What we're about

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events, and products. CSA’s activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs, and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem. CSA Boston holds monthly meetings on a variety of topics directly related to cloud security.

Upcoming events (2)

Cloud Intrusion Detection & Threat Hunting With Open Source Tools

SSH Communications Security, Inc.

By popular request, this is a sequel to a 2017 talk entitled “Engineering Challenges Doing Intrusion Detection in the Cloud” about the experience of doing intrusion detection at scale at one of the ten largest AWS environments at the time. One of the major lessons learned during this time is that in the public cloud, where direct network instrumentation is unavailable, doing behavioral detection with endpoint data is often more effective and more efficient. This talk presents a practical demonstration, including a demo, of behavioral intrusion detection, threat hunting and security analytics using free and open source tools. The talk received overwhelmingly positive feedback at the AWS New England community day; one chief security officer called it the most practical talk he had seen. Presenter: Craig Chamberlain Craig is a seasoned security leader with twenty years experience in security including service as a cloud security lead in one of the larger AWS environments. He is a patent holder; published researcher; advisor to various security product plays and VCs; credited bug hunter; and a veteran of four startups including two successful exits. A devotee of the "purple team" movement, he studies both offensive and defensive security art in order to better detect all the things. He has contributed, as an architect and / or core business logic developer, to three successful security products, and six large-scale security monitoring and threat hunting projects, in both cloud and terrestrial environments. He has been a SIEM / security analytics developer and / or threat hunter in the defense, financial, government, military and software manufacturing sectors. He has presented at the MISTI NetSec ESummit, B-Sides Boston, SOURCE Boston, OpenSec Boston, Cloud Security World, and, a long time ago in a galaxy far away, ACSAC and the DHS Science & Technology Conference.

May 21st CSA Boston Chapter Summit - Call for Presenters!

Hello Boston CSA Chapter! We're excited to announce that this May 21st, we'll be holding a full-day Forum on Cloud Security. Event registration is now live here: https://csacongress.org/event/csa-boston-chapter-forum-2019/ And - are you interested in presenting? Our Call for Speakers is currently open! With a theme of “Back to Basics”, we’re looking for case studies, education and best practices. We’re expecting over 200 security professionals, so it’ll be a great opportunity for you to share your knowledge and experience. Learn more and submit your proposal here: https://goo.gl/forms/FjDnLPAPuNIKW6CG3 Thanks - and we look forward to seeing you in May, if not sooner.

Past events (3)

Cloud App Security Maturity Model

Babson College

Photos (32)