Landscape, where top CISOs, founders, and investors dive into how AI is transforming threat detection, security ops, and investment strategy. From autonomous AI to adversarial threats—don’t miss this powerhouse ... Learn More
The Agentic AI Red Teaming Guide is now open for peer review and seeking contributions. Agentic systems introduce new risks—autonomous reasoning, tool use, and multi-agent complexity—that traditional red teaming can’t fully address. This guide aims to ... Learn More
Vibe coding is an AI-assisted approach where developers describe what they want in natural language—and LLMs generate the code. Once seen as experimental, it’s now gaining momentum for fast, flexible development. Read More → https://bit.ly/3YrOBgp ... Learn More
To connect on the call: Join Zoom Meeting https://cloudsecurityalliance.zoom.us/j/88930805728 Meeting ID: 889 3080 5728 ------------------------------ Marina Bregkou, Senior Research Analyst, CSA ------------------------------ Learn More
Before unveiling CSA’s Top Threats to Cloud Computing 2025, let’s revisit 2024’s biggest risks. Threat #7: Accidental Data Disclosure. Accidental data disclosures remain a major risk across cloud platforms. With 21.1% of public buckets holding sensitive ... Learn More
An open CSA community.
last person joined 21 hours ago
Are you sure you want to join this community?
Would you like to visit the community homepage now?
The working group will advocate for and promote the adoption of Zero Trust security principles, providing practical and technically sound guidance on how organizations can and should approach this, for their cloud and on-premise environments along with mobile endpoints. This group will build on and leverage established and recognized zero trust frameworks and controls. The goals of the CSA Zero Trust (ZT) Working Group are to:- Act as a source of education and outreach on the adoption of Zero Trust as a modern and necessary approach to information security- Take a deliberately technology and vendor-neutral approach to architectures and approaches for mature Zero Trust implementations. - Aim to educate the industry about the strengths and weaknesses of different approaches so enterprises can make informed decisions based on their specific needs and priorities.- Be able to take technically sound positions and make defensible recommendations on Zero Trust while remaining vendor-neutral
last person joined 2 days ago
This group revolves around CSA’s CCSK training content, based off of CSA’s Security Guidance document. The CCSK training provides learners with a foundational knowledge of cloud computing environments and terminology. This community is an open group for CCSK test takers, trainers, and anyone interested in the training to connect, converse, ask questions, and share resources. This group has a no soliciting policy. We are happy to direct members to the Inner Circle for any cloud related advertisement announcements.
Businesses are now demanding a stronger collaboration between both development and operational teams and adding their relative security teams. This additional force that creates DevSecOps is transferable to the idea that prior to this implementation, DevOps skipped the security step which after deployment of applications created roadblocks once confronted with issues that arose with this specific exclusion. The true focus of DevSecOps is to create a transparent and full circle management life cycle that leverages all of the components of DevSecOps to ensure timely and full functioning application deployment that include proper security steps through every process rather than at the end.
This group revolves around CSA’s CCAK training content, based off of the work done by the Cloud Audit Expert Group. The CCAK training content offers an overview of auditing a cloud environment as well as provides several resources for CSPs, CSCs, and Auditors alike to take advantage of. This is an open group for CCAK test takers, trainers, and anyone interested in the training to connect, converse, ask questions, and share resources. This group has a no soliciting policy. We are happy to direct members to the Inner Circle for any cloud related advertisement announcements.
This group revolves around CSA’s ACSP hands-on training. The ACSP course provides a deeper dive into cloud security knowledge that builds on the CCSK. This is an open group for ACSP students, trainers, and anyone interested in the training to connect, converse, ask questions, and share resources. This group has a no soliciting policy. We are happy to direct members to the Inner Circle for any cloud related advertisement announcements.
In today's world of so many SecaaS offerings, CSA's SecaaS working group strives to establish general categories of security services, and provides guidance on what should be expected as a standard set of functionalities in any given category.This working group is in the process of being revitalized, and co-chairs are currently being determined. Once leadership is confirmed, charter revision and forecasting deliverables will begin.
last person joined 3 days ago
AI Technology & Risk
last person joined yesterday
This working group aims to educate, promote best practices, and advance Identity standards by fostering a culture of collaboration between various organizations to achieve consistent and effective IAM practices in and for the cloud. The working group will author guidelines and best practices, and promote standards that enhance the lives of technology professionals tasked with adopting and optimizing IAM systems for use with cloud services.
last person joined 10 days ago
A private community for CSA UK Chapter to share and collaborate.
last person joined 13 days ago
The mission of the CSA FSI community and research working groups is to bring together financial service institutions, financial supervisory authorities, and other national regulatory bodies along with relevant cloud and fintech service providers. Together they discuss and identify commonly acceptable best practices that will help manage the technical security risks related to secure cloud adoption, and facilitate compliance with laws and regulations.
last person joined 17 days ago
A private community for CSA Bangalore Chapter to share and collaborate.
A private community for CSA Triangle (Triangle Area of North Carolina) Chapter to share and collaborate. We reach throughout the eastern portion of North Carolina to all who are interested in learning more about Cybersecurity. We are a 501c3 non-profit organization based in Raleigh, North Carolina and are actively seeking members to join and engage. Our chapter actively supports Veterans and welcome those with backgrounds in IT and Cybersecurity to engage, share their experiences and grow professionally.
This working group has been created to guide the creation of an open source and automation compatible vulnerability identification framework. By making it easy to generate and consume vulnerability information, the cybersecurity industry will be better equipped to rapidly respond to emerging threats.
A private community for CSA Washington DC Metro Area Chapter to share and collaborate.
last person joined 11 days ago
A private community for CSA Carolinas Chapter to share and collaborate.
last person joined 18 days ago
A private community for CSA Nashville Chapter to share and collaborate.
last person joined 15 days ago
CSA Italy si rivolge a professionisti ed imprese in Italia che credono nel successo del modello Cloud Computing e nella condivisione di esperienze e buone pratiche per promuoverne l’utilizzo in sicurezza. CSA Italy e' un' associazione no-profit di diritto italiano costituita nell’Ottobre 2011, Capitolo Italiano di Cloud Security Alliance (CSA). CSA Italy si propone di supportare il mercato Information and Communication Technology e Cyber Security in Italia, in particolare le PMI e Pubbliche Amministrazioni, nell’adozione di un approccio consapevole e sicuro al Cloud Computing. Certi del valore che il modello cloud computing può generare nel mercato italiano, CSA Italy intende promuovere:- un’adeguata disciplina di sicurezza dell’utilizzatore di servizi Cloud, a partire da una corretta identificazione delle informazioni che intende trasferire e gestire nel Cloud e consapevolezza della loro importanza, necessaria per richiedere adeguate misure di sicurezza nel Cloud;- stimolare i Cloud Provider ad essere più trasparenti nel comunicare modelli e misure di sicurezza e privacy adottate per la protezione dei dati dei propri Clienti.Per maggiori informazioni potete scrivere a info@csaitaly.it
last person joined 2 months ago
Communauté Circle du Chapitre Français de la CSA -- https://CloudSecurityAlliance.fr
last person joined one month ago