Cloud Security Alliance

Leveling Up Autonomy in Agentic AI

Explores a six-level autonomy taxonomy for agentic AI, governance, and risk-aligned controls to safely deploy autonomous ...
Cloud Security Alliance

The Agentic Trust Framework: Zero Trust Governance for AI Agents

Overview of the Agentic Trust Framework (ATF), an open governance spec applying Zero Trust to autonomous AI agents, with ...
Cloud Security Alliance

Bridging the Gap Between Cloud Security Controls and Adversary Behaviors: A CSA–MITRE CTID Collaboration

As the cloud threat landscape evolves, so too must the methodologies we use to defend against it. By bridging the gap between ...
Cloud Security Alliance

Non-Human Identity Governance: Why IGA Falls Short

Explains why traditional IGA fails for non-human identities and outlines continuous, context-driven governance for AI agents ...
Cloud Security Alliance

Logic-Layer Prompt Control Injection (LPCI): A Novel Security Vulnerability Class in Agentic Systems

Explores LPCI, a new security vulnerability in agentic AI, its lifecycle, attack methods, and proposed defenses.
Cloud Security Alliance

Resolving The Coordination Gap in Modern Cloud Security

Explores how continuous monitoring and structured check-ins close the coordination gap in cloud security, boosting ...
Cloud Security Alliance

Zero Trust in the Cloud: Designing Security Assurance at the Control Plane

Written by Moses Ashang, Senior Cloud Engineer, Verint. The way cloud systems are designed has quietly changed. What we used to view as a collection of servers and networks is now shaped by decisions ...
Cloud Security Alliance

Why DNS TXT Records Deserve Governance in Security Programs

DNS TXT records play a critical role in modern cloud environments. They underpin email authentication, domain ownership verification, SaaS onboarding, and even security tooling integrations. Despite ...
Cloud Security Alliance

Cloud Security Glossary

An IEEE standard for local and metropolitan area networks–Port-Based Network Access Control. IEEE 802 LANs are deployed in networks that convey or provide access to critical data, that support mission ...