Cloud Security Alliance

Known vulnerabilities behind most application security incidents

Application Security, Cloud Security Alliance, cybersecurity, News, report, vulnerability management /

Known vulnerabilities behind most application security incidents 2026-06-03 at 07:40 By Anamarija Pogorelec Eight in ten organizations took an application security hit during the past year tied to a vulnerability their team had already cataloged, according to a survey of 902 IT and security professionals conducted by the Cloud Security Alliance. The pattern points to […]

Known vulnerabilities behind most application security incidents Read More »

The exploit gap is closing, and your patch cycle wasn’t built for this

Anthropic, Artificial Intelligence, CISO, Cloud Security Alliance, cyber risk, cybersecurity, Don't miss, Hot stuff, how-to, News, opinion, report, Risk Management, strategy, tips /

The exploit gap is closing, and your patch cycle wasn’t built for this 2026-04-15 at 10:02 By Mirko Zorz The Cloud Security Alliance has published a briefing on what it calls a turning point in the threat landscape: the time between a vulnerability being discovered and a working exploit is shrinking fast. The briefing centers

The exploit gap is closing, and your patch cycle wasn’t built for this Read More »

Testing reveals Claude Mythos’s offensive capabilities and limits

AI, Anthropic, Artificial Intelligence, Cloud Security Alliance, cybersecurity, Don't miss, enterprise, Hot stuff, News, security testing, SMBs, tips /

Testing reveals Claude Mythos’s offensive capabilities and limits 2026-04-14 at 18:15 By Zeljka Zorz Could Claude Mythos Preview, Anthropic’s latest large language model, be leveraged for fully automated cyber attacks? The UK government’s AI Security Institute (AISI) tested its capability to successfully engage in capture-the-flag (CTF) challenges and multi-step attack scenarios, and found that that

Testing reveals Claude Mythos’s offensive capabilities and limits Read More »

Who owns AI agent access? At most companies, nobody knows

agentic AI, Artificial Intelligence, CISO, Cloud Security Alliance, cybersecurity, News, report, RSAC 2026 /

Who owns AI agent access? At most companies, nobody knows 2026-03-26 at 07:12 By Anamarija Pogorelec AI agents are operating across production enterprise environments at scale, and the identity infrastructure managing their access has not kept up with their deployment. A January 2026 survey of 228 IT and security professionals, conducted by the Cloud Security

Who owns AI agent access? At most companies, nobody knows Read More »

AI agents behave like users, but don’t follow the same rules

access controls, agentic AI, Artificial Intelligence, Cloud Security Alliance, cybersecurity, identity management, News, report /

AI agents behave like users, but don’t follow the same rules 2026-02-09 at 08:19 By Anamarija Pogorelec Security and governance approaches to autonomous AI agents rely on static credentials, inconsistent controls, and limited visibility. Securing these agents requires the same rigor and traceability applied to human users, according to Cloud Security Alliance’s Securing Autonomous AI

AI agents behave like users, but don’t follow the same rules Read More »

AI is flooding IAM systems with new identities

Artificial Intelligence, Cloud Security Alliance, credentials, cybersecurity, identity management, News, Non Human Identities, report /

AI is flooding IAM systems with new identities 2026-02-02 at 07:20 By Anamarija Pogorelec Most organizations view AI identities through the same lens used for other non-human identities, such as service accounts, API keys, and chatbots, according to The State of Non-Human Identity and AI Security report by the Cloud Security Alliance. AI identities inherit

AI is flooding IAM systems with new identities Read More »

Governance maturity defines enterprise AI confidence

agentic AI, Artificial Intelligence, Cloud Security Alliance, Compliance, cybersecurity, LLMs, News, report /

Governance maturity defines enterprise AI confidence 2025-12-24 at 08:17 By Anamarija Pogorelec AI security has reached a point where enthusiasm alone no longer carries organizations forward. New Cloud Security Alliance research shows that governance has become the main factor separating teams that feel prepared from those that do not. Governance separates confidence from uncertainty Governance

