Cloud Security Alliance

Columbia University Breach Exposes 870,000 Records: The Case for Unified Cloud and SaaS Security

Columbia's 2025 breach highlights the need for unified cloud and SaaS security to protect data across campuses.
Cloud Security Alliance

AI Log Analysis for Event Correlation in Zero Trust

Learn how AI log analysis enhances security. Reduce the load on SOC teams so they can focus on judgment, context, and ...
Cloud Security Alliance

The Salesloft Drift OAuth Supply-Chain Attack: Cross-Industry Lessons in Third-Party Access Visibility

Salesloft breach shows how OAuth tokens abused by trusted apps enable data exposure, underscoring the need for Zero Trust and ...
Cloud Security Alliance

Introducing the SaaS Security Capability Framework (SSCF) v1.0: Raising the Bar for SaaS Security

The SaaS Security Capability Framework (SSCF) v1.0 introduces practical, actionable controls for SaaS security, guiding ...
Cloud Security Alliance

What is Protected Health Information (PHI)?

Protected Health Information (PHI) is any data within a medical record that can be used to identify an individual. This information is created, used, or disclosed in the process of providing ...
Cloud Security Alliance

Controls vs. Key Security Indicators: Rethinking Compliance for FedRAMP

Explores key security indicators as a modern alternative to controls in FedRAMP, their benefits, differences, and automation ...
Cloud Security Alliance

SaaS Security Capability Framework (SSCF)

Learn the core concepts, best practices and recommendation for securing an organization on the cloud regardless of the provider or platform. Covering all 14 domains from the CSA Security Guidance v4, ...