Cloud Security Alliance

IaC Security in the Age of AI: New Threats, Smarter Solutions

Explores how AI impacts IaC security—from misconfigurations to drift—and practical steps like policy-as-code, guardrails, and ...
Cloud Security Alliance

Choosing the Right Key Responsibility Model

Explores PMKs, CMKs, BYOK, and HYOK, showing how cloud key management models affect risk, control, and regulatory compliance.
Cloud Security Alliance

AWS Ends SSE-C Encryption, and a Ransomware Vector

SSE-C stands (well, stood) for “Server Side Encryption- Customer-provided keys”. It allowed you to provide an encryption key ...
Cloud Security Alliance

AAGATE: A NIST AI RMF-Aligned Governance Platform for Agentic AI

As autonomous, reasoning-driven agents begin executing code, invoking APIs, and spawning sub-agents at machine speed, enterprises face a new governance challenge. Traditional AppSec and compliance ...
Cloud Security Alliance

Top Threats to Cloud Computing: Egregious Eleven Deep Dive

CSA's Cloud Infrastructure Security training provides a high-level introduction to the most critical cloud security topics through virtual self-paced courses. Each Cloud Infrastructure Security ...
Cloud Security Alliance

Agentic AI Red Teaming Guide

Learn the core concepts, best practices and recommendation for securing an organization on the cloud regardless of the provider or platform. Covering all 14 domains from the CSA Security Guidance v4, ...
Cloud Security Alliance

AI Model Risk Management Framework

Learn the core concepts, best practices and recommendation for securing an organization on the cloud regardless of the provider or platform. Covering all 14 domains from the CSA Security Guidance v4, ...
Cloud Security Alliance

Analyzing Log Data with AI Models to Meet Zero Trust Principles

Learn the core concepts, best practices and recommendation for securing an organization on the cloud regardless of the provider or platform. Covering all 14 domains from the CSA Security Guidance v4, ...
Cloud Security Alliance

Roles and Responsibilities of Third Party Security Services

Learn the core concepts, best practices and recommendation for securing an organization on the cloud regardless of the provider or platform. Covering all 14 domains from the CSA Security Guidance v4, ...
Cloud Security Alliance

Cloud Octagon Model

Learn the core concepts, best practices and recommendation for securing an organization on the cloud regardless of the provider or platform. Covering all 14 domains from the CSA Security Guidance v4, ...
Cloud Security Alliance

Cloud Controls Matrix v3.0

Learn the core concepts, best practices and recommendation for securing an organization on the cloud regardless of the provider or platform. Covering all 14 domains from the CSA Security Guidance v4, ...
Cloud Security Alliance

CSA's Perspective on Cloud Risk Management

Learn the core concepts, best practices and recommendation for securing an organization on the cloud regardless of the provider or platform. Covering all 14 domains from the CSA Security Guidance v4, ...