Governance maturity defines enterprise AI confidence Read More »

New framework sets baseline for SaaS security controls

AppOmni, cloud security, Cloud Security Alliance, enterprise, framework, GuidePoint Security, MongoDB, News, SaaS /

New framework sets baseline for SaaS security controls 2025-09-25 at 10:12 By Anamarija Pogorelec Managing security across dozens or even hundreds of SaaS apps has become a major headache. Each tool has its own settings, permissions, and logs, and most third-party risk processes only look at the vendor’s overall security, not the app itself. That

New framework sets baseline for SaaS security controls Read More »

The cybersecurity myths companies can’t seem to shake

Acronis, Allianz, Appfire, Cloud Security Alliance, cybersecurity, Google Cloud, News, strategy, tips, X-PHY /

The cybersecurity myths companies can’t seem to shake 2025-08-19 at 08:01 By Sinisa Markovic Cybersecurity myths are like digital weeds: pull one out, and another quickly sprouts in its place. You’ve probably heard them before: Macs don’t get viruses, we’re too small to be a target, or changing passwords often keeps us safer. Experts have

The cybersecurity myths companies can’t seem to shake Read More »

How to build AI into your business without breaking compliance

Artificial Intelligence, automation, CISO, Cloud Security Alliance, cybersecurity, Don't miss, News, strategy, tips /

How to build AI into your business without breaking compliance 2025-06-11 at 08:02 By Mirko Zorz AI is supposed to make businesses faster, smarter, and more competitive, but most projects fall short. The Cloud Security Alliance (CSA) says the real issue is companies cramming AI into old, rigid processes that just can’t keep up. “AI

How to build AI into your business without breaking compliance Read More »

Only 3% of organizations have a dedicated budget for SaaS security

Cloud Security Alliance, cybersecurity, News, report, SaaS, strategy, survey, Wing Security /

Only 3% of organizations have a dedicated budget for SaaS security 2025-02-03 at 06:48 By Help Net Security Mid-market organizations are grappling with managing the large volume of SaaS applications, both sanctioned and unsanctioned, with actual numbers often exceeding expectations, according to Cloud Security Alliance. Security teams are struggling with a growing attack surface Disconcertingly,

Only 3% of organizations have a dedicated budget for SaaS security Read More »

AI is becoming the weapon of choice for cybercriminals

1Password, Artificial Intelligence, AuditBoard, Bitdefender, Bugcrowd, Cisco, Cloud Security Alliance, Code42, CyberArk, cybersecurity, Deep Instinct, Deloitte, generative AI, GitGuardian, Google Cloud, Immuta, Ivanti, Lakera, Legit Security, Netacea, Netskope, News, report, RWS, survey, Venafi /

AI is becoming the weapon of choice for cybercriminals 2024-12-20 at 07:03 By Help Net Security AI changes how organizations look at cybersecurity GenAI is compromising security while promising efficiency This article highlights key findings from 2024 reports on AI and GenAI technologies, focusing on their potential and major challenges. Overreliance on GenAI to develop

AI is becoming the weapon of choice for cybercriminals Read More »

Securing non-human identities: Why fragmented strategies fail

authentication, Cloud Security Alliance, cybersecurity, Don't miss, Features, Hot stuff, identity, News, Non Human Identities, opinion, strategy /

Securing non-human identities: Why fragmented strategies fail 2024-09-25 at 07:31 By Mirko Zorz In this Help Net Security interview, John Yeoh, Global VP of Research at CSA, discusses the growing security challenges posed by non-human identities (NHIs). With NHIs now outnumbering human identities by 20 to 1, organizations are struggling to secure these digital entities

Securing non-human identities: Why fragmented strategies fail Read More »

Resecurity joins Cloud Security Alliance to help organizations secure cloud technologies

