Available Standards (38)
Showing standards 1 - 38
Application Containers and Microservices
The use of containers and microservices have been increasingly implemented in organizations.
Artificial Intelligence
As we move forward into the future of automation, AI is proving to play a critical role in the realm of both cyber and cloud security.
Blockchain/Distributed Ledger
Blockchain and distributed ledger technology is an innovative and continuously evolving technology.
Cloud Control Matrix
The Cloud Security Alliance Cloud Controls Matrix (CCM) is specifically designed to provide fundamental security principles to guide cloud vendors and to assist prospective cloud customers in asses
Cloud Controls Matrix Working Group
The Cloud Security Alliance Cloud Controls Matrix (CCM) is specifically designed to provide fundamental security principles to guide cloud vendors and to assist prospective cloud customers in asses
Cloud Incident Response
With today’s fast-evolving threat landscape, a holistic cloud incident response framework that considers an expansive scope of factors for cloud outages is necessary.
Cloud Key Management
The Cloud Key Management Working Group aims to facilitate the standards for seamless integration between CSPs and key broker services.
Cloud Security Services Management
Collaboration and coordination among all stakeholders are critical to secure the cloud platform.
Cloud Trust Protocol Data Model and API
The Cloud Trust Protocol (CTP) is designed to be a mechanism by which cloud service customers can ask for and receive information related to the security of the services they use in the cloud, prom
CloudAudit
The goal of CloudAudit is to provide a common interface and namespace that allows cloud computing providers to automate the Audit, Assertion, Assessment, and Assurance (A6) of their infrastructure
CloudCISC
Given the longstanding and fervent belief in the value for incident sharing, new advancements in enabling technology, and the promising shifts in the legal landscape, the Cloud Security Alliance be
DevSecOps
Businesses are now requiring a stronger collaboration between the development, security and operational functions. This addition of security creates DevSecOps.
Enterprise Resource Planning
The Enterprise Resource Planning (ERP) WG seeks to develop best practices to enable organizations that run their business on large ERP implementations, such as SAP or Oracle applications, to secure
Financial Services Stakeholder Platform
The Financial Services Stakeholders Platform main objective is to identify and share the challenges, risks and best practices for the development, deployment and management of secure cloud services
Health Information Management
The Health Information Management Working Group aims to provide direct influence on how health information service providers deliver secure cloud solutions (services, transport, applications and st
High Performance Computing
‘Vanilla’ cloud environments were typically not made to handle harsh environments like that of High Performance Computing (HPC) Cloud Security.
Hybrid Cloud Security Services
As businesses are developing rapidly, and IT infrastructures are constantly diversified, a single public / private cloud or a traditional on-premises datacenter is no longer able to meet service re
Industrial Control Systems
As Industrial Control Systems (ICS) advance to the Internet of Things, ICS is connecting to the cloud, and the risk of cyber-attacks is increasing more than ever before.
Industrial Robots and Robot Systems – General Safety Requirements
This Canadian standard is the ISO standards ISO 10218-1 (see above) and -2 combined into one document.CSA added additional requirements for the user of the robot system.
Information security, cybersecurity and privacy protection — Governance of information security
This document provides guidance on concepts, objectives and processes for the governance of information security, by which organizations can evaluate, direct, monitor and
Information security, cybersecurity and privacy protection — Guidelines for information security management systems auditing (Adopted ISO/IEC 27007:2020, third edition, 2020-01)
Standards development within the Information Technology sector is harmonized with international standards development.
Information security, cybersecurity and privacy protection — Guidelines for information security management systems auditing (Adopted ISO/IEC 27007:2020, third edition, 2020-01)
Standards development within the Information Technology sector is harmonized with international standards development.
Information security, cybersecurity and privacy protection — Sector-specific application of ISO/IEC 27001 — Requirements (Adopted ISO/IEC 27009:2020, second edition, 2020-04)
Standards development within the Information Technology sector is harmonized with international standards development.
Information security, cybersecurity and privacy protection — Sector-specific application of ISO/IEC 27001 — Requirements (Adopted ISO/IEC 27009:2020, second edition, 2020-04)
Standards development within the Information Technology sector is harmonized with international standards development.
Internet of Things
IoT devices represent a wide variety of non-traditional devices that are increasingly implemented in organizations due to the numerous benefits.
Mobile Application Security Testing
The Mobile Application Security Testing (MAST) initiative aims to create a safer cloud ecosystem for mobile applications by creating systematic approaches to application testing and vetting that he
Open Certification Framework
The CSA Open Certification WG is an industry initiative to allow global, accredited, trusted certification of cloud providers.
Open Certification Framework Working Group
The CSA Open Certification WG is an industry initiative to allow global, accredited, trusted certification of cloud providers.
Privacy Level Agreement V2
Privacy Level Agreement - Version 2 is intended to be used as an appendix to a Cloud Services Agreement, and to describe the level of privacy protection that the CSP will provide.
Privacy Level Agreement Working Group
This working group aims at creating PLA templates that can be a powerful self-regulatory harmonization tool, which is almost impossible to achieve at global level using traditional legislative mean
Quantum-safe Security
The CSA Quantum Safe Security Working Group's goal is to address key generation and transmission methods that will aid the industry in understanding quantum-safe methods for protecting their data t
Reference Architecture - Trusted Cloud Initiative
The Trusted Cloud Initiative helps cloud providers develop industry-recommended, secure and interoperable identity, access and compliance management configurations, and practices.
Security as a Service
The purpose of this research will be to identify consensus definitions of what Security as a Service means, to categorize the different types of Security as a Service and to provide guidance to org
Security Guidance
Cloud Security Alliance’s Security Guidance for Critical Areas of Focus in Cloud Computing seeks to establish a stable, secure baseline for cloud operations.
Software Defined Perimeter
The “Software Defined Perimeter (SDP) protocol,” is designed to provide on-demand, dynamically provisioned, air-gapped networks.
Software Defined Perimeter Working Group
The Software Defined Perimeter working grouped launched with the goal to develop a solution to stop network attacks against application infrastructure.
Top Threats
The shift from traditional client/server to service-based models is transforming the way technology departments think about, designing, and delivering computing technology and applications.