Cloud Security Alliance

Securing AI Workloads in AWS: Why Bedrock and SageMaker Need Runtime Detection and AI-Powered Response

Attackers use AI to target Bedrock and SageMaker; learn why posture alone fails and how runtime detection and AI-powered ...
Cloud Security Alliance

MITRE ATT&CK for Cloud: A Practitioner's Guide to Detection Coverage

Explore MITRE ATT&CK for Cloud, the key cloud tactics and techniques, and how cloud detection and response (CDR) fits into ...
Cloud Security Alliance

Cloud Security Glossary

An IEEE standard for local and metropolitan area networks–Port-Based Network Access Control. IEEE 802 LANs are deployed in networks that convey or provide access to critical data, that support mission ...
Cloud Security Alliance

Why Agentic AI Matters for the Future of Cybersecurity

As the cybersecurity landscape transforms, the rise of agentic AI is changing how organizations think about machine identities, or Non-Human Identities (NHIs). What happens when machines, powered by ...
Cloud Security Alliance

Top Threats to Cloud Computing - Deep Dive 2025

The report presents each security incident as both a detailed narrative and a threat model. This includes an attack-style synopsis with the relevant cloud security risks, CCM controls, and mitigations ...
Cloud Security Alliance

View Resource

CISA’s ZTMM is a roadmap that organizations can reference as they implement a zero trust architecture. It aims to assist organizations in the development of ZT strategies and implementation plans. It ...
Cloud Security Alliance

Key Management Lifecycle Best Practices

This document serves as guidance for enterprise technologists and service providers to effectively and securely manage cryptographic keys throughout the key management lifecycle. It outlines best ...
Cloud Security Alliance

Security Controls Catalog

The Security Controls Catalog WG operates as a foundational component of the Compliance Automation Revolution (CAR) Initiative, which provides the foundation for compliance by design, security and ...
Cloud Security Alliance

View Resource

NIST Special Publication 800-207 lays out a comprehensive set of zero trust principles and referenced zero trust architectures (ZTA) for turning ZT concepts into reality. A key paradigm shift in ZTAs ...
Cloud Security Alliance

State of AI Cybersecurity 2026: 92% of Security Professionals Concerned About the Impact of AI Agents

A look at how AI agents reshape security, governance, and risk, highlighting the enterprise attack surface and executive ...
Cloud Security Alliance

Introducing the AI Security Maturity Model (AISMM)

Explore the AI Security Maturity Model (AISMM), a maturity model guiding secure enterprise AI adoption with cloud controls and governance.
Cloud Security Alliance

What Recent Medical Device Breaches Reveal About Security Gaps in the Cloud

Recent medical device breaches reveal cloud and SaaS gaps that threaten patient data and operations, underscoring the need ...