Cloud Security Alliance

Understanding STAR for AI Level 2: A Practical Step Toward AI Security Compliance

CSA's provisional STAR for AI Level 2 designation assesses ISO/IEC 42001, AI-CAIQ, and Valid-AI-ted scoring to show AI ...
Cloud Security Alliance

SSCF v1.0: The Standard That Simplifies SaaS Security

Overview of SSCF v1.0, a vendor-agnostic SaaS security standard by CSA, outlining six pillars and adoption guidance.
Cloud Security Alliance

An Overview of the EU Cyber Resiliency Act (EU CRA)

The EU Cyber Resilience Act sets a new regulatory benchmark for product cybersecurity. Learn about the Act’s scope, key ...
Cloud Security Alliance

Least Privilege Demands that Identity Goes Beyond IAM Teams to App, Data & Security Teams

Explore how IAM, SecOps, and data owners collaborate to implement least privilege, mitigating risk and privilege sprawl ...
Cloud Security Alliance

Prepare for Q-Day with Hybrid Mode Key Exchange

Organizations that move sensitive data over HTTPS, SSH, or VPNs can prepare for post-quantum by using encryption in transit ...
Cloud Security Alliance

SecretPoint: How OneDrive Auto-Sync Turns SharePoint into a Hidden Secrets Vault

One in five exposed enterprise secrets originated from SharePoint due to a default OneDrive auto-sync feature. Learn what ...