Cloud Security Alliance
The exploit gap is closing, and your patch cycle wasn’t built for this
The Cloud Security Alliance has published a briefing on what it calls a turning point in the threat landscape: the time between a vulnerability being discovered and a working …
Testing reveals Claude Mythos’s offensive capabilities and limits
Could Claude Mythos Preview, Anthropic’s latest large language model, be leveraged for fully automated cyber attacks? The UK government’s AI Security Institute …
Who owns AI agent access? At most companies, nobody knows
AI agents are operating across production enterprise environments at scale, and the identity infrastructure managing their access has not kept up with their deployment. A …
AI agents behave like users, but don’t follow the same rules
Security and governance approaches to autonomous AI agents rely on static credentials, inconsistent controls, and limited visibility. Securing these agents requires the same …
AI is flooding IAM systems with new identities
Most organizations view AI identities through the same lens used for other non-human identities, such as service accounts, API keys, and chatbots, according to The State of …
Governance maturity defines enterprise AI confidence
AI security has reached a point where enthusiasm alone no longer carries organizations forward. New Cloud Security Alliance research shows that governance has become the main …
New framework sets baseline for SaaS security controls
Managing security across dozens or even hundreds of SaaS apps has become a major headache. Each tool has its own settings, permissions, and logs, and most third-party risk …
The cybersecurity myths companies can’t seem to shake
Cybersecurity myths are like digital weeds: pull one out, and another quickly sprouts in its place. You’ve probably heard them before: Macs don’t get viruses, we’re too small …
How to build AI into your business without breaking compliance
AI is supposed to make businesses faster, smarter, and more competitive, but most projects fall short. The Cloud Security Alliance (CSA) says the real issue is companies …
Only 3% of organizations have a dedicated budget for SaaS security
Mid-market organizations are grappling with managing the large volume of SaaS applications, both sanctioned and unsanctioned, with actual numbers often exceeding expectations, …
AI is becoming the weapon of choice for cybercriminals
This article highlights key findings from 2024 reports on AI and GenAI technologies, focusing on their potential and major challenges. Overreliance on GenAI to develop …
Securing non-human identities: Why fragmented strategies fail
In this Help Net Security interview, John Yeoh, Global VP of Research at CSA, discusses the growing security challenges posed by non-human identities (NHIs). With NHIs now …
Featured news
Resources
Don't miss
- Coinflow CISO on crypto payments security under AI pressure
- Vigolium: Open-source vulnerability scanner
- Anthropic: Claude Mythos identified 10,000+ software flaws
- Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926)
- High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659)