Cloud Security Alliance

How CSA STAR Helps Cloud-First Organizations Tackle Modern Identity Security Risks

Explains how CSA STAR guides cloud-first organizations to manage identity risk, govern access, and continuously assure cloud security.
Cloud Security Alliance

Logic-Layer Prompt Control Injection (LPCI): A Novel Security Vulnerability Class in Agentic Systems

Explores LPCI, a new security vulnerability in agentic AI, its lifecycle, attack methods, and proposed defenses.
Cloud Security Alliance

Minimizing Permissions for Cloud Forensics: A Practical Guide to Tightening Access in the Cloud

Practical, security-first strategies to enable cloud forensics with least privilege, dedicated accounts, temporary ...
Cloud Security Alliance

Certificate of Cloud Security Knowledge (CCSK)

The CCSK certificate is highly regarded as the benchmark for cloud security expertise. It provides a comprehensive and unbiased understanding of how to effectively secure data in the cloud. Earning ...
Cloud Security Alliance

Non-Human Identity Governance: Why IGA Falls Short

Explains why traditional IGA fails for non-human identities and outlines continuous, context-driven governance for AI agents ...
Cloud Security Alliance

Resolving The Coordination Gap in Modern Cloud Security

Explores how continuous monitoring and structured check-ins close the coordination gap in cloud security, boosting ...
Cloud Security Alliance

The Agentic Trust Framework: Zero Trust Governance for AI Agents

Overview of the Agentic Trust Framework (ATF), an open governance spec applying Zero Trust to autonomous AI agents, with ...
Cloud Security Alliance

Bridging the Gap Between Cloud Security Controls and Adversary Behaviors: A CSA–MITRE CTID Collaboration

As the cloud threat landscape evolves, so too must the methodologies we use to defend against it. By bridging the gap between ...