Explains how dangling CNAMEs enable attackers to hijack trusted subdomains, creating cloud security risks and the need for ...
AI-speed risk requires identity-defined reachability within Zero Trust, reducing exposure and enabling continuous policy ...
Explains why speed alone can't secure defenses. It covers attacker defender timelines, AI's uneven impact, and path deletion ...
STAR-Enabled Solutions are Organizations that have licensed the CSA Cloud Controls Matrix (CCM) or Consensus Assessments Initiative Questionnaire (CAIQ) to be used in their publicly available product ...
From market visibility to trusted security expertise, CSA Corporate Membership equips your organization with the tools and partnerships to thrive. Explore the latest version of CSA’s AI Controls ...
The SKILL .md file is the new package.json. And it's already compromised. Developers and business users trust Claude Skills the way engineers once trusted npm packages. Install a skill on Claude Code, ...
It is tempting to read Mythos as a weapon that arrived overnight. It is more useful to treat Mythos as two things at once: an audit you have already failed, and an alarm for the attacks you have not ...
SEATTLE – June 9, 2026 — A new survey from the Cloud Security Alliance (CSA), the world's leading not-for-profit organization committed to AI, cloud, and Zero Trust cybersecurity education, found that ...
Written by Daniele Catteddu, Chief Technology Officer, CSA. RiskRubric, CSA’s evidence-based risk rating system for AI technologies, is getting some timely updates. These updates aim to expand AI risk ...
Security control frameworks continue to grow in scope and complexity. The CSA AI Controls Matrix (AICM) alone has 243 control objectives. NIST CSF has hundreds of subcategories. Organizations ...