Cloud Security Alliance

Zero Trust in the Cloud: Designing Security Assurance at the Control Plane

Written by Moses Ashang, Senior Cloud Engineer, Verint. The way cloud systems are designed has quietly changed. What we used to view as a collection of servers and networks is now shaped by decisions ...
Cloud Security Alliance

Leveling Up Autonomy in Agentic AI

Explores a six-level autonomy taxonomy for agentic AI, governance, and risk-aligned controls to safely deploy autonomous ...
Cloud Security Alliance

AI Governance Framework Adoption in Cloud-Native AI Systems: Phased Approach and Considerations

A phased guide to AI governance in cloud-native systems, aligning ISO 42001:2023 and NIST AI-RMF with lifecycle controls, ...
Cloud Security Alliance

The Breach That Did Not Need a Hacker: How Ordinary Identity Gaps Create Extraordinary Damage

FinWise shows how ordinary identity gaps, not hackers, can trigger data breaches; learn identity governance and offboarding ...
Cloud Security Alliance

Agentic AI Pen Testing: Speed at Scale, Certainty with Humans

AI-first, human-validated pen testing accelerates coverage and reduces cycle time, while humans validate and translate findings into real business risk.
Cloud Security Alliance

SCC WG 2026 Charter

Learn the core concepts, best practices and recommendation for securing an organization on the cloud regardless of the provider or platform. Covering all 14 domains from the CSA Security Guidance v4, ...
Cloud Security Alliance

Securing AI in CMMC Level 2 Environments: A Strategic Guide for CISOs and Cloud Security Engineers

Leveraging generative AI and machine learning can offer huge productivity gains – even for organizations handling sensitive Controlled Unclassified Information (CUI) and Federal Contract Information ...
Cloud Security Alliance

AWS Launches European Sovereign Cloud: What You Need to Know and What You Need to Do

Overview of AWS European Sovereign Cloud (ESC): purpose, ownership, regional structure, security features, gaps, and ...