Cloud Security Alliance
The exploit gap is closing, and your patch cycle wasn’t built for this
The Cloud Security Alliance has published a briefing on what it calls a turning point in the threat landscape: the time between a vulnerability being discovered and a working …
Testing reveals Claude Mythos’s offensive capabilities and limits
Could Claude Mythos Preview, Anthropic’s latest large language model, be leveraged for fully automated cyber attacks? The UK government’s AI Security Institute …
Who owns AI agent access? At most companies, nobody knows
AI agents are operating across production enterprise environments at scale, and the identity infrastructure managing their access has not kept up with their deployment. A …
AI agents behave like users, but don’t follow the same rules
Security and governance approaches to autonomous AI agents rely on static credentials, inconsistent controls, and limited visibility. Securing these agents requires the same …
AI is flooding IAM systems with new identities
Most organizations view AI identities through the same lens used for other non-human identities, such as service accounts, API keys, and chatbots, according to The State of …
Governance maturity defines enterprise AI confidence
AI security has reached a point where enthusiasm alone no longer carries organizations forward. New Cloud Security Alliance research shows that governance has become the main …
New framework sets baseline for SaaS security controls
Managing security across dozens or even hundreds of SaaS apps has become a major headache. Each tool has its own settings, permissions, and logs, and most third-party risk …
The cybersecurity myths companies can’t seem to shake
Cybersecurity myths are like digital weeds: pull one out, and another quickly sprouts in its place. You’ve probably heard them before: Macs don’t get viruses, we’re too small …
How to build AI into your business without breaking compliance
AI is supposed to make businesses faster, smarter, and more competitive, but most projects fall short. The Cloud Security Alliance (CSA) says the real issue is companies …
Only 3% of organizations have a dedicated budget for SaaS security
Mid-market organizations are grappling with managing the large volume of SaaS applications, both sanctioned and unsanctioned, with actual numbers often exceeding expectations, …
AI is becoming the weapon of choice for cybercriminals
This article highlights key findings from 2024 reports on AI and GenAI technologies, focusing on their potential and major challenges. Overreliance on GenAI to develop …
Securing non-human identities: Why fragmented strategies fail
In this Help Net Security interview, John Yeoh, Global VP of Research at CSA, discusses the growing security challenges posed by non-human identities (NHIs). With NHIs now …
Featured news
Resources
Don't miss
- Earbud sensors can authenticate users by their heartbeat, study finds
- AI is drowning software maintainers in junk security reports
- Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945)
- Attackers accessed, downloaded code from Grafana Labs’ GitHub
- The AI backdoor your security stack is not built to see