CloudAudit joins the Cloud Security Alliance
Posted on 27 October 2010.
The Cloud Security Alliance (CSA) announced that CloudAudit has become an official project of the CSA, with the joint mission of promoting the use of best practices for providing security assurance within cloud computing. CloudAudit will enable automation and integration of CSA research into technology solutions.


CloudAudit is a volunteer cross-industry effort from minds in cloud, networking, security, audit, assurance and architecture backgrounds. CloudAudit’s charter is to provide a common interface that allows cloud providers to automate the Audit, Assertion, Assessment, and Assurance (A6) of their environments and allow authorized consumers of their services to do likewise via an open, extensible and secure set of interfaces.

“We are excited to welcome CloudAudit to the Cloud Security Alliance, and believe that through our joint collaboration, cloud providers will be able to deliver greater transparency and security in their offerings,” said Jim Reavis, founder of the Cloud Security Alliance.

“Beyond our mutual goal of helping providers better secure the cloud, we have several projects that are very well aligned with CloudAudit. These include the recently announced CSA Controls Matrix, which provides fundamental security principles to guide cloud vendors and potential customers in assessing overall security risk of cloud providers, and the Consensus Assessment Initiative, which was launched to provide research and tools to enable cloud computing assessments" he added.

“CloudAudit and the CSA have been well aligned since our conception,” said Christofer Hoff, founder of CloudAudit. “Much of CloudAudit’s work is derived from CSA guidance. For example, CloudAudit’s namespaces & CompliancePacks are all derived from the CSA’s Cloud Control Matrix. By becoming a part of the CSA, we look forward to greater exposure and resources to further drive our mission of enabling an automated risk assessment and audit of cloud-based environments.”





Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //