Welcome to the Cloud Security Alliance

Switzerland Chapter 🇨🇭

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.

Latest News from the Switzerland Chapter

CSA & SIGS Special Event – April 10 – 11, 2024

Join CSA and SIGS on April 10th and 11th to hear from featured speakers John Kindervag and Rob van der Veer at a special two-day event in Zurich. Learn about Zero Trust and AI and network with like-minded peers in cybersecurity. Register today to save your spot! Learn More Rob van der Veer, Senior Director…

[ Continue Reading ]

Latest News from CSA blog

  • Priorities Beyond Email: How SOC Analysts Spend Their Time
    Originally published by Abnormal Security.Written by Mick Leach.In the cybersecurity world, Security Operations Center (SOC) analysts serve as watchful defenders, tasked with the critical mission of fortifying systems against malicious intrusions and swiftly responding to emerging threats. Central to their effectiveness is the mastery of time management, as the fast-paced nature of cybersecurity demands rapid decision-making and efficient allocation of resources. Beyond the routine task of em...continue reading on CSA Home
  • Ignoring the Change Healthcare Attack Invites a Cycle of Disaster
    Originally published by CXO REvolutionaries.Written by Tamer Baker, CTO in Residence, Zscaler.You may recall, in February, Change Healthcare announced that threat actors affiliated with BlackCat/ALPHV had breached their organization. The adversaries executed a ransomware attack affecting critical operations in its care authorization and billing portals. Change has not released details on how the threat actors compromised their organization. However, it is not unusual for attackers to breach m...continue reading on CSA Home
  • It’s Time to Throw Away the Manual with Evidence Collection
    Originally published by RegScale.Written by Larry Whiteside Jr.In today’s complex and ever-changing regulatory environment, it is more important than ever for organizations to have a strong compliance program in place. However, manually gathering compliance data can be a time-consuming and inefficient process. This can lead to compliance gaps, which can expose organizations to risk. Manual compliance data gathering can significantly impact organizations in several negative ways, reflecting bo...continue reading on CSA Home
  • The Risk and Impact of Unauthorized Access to Enterprise Environments
    Originally published by StrongDM.Unauthorized access poses serious threats to businesses, compromising sensitive information and disrupting operations. Cybercriminals leverage vulnerabilities through advanced phishing attacks and API security breaches, underscoring the necessity for companies to implement strong security measures. This blog post underscores the importance of protecting against unauthorized access and outlines both established and innovative strategies to prevent it.The Risk a...continue reading on CSA Home
  • Automated Cloud Remediation – Empty Hype, Viable Strategy, or Something in Between?
    Originally published by Tamnoon.Written by Idan Perez, CTO, Tamnoon.What role does automation play in cloud remediation? Will it replace or simply augment the role of security and R&D teams?Over 60% of the world’s corporate data now resides in the cloud, and securing this environment has become a daunting task. The vast attack surface and countless potential misconfigurations pose significant challenges for security and operations teams. Amidst this complexity, automation has emerged as a...continue reading on CSA Home
  • Cloud Security Alliance and SAFECode Release Sixth and Final White Paper in Its Six Pillars of DevSecOps Series
    Document promotes and demonstrates the importance of clear measurements for security performance in DevSecOpsSEATTLE – May 15, 2024 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, and today released The Six Pillars of DevSecOps: Measure, Monitor, Report, and Action, which emphasizes the importance of continuous measurement and observability in DevSecOp...continue reading on CSA Home
  • Exploring Syscall Evasion – Linux Shell Built-ins
    Originally published by Sysdig.Written by Jason Andress.This is the first article in a series focusing on syscall evasion as a means to work around detection by security tools and what we can do to combat such efforts. We’ll be starting out the series discussing how this applies to Linux operating systems, but this is a technique that applies to Windows as well, and we’ll touch on some of this later on in the series. In this particular installment, we’ll be discussing syscall evasion with bas...continue reading on CSA Home
  • Apple's New iMessage, Signal, and Post-Quantum Cryptography
    Written by Denis Mandich, Member of the CSA Quantum-Safe Security Working Group and CTO of Qrypt.Apple recently updated their iMessage application with stronger security features, adopting cryptography believed to be secure against attack by quantum computers. They use common end-to-end encryption techniques, but there are aspects unique to their platform. Although they have not explained the justifications for the design decisions, they are cryptographically sound if implemented correctly an...continue reading on CSA Home
  • 2024 State of SaaS Security Report Shows A Gap Between Security Team Confidence And Complexity of SaaS Risks
    Originally published by Valence.Written by Jason Silberman.Valence Security has released the 2024 State of SaaS Security Report. Among the primary themes we saw in the report—which combines an industry survey with data collected by Valence from hundreds of real enterprise SaaS applications—is a clear gap between security leaders’ confidence in their existing programs and processes to protect their SaaS application environment, and a contrasting reality that reflects the complexity and diversi...continue reading on CSA Home
  • Navigating Cloud Security Best Practices: A Strategic Guide
    As cloud computing continues to be a pivotal force in IT infrastructure, it’s crucial for organizations to understand and use effective cloud security strategies to protect their data. This blog provides a short guide based on CSA’s Security Guidance, showing key ways to secure cloud environments effectively.Understanding Cloud Concepts and ArchitecturesCloud computing enables organizations to accelerate operations, reduce downtime, and reduce costs, along with offering substantial security b...continue reading on CSA Home