Cloud Security Alliance

The "AI Vulnerability Storm"

Learn how AI is accelerating vulnerability discovery and reshaping security. Get actionable guidance to build a Mythos-ready ...
Cloud Security Alliance

The Shadow AI Agent Problem in Enterprise Environments

Explores how shadow AI agents erode governance in enterprises, why visibility isn't assurance, and practical steps to close ...
Cloud Security Alliance

The Catastrophic Risk Annex: Next Gen AI Security Controls

Learn how the STAR for AI Catastrophic Risk Annex turns extreme AI risks into testable controls, enabling measurable, ...
Cloud Security Alliance

Agent Access Management (AAM): Why Governing AI and Non-Human Identities Requires a Data-First Security Model

Explains why agent access governance needs a data-first security model to govern AI agents, service accounts, and automation ...
Cloud Security Alliance

AARM: Finding a Path to Secure the Agentic Runtime

Explores Autonomous Action Runtime Management (AARM) and runtime governance for secure, observable, agentic systems at scale.
Cloud Security Alliance

CSAI Foundation Announces Key Milestones to Secure the Agentic Control Plane

The Cloud Security Alliance (CSA), the world's leading not-for-profit organization committed to AI, cloud, and Zero Trust ...
Cloud Security Alliance

Securing the Agentic Control Plane: Key Progress at the CSAI Foundation

Explore how the CSAI Foundation is securing autonomous AI agents with new frameworks, certifications, and global assurance ...
Cloud Security Alliance

From Declaration to Detection: Sensing AI Behavior with the WBSC Probe Library

Explores the WBSC Probe Library's role in verifying AI transparency, outlining probes, auditable evidence, and open ...
Cloud Security Alliance

Identity in the Age of AI: Rethinking Zero Trust's First Pillar

Explores how AI weaponizes identity, defenses, and the rise of non-human identities within Zero Trust, with practical ...
Cloud Security Alliance

AI Agent Identity Is Being Solved Backwards - And the Window to Fix It Is Now

Why static IAM falls short for AI agents, and how runtime-scoped, ephemeral credentials reduce risk and misconfigurations.
Cloud Security Alliance

Runtime Is Where Cloud Security Really Counts: The Importance of Detection, Forensics and Real-Time Architecture Awareness

Why runtime is the key to cloud security: real-time detection, forensics, and continuous monitoring beyond posture-only CNAPP ...
Cloud Security Alliance

8 Dangerous Truths About Excessive Privileges in Cloud and SaaS Platforms

Explains why excessive cloud and SaaS privileges are risky, from credential exposure to privilege creep, and highlights ...