when relevant content is
added and updated.
The Cloud Security Alliance (CSA) is a nonprofit organization that promotes research into best practices for securing cloud computing and the ability of cloud technologies to secure other forms of computing. The industry group also provides security education and guidance to companies implementing cloud computing and helps vendors address security in their software delivery models. CSA membership is open to any interested parties with expertise to contribute to the security of cloud computing.
The CSA leads a number of ongoing research initiatives through which it provides white papers, tools and reports to help companies and vendors secure cloud computing services. The CSA GRC Stack, for example, provides a toolkit for assessing private and public clouds against industry-established security best practices. The CloudAudit project seeks to simplify the process of gathering audit data by creating a standard way for cloud providers to communicate how they address security, governance and compliance.
The CSA Security, Trust & Assurance Registry (STAR) program for security assurance in the cloud seeks to reduce or eliminate the per-relationship cost for the provider and customer and increase the consistency of evaluations from assessor to assessor. The basic premise of STAR is that a service provider can voluntarily undertake an objective assessment of its own environment, publish it to a registry and allow the results to be viewed by existing, new, and potential customers. Continued…
Quote of the Day
“Cloud customers can be tempted to ignore isolation attacks. This is problematic in the face of a situation like Flip Feng Shui.” – Ed Moyle
How the Flip Feng Shui technique undermines cloud security
Flip Feng Shui leverages Rowhammer and memory deduplication to exploit hypervisors. Here’s what enterprises need to know about it.
CSA cloud metrics validate perceptions on cloud computing risk
Cloud Security Alliance recently released a study revealing in-depth data on cloud adoption and influences. The CSA cloud market maturity study also examined cloud business risk.
Can the Cloud Security Alliance help with comparing cloud providers?
Cloud security expert Dan Sullivan explains how the Cloud Security Alliance’s Privacy Level Agreement for Europe v2 can help U.S. companies with comparing cloud providers.
An introduction to cloud computing security certifications
SearchCloudSecurity’s guide to cloud computing security certifications looks at the top vendor-specific and vendor-neutral cloud security certifications.
CSA Guide to Cloud Computing
In this excerpt of CSA Guide to Cloud Computing, authors Rai Samani, Brian Honan and Jim Reavis review cloud security threats based on research by the CSA’s Top Threats Working Group.
Writing for Business
The Cloud Security Alliance (CSA) has worked with European officials to support implementation of the ______ privacy laws and regulations.