Cloud Security Alliance, Industry news /

Resecurity joins Cloud Security Alliance to help organizations secure cloud technologies 2024-09-20 at 11:31 By Industry News Resecurity announced that it has joined the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. Continue ReadingAs an innovator in cybersecurity, Resecurity brings

Resecurity joins Cloud Security Alliance to help organizations secure cloud technologies Read More »

Organizations still don’t know how to handle non-human identities

Astrix Security, Cloud Security Alliance, cybersecurity, identity, News, report, survey /

Organizations still don’t know how to handle non-human identities 2024-09-13 at 07:01 By Help Net Security Organizations are grappling with their current NHI (non-human identities) security strategies, according to Cloud Security Alliance and Astrix Security. The high volume of NHIs significantly amplifies the security challenges organizations face. Each NHI can potentially access sensitive data and

Organizations still don’t know how to handle non-human identities Read More »

The AI balancing act: Unlocking potential, dealing with security issues, complexity

1Password, Action1, Artificial Intelligence, Cisco, Cloud Security Alliance, Code42, cybersecurity, generative AI, Google Cloud, Netskope, News, report, survey, TeleSign, Trellix, VikingCloud /

The AI balancing act: Unlocking potential, dealing with security issues, complexity 2024-08-15 at 06:31 By Help Net Security The rapid integration of AI and GenAI technologies creates a complex mix of challenges and opportunities for organizations. While the potential benefits are clear, many companies struggle with AI literacy, cautious adoption, and the risks of immature

The AI balancing act: Unlocking potential, dealing with security issues, complexity Read More »

Misconfigurations and IAM weaknesses top cloud security concerns

access management, cloud computing, cloud security, Cloud Security Alliance, CSP, cybersecurity, News, report, supply chain /

Misconfigurations and IAM weaknesses top cloud security concerns 2024-08-12 at 06:02 By Help Net Security Traditional cloud security issues often associated with cloud service providers (CSPs) are continuing to decrease in importance, according to the Top Threats to Cloud Computing 2024 report by the Cloud Security Alliance. Misconfigurations, IAM weaknesses, and API risks remain critical

Misconfigurations and IAM weaknesses top cloud security concerns Read More »

Despite economic uncertainty, organizations are prioritizing SaaS security investments

Adaptive Shield, CISO, Cloud Security Alliance, cybersecurity, Don't miss, Hot stuff, News, report, SaaS, strategy, survey, tips, Video /

Despite economic uncertainty, organizations are prioritizing SaaS security investments 2024-07-23 at 06:31 By Mirko Zorz In this Help Net Security video, Maor Bin, CEO and Co-Founder of Adaptive Shield, discusses the key findings of their recent annual SaaS Security Survey Report, conducted in partnership with the Cloud Security Alliance (CSA). Seventy percent of organizations have

Despite economic uncertainty, organizations are prioritizing SaaS security investments Read More »

CSA updates its vendor-neutral cloud security training with CCSK v5 release

Cloud Security Alliance, Industry news /

CSA updates its vendor-neutral cloud security training with CCSK v5 release 2024-07-16 at 16:31 By Industry News The Cloud Security Alliance (CSA) demonstrated its commitment to improving its vendor-neutral cloud security training with the release of the Certificate of Cloud Security Knowledge (CCSK) v5, furnishing cloud stakeholders with the skills they need to optimize the

CSA updates its vendor-neutral cloud security training with CCSK v5 release Read More »

The rise of SaaS security teams

Artificial Intelligence, authentication, Cloud Security Alliance, cybersecurity, data breach, Don't miss, Features, Hot stuff, Incident Response, machine learning, News, opinion, SaaS, skill development, strategy /

The rise of SaaS security teams 2024-06-17 at 07:31 By Mirko Zorz In this Help Net Security interview, Hillary Baron, Senior Technical Director for Research at CSA, highlights that the recent surge in organizations establishing dedicated SaaS security teams is driven by significant data breaches involving widely used platforms. What motivated the recent surge in

The rise of SaaS security teams Read More »

Scroll to Top