Cloud Security Alliance

VDI, DaaS, or Local Secure Enclaves? A CCM‑Aligned Playbook for BYOD in 2025

Decide between three patterns – streamed desktops (VDI/DaaS), per‑app access via ZTNA and application proxies, and local ...
Cloud Security Alliance

Science Stymied by Spreadsheets? Modernizing DOE Compliance

Explores moving DOE labs from spreadsheets to automated GRC using compliance as code, OSCAL, and AI to accelerate ATO and ...
Cloud Security Alliance

Passwordless Authentication - A Digital Trust Transformation in Combating Credential-Based Attacks

Explores how passwordless authentication strengthens security, reduces credential-based attacks, and advances Zero Trust and ...
Cloud Security Alliance

The Reasoning Revolution: When Logs Finally Explain "Why"

The reasoning transparency that let us forensically understand "why Claude chose Research Initiative Tracker" becomes ...
Cloud Security Alliance

Hypervisor Security in Finance: Why Virtual Infrastructure is a Growing Ransomware Target

Explores why hypervisors are rising ransomware targets in finance and outlines practical defenses and best practices to ...
Cloud Security Alliance

AI-Integrated Cloud Pentesting: How LLMs Are Changing the Game

AI-assisted cloud security testing with LLMs blends automation and human validation for faster, actionable remediation across ...
Cloud Security Alliance

Cloud Security Alliance Launches STAR for AI, Establishing the Global Framework for Responsible and Auditable Artificial Intelligence

The Cloud Security Alliance (CSA), the world’s leading not-for-profit organization committed to AI, cloud, and Zero Trust ...
Cloud Security Alliance

Prepping for Agentic AI: Why We Created the NHI Management Fundamentals Certification

Discover the NHI Management Fundamentals Certification, a practical, vendor-neutral program to govern non-human identities ...
Cloud Security Alliance

Beyond Generative AI – My Journey to Expert-Guided AI

I wrote my first data-driven guidance and measurement app when I founded my first software company three decades ago. Back then, AI was described as a “knowledge-based system!” It became obvious that ...
Cloud Security Alliance

SASE: Securing the New Enterprise Perimeter with Zero Trust

The definition of enterprise security has evolved beyond recognition. Traditionally enterprises used to secure their applications, data and users within their physical locations from external threats.