Cloud Security Alliance

The First Question Security Should Ask on AI Projects

It’s about opening up a conversation so that our security controls align with the desired outcomes, and so that we can ...
Cloud Security Alliance

How Generative AI is Reshaping Zero Trust Security

Explores how generative AI reshapes Zero Trust, non-human identities, continuous verification, and AI-powered defense in ...
Cloud Security Alliance

Why Agentic AI Matters for the Future of Cybersecurity

Explores how agentic AI and Non-Human Identities reshape governance, monitoring, and security in cloud environments, with ...
Cloud Security Alliance

IaC Security in the Age of AI: New Threats, Smarter Solutions

Explores how AI impacts IaC security—from misconfigurations to drift—and practical steps like policy-as-code, guardrails, and ...
Cloud Security Alliance

AWS Ends SSE-C Encryption, and a Ransomware Vector

SSE-C stands (well, stood) for “Server Side Encryption- Customer-provided keys”. It allowed you to provide an encryption key ...
Cloud Security Alliance

Choosing the Right Key Responsibility Model

Explores PMKs, CMKs, BYOK, and HYOK, showing how cloud key management models affect risk, control, and regulatory compliance.