Originally published by Abnormal Security.Account takeover (ATO) is a well-known attack method that has been documented for years. However, a less common type of attack occurs when ATO is used as the initial attack vector to gain access to another account, this is known as cross-platform ATO. In this article, we’ll showcase four scenarios where […]
Category Archives: Cloud Security Alliance
Category Added in a WPeMatico Campaign
Written by Rahul Kalva.Abstract The integration of artificial intelligence (AI) into DevSecOps is reshaping the way organizations approach security within their software development and deployment processes. As DevSecOps aims to embed security practices seamlessly into the DevOps pipeline, AI brings transformative capabilities that address the growing complexities and threats in modern software environments. From predictive […]
Written by Adam Cheriki, Co-Founder & CTO, Entro Security.As cloud-native architectures transform business operations, they bring unique security challenges. The rapid expansion of microservices, containers, and serverless functions has increased the number of secrets, making their protection a pressing concern. Why SOC2 Matters for Security SOC2 (Service Organization Control Type 2) is a crucial framework […]
As the Cloud Security Alliance (CSA) celebrates its 15th anniversary, we take pride in the organization’s extensive research accomplishments throughout the years that have defined the trajectory of cloud security. Since its founding in 2009, CSA has produced groundbreaking research that has set the benchmark for best practices in cloud security. This robust body of […]
For decades, the cybersecurity industry has relied on the Common Vulnerabilities and Exposures (CVE) program to standardize vulnerability documentation and guide threat intelligence. The program assigns a unique identifier to each discovered security vulnerability. Then, it ranks the vulnerability’s severity using the Common Vulnerability Scoring System (CVSS).Despite the widespread reliance on CVE, the system has […]
Written by Satyavathi Divadari, Founder and President of the CSA Bangalore Chapter, in collaboration with the AI Technology and Risk Working Group.In the fast-paced world of media, where delivering authentic news quickly is essential, cybersecurity plays a critical role in protecting data, ensuring privacy, and upholding journalistic standards. With my experience as a Director of […]
Originally published by Schellman.Written by Jordan Hicks.Generally, with new cybersecurity regulations, organizations affected are provided a “grace period” to make the necessary adjustments to achieve full compliance before enforcement begins. Looking toward the horizon and 2025, many new laws will be coming into full effect, which means organizations will now likely be subject to various […]
As the Cloud Security Alliance (CSA) celebrates its 15th anniversary, we reflect on the pivotal role CSA volunteers and contributors have played in shaping the future of cloud security. Founded in 2009, CSA quickly established itself as an instrumental leader in the cloud security space, dedicated to defining and promoting best practices for securing the […]
Written by CSA’s Top Threats Working Group.In this blog series, we cover the key security challenges from CSA’s Top Threats to Cloud Computing 2024. Drawing from insights of over 500 experts, we’ll discuss the 11 top cybersecurity threats, their business impact, and how to tackle them. Whether you’re a professional or a beginner, this series […]
Originally published by Britive.Groups make it easier to assign permissions to multiple users at once, reducing the administrative burden and shortening delays on getting appropriate levels of access. Traditional identity governance and administration (IGA) solutions have been pivotal in managing roles and groups across various systems within organizations. However, as organizations expand and modernize their […]