Originally published by Adaptive Shield.Inside the HackEarlier this week, Twilio issued a security alert informing customers that hackers had exploited a security lapse in the Authy API to verify Authy MFA phone numbers. Hackers were able to check if a phone number was registered with Authy by feeding the number into an unauthenticated API endpoint. […]
Category Archives: Cloud Security Alliance
Category Added in a WPeMatico Campaign
Originally published by CXO REvolutionaries.Written by Ben Corll, CISO in Residence, Zscaler.Leadership. It’s a word that’s often tossed around (as if we all understand what it is and how it’s performed). Yet, truly effective leaders are very hard to find. Some might see leadership as a natural progression of their career. In reality, navigating the […]
Originally published by Oasis.Non-human identities, or NHIs, serve as digital gatekeepers, enabling secure machine-to-machine and human-to-machine access and authentication within modern enterprise systems. The push for innovation has led to the adoption of microservices, third-party solutions, and cloud-based platforms, creating a complex web of interconnected systems. In this intricate network, NHIs are key players in […]
Annul program recognizes individuals who best exemplify CSA valuesSEATTLE – July 11, 2024 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, is pleased to announce its inaugural list of Chapter Ambassadors. The CSA Chapter Ambassador program annually […]
Written by MJ Schwenger, Member of the CSA AI Working Group.Originally published on LinkedIn.Introduction The increasing adoption of Large Language Models (LLMs) in the supply chain presents a new challenge for traditional Third-Party Vendor Security Assessments (TPVRAs). This blog explores how to adapt existing TPVRAs to gather critical information about the integration of LLMs within […]
In today’s digital age, cloud security is more important than ever. Organizations are looking for cloud service providers that not only meet but exceed security standards. The CSA STAR (Security, Trust, Assurance and Risk) Registry is a valuable resource that highlights service providers who adhere to these high standards. Submitting to the CSA STAR Registry […]
Written by Urvi Mehta, ArmorCode.In today’s interconnected digital landscape, software serves as the backbone, driving the evolution of increasingly sophisticated applications. While this evolution fuels progress and exciting features, it also creates a vast playground for cyber threats. Simple, standalone programs are a thing of the past; today’s applications are intricate ecosystems with interconnected parts […]
Originally published by CXO REvolutionaries.Picture this: you’ve just finalized your M&A deal, only to discover a cybersecurity incident emerging—whether it’s a breach, data leak, or system compromise. Suddenly, the clock is ticking, and you’re faced with a tight deadline to report this material event to the SEC and your stakeholders. Recent years have witnessed a […]
This blog is markedly different from any other I have posted on our website. While we have responded to a few Requests for Proposal (RFP) or Requests for Information (RFI) over the past 15 years, the Cloud Security Alliance has never issued one ourselves, until now.Technology is moving at a breakneck pace, the fastest it […]
Originally published by Abnormal Security.Bad actors have been using phishing emails to steal sensitive data for three decades. Impersonating a trusted individual or brand and manufacturing a sense of urgency, attackers deceive targets into providing private information like login credentials or bank account details.Because email wasn’t initially designed with security in mind, early email platforms […]