QR codes promise convenience, but most people don’t realize the sheer ease with which those codes can be weaponized. Learn ...

Steer clear of the dangers of oversharing on social media. This blog offers examples of what can go wrong and easy-to-follow ...

Learn how homoglyph attacks work, why they’re a growing concern for major brands, and how DNS Posture Management defends ...

This comprehensive glossary combines all the glossaries created by CSA Working Groups and research contributors into one place. If you have a question or need other assistance please reach out to ...

Join CSA and Northeastern University in launching the first AI safety credential for security, GRC, and AI professionals.

As companies feel mounting pressure to document cybersecurity controls & demonstrate risk maturity, we are witnessing the ...

Threat models of the LastPass breach, Dropbox breach, Uber breach, and more, analyze the relevant cloud computing vulnerabilities and threats.

In this document CSA provides an approach to assess risk in SaaS cloud computing. The Cloud Octagon Model stems from an approach conceptualized and implemented by the Cloud Security Group within the ...

Deepfake audio fraud can mimic voices with alarming accuracy. Many organizations are ill-equipped to combat this ...

Learn what ISO 42001 is, what to expect from the certification process, and practical insights to help you lay a strong ...

This document is designed for assessment firms participating in CSA’s STAR Certification or Attestation program. It provides a strategic, practical guide for firms looking to effectively upsell STAR ...

True IAM security starts with visibility—mapping identities, assessing risk, and turning insights into action to reduce ...