What we're about

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events, and products. CSA’s activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs, and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem. CSA Boston holds monthly meetings on a variety of topics directly related to cloud security.

Upcoming events (2)

The Cloud is the New Datacenter: What does that mean for security?

Please join CSA Boston and Chris Pedigo for a discussion on cloud and container security. The web link will be posted closer to the event. CSA Boston would like to thank Lacework for sponsoring the event with a donation of $10 per attendee to the Greater Boston Food Bank. --- Abstract --- The advantages of the move to the cloud are many — think cost savings, elasticity etc. Yet securing these new, more ephemeral environments provides a different set of challenges for security professionals. One of the things that all cloud or container environments have in common is the proliferation of data that is produced. This data contains crucial information around the security posture of your cloud environment, but the data is very difficult to see or even contextualize. On July 14th, join Lacework's Field CTO Chris Pedigo as he sits down with fellow cloud security experts for a virtual happy hour meetup as they discuss the importance of visibility, baselining and anomaly detection in ensuring the safety and compliance of cloud & containerized environments. --- About the Presenter --- Chris Pedigo is Field CTO at Lacework. Chris has spent 15 years working in technology, starting with hardware, then moving to SaaS and eventually found his way into public cloud security. Chris has deep experience with SOC 2, PCI-DSS, NIST[masked], ISO 27001, and is an AWS Certified Solutions Architect.

Consent Is Broken: User-Managed Access Mends Trust

Online event

Please join CSA Boston and Eve Maler for a discussion on privacy, consent, and right-to-use license research. The web link will be posted closer to the event. --- Abstract --- The current global wave of privacy regulations is affecting the lives of millions of online individuals, as well as the daily practices of cybersecurity and privacy professionals. Unfortunately, according to many legal experts and our own common sense, consent is broken – perhaps fundamentally. We need a better digital permissions solution, one where an individual can achieve mutual agency with service providers. Taking an example from the financial services sector, we will discuss how Open Banking APIs are achieving greater interoperability, security, privacy, and user control with profiles of the OAuth and OpenID Connect protocols. We will also look at a related standard called User-Managed Access (UMA) that is making secure and controlled sharing of access possible, while simultaneously enabling service providers to build data partner ecosystems. This session will highlight new research that proposes using a human-centric right-to-use license to improve our current consent challenges, and the technologies that point the way towards building the required solutions for more successful digital permissions. --- About the Presenter --- Eve Maler is Chief Technology Officer at ForgeRock, a leading provider of digital identity. As CTO and member of the senior leadership team, Eve plays a key role in investigating and prototyping innovative approaches to help customers solve their identity challenges. Maler previously served as VP of Innovation and Emerging Technology, joining ForgeRock in 2014. She continues to drive ForgeRock’s involvement with leading industry standards initiatives. Prior to joining ForgeRock, Maler served at Sun Microsystems and as an analyst for Forrester Research. She is a globally recognized strategist, innovator and communicator on identity, security and privacy. She was the founding chair of the working group for the SAML identity federation standard and has provided expert advice to forums such as UK Open Banking and the Office of the National Coordinator for Health Information Technology. https://www.linkedin.com/in/evemaler/

Photos (67)