Message Image

Zero Trust

View Only

Zero Trust Advancement Center
CSA Zero Trust Resource Hub
CSA Zero Trust Advancement Center Announcement
CSA Zero Trust Calendar
Latest Publications and Recordings

Zero Trust Working Group Charter 2022 - Final V1

CISO Perspectives and Progress in Deploying Zero Trust

+ Released: June 3, 2022

Integrating SDP and DNS: Enhanced Zero Trust Policy Enforcement

+ Released: April 12, 2022

Software-Defined Perimeter (SDP) Specification v2.0

+ Released: May 10, 2022

Software-Defined Perimeter (SDP) and Zero Trust

+ Released: May 27, 2020

Software-Defined Perimeter as a DDoS Prevention Mechanism

+ Released: October 27, 2019

(SDP): Awareness and Adoption Infographic

+ Released: July 1, 2019

SDP Architecture Guide v2

+ Released: May 7, 2019

Software Defined Perimeter Glossary

+ Released: June 12, 2018

Working Group Organization
CSA Support

• ZT Inquiries - [email protected]

• Erik Johnson - [email protected]

• John Yeoh - [email protected]

Research Working Group Co-chairs

• Jerry Chapman

• Jason Garbis

• Chris Steffen

Structure

The CSA Zero Trust Working Group has the following nine work streams:
1. Zero Trust as a Philosophy & Guiding Principles
2. Zero Trust Organizational Strategy & Governance
3. Pillar: Identity
4. Pillar: Device
5. Pillar: Network/Environment
6. Pillar: Applications & Workload
7. Pillar: Data
8. Automation, orchestration, visibility & analytics
9. Zero Trust Architecture, Implementation & Maturity Model

Expressions of interest in working group and specific workstream participation can be registered here or by sending an email to [email protected].

View CSA's Privacy Policy.

Latest Discussion Posts

Certificate of Competence in Zero Trust (CCZT)

By: Anna Schorr , 8 months ago

[Now Available] CSA's Certificate of Competence in Zero Trust (CCZT) 📣 The wait is over – CSA's Certificate of Competence in Zero Trust (CCZT) is now available! 📣 As the industry's first authoritative and vendor-neutral Zero ...

4 people like this.
Cross-cloud integrations and the significance of good ...

By: Alex Sharpe , 8 days ago

An excellent post from from Brandon Evans and Eric Johnson regarding cross-cloud integrations and the significance of good Identity and Access Management (IAM) hygiene. https://www.linkedin.com/posts/alex-sharpe-3rd_critical-vulnerability-in-microsoft-defender-activity-7219344492754018305-Af-i?utm_source=share&utm_medium=member_desktop ...
NSA Advancing Zero Trust Maturity Throughout the Automation ...

By: Michael Roza , 12 days ago

Hi All, The NSA just published Advancing Zero Trust Maturity Throughout the Automation and Orchestration Pillar. The security of government and industry information and services is predicated on timely responsiveness to cybersecurity threats. Automation ...
AuthID

By: Alex Sharpe , 27 days ago

Does anyone have experience working with AuthID? A colleague would like to know if it is a quality product with good customer support. https://authid.ai/ ------------------------------ Alex Sharpe Principal Sharpe42 [email protected] Co-Chair Philosophy ...

1 person likes this.
Sam Aiello- Shorter, More Effective Zero Trust Sur ...

By: Sam Aiello , one month ago

Hello All, Friends, colleagues, mentors, classmates, business associates, and security practitioners, I need your help! Many of you know that I'm rounding the home stretch of my Cybersecurity PhD program. I am conducting an opinion research survey ...

2 people like this.

Latest Shared Files

CSA ZT WG Presentation Recording 7/22/24: ZT Networking ...

By: Erik Johnson 4 days ago

Informational presentation to the CSA ZT workgroup by Phillip Griffiths from NetFoundry CSA ZT ...
CSA Zero Trust Research - 7/16 Full Working Group Meeting ...

By: Erik Johnson 10 days ago

CSA Zero Trust Research - 7/16 Full Working Group Meeting Recording CSA Zero Trust Research - 7/16 ...
NSA Advancing Zero Trust Maturity Throughout the Automation ...

By: Michael Roza 12 days ago

Announcements

Zero Trust Guidance for Critical Infrastructure - Public Peer Review

By: Erik Johnson Erik Johnson , one month ago

The draft Zero Trust Guidance for Critical Infrastructure: Applying Zero Trust to Operational Technology (OT) and Industrial Control System (ICS) Environments document has been formally published for public peer review until 7/11/24. Please review the text and add comments and suggestions as appropriate. We really appreciate inputs from industry SMEs. Please feel free to share this with others in your organization and professional circles.

CSA landing page: https://cloudsecurityalliance.org/artifacts/zero-trust-guidance-for-critical-infrastructure

Deck link: https://docs.google.com/presentation/d/1g7y128eETaaUC4Nsn1xh-q0yB5jNeZRkhtRl8-BOt90/edit#slide=id.g2297e5180c0_2_91

Zero Trust Guidance for Critical Infrastructure
Skyhawk AI-Driven Cloud Hyperscalar Security Presentation Recording Available

By: Erik Johnson Erik Johnson , 7 months ago
Informational presentation to the CSA ZT working group by Chen Burshan, Skyhawk CEO
Skyhawk Presentation Recording

The Skyhawk security solution leverages AI capabilities to help secure customer cloud implementations in the 3 main hyperscaler environments (AWS, Azure, GCP). They'll be presenting and demonstrating their capabilities to the CSA ZT and AI Technology and Risk working groups.

In the current, dynamically evolving and increasingly complex cloud security environment, it’s becoming more and more challenging to pinpoint and assess the risks associated with cloud incidents, especially when the sequences in question straddle the line between malicious and benign intentions. Skyhawk Security is pioneering a revolutionary AI driven approach to decipher this complexity.

Chen Burshan is a veteran cloud security expert and CEO of Skyhawk Security. He has led product and strategy teams for companies in the security space for more than ten years, most recently as EVP of Products at ActiveFence and VP of Strategy, GM and Site Manager at Dome9 (Acquired by Check Point). There he helped develop the company into a leader in CSPM (Cloud Security Posture Management). Chen was brought on to lead Skyhawk Security (a spinoff of Radware) to build the next generation of cloud security. His journey as a product leader and manager in technology companies began over 20 years ago, with roles at IBM, Cisco, Kashya, and Zerto.

Skyhawk Whitepapers and references:

https://skyhawk.security/wp-content/uploads/2023/06/Skyhawk-Security-Three-Common-Use-Cases-for-Cloud-Threat-Detection-1.pdf

https://skyhawk.security/news/continuous-proactive-protection-ai-based-autonomous-purple-team-a-paradigm-shift-cloud-security/

https://skyhawk.security/purple-team/

Blogs:

https://skyhawk.security/new-horizons-in-cloud-security-part-1/

https://skyhawk.security/new-horizons-in-cloud-security-part2/

Unknown unknowns blog: https://skyhawk.security/unleashing-the-power-of-multiple-ai-layers-for-detecting-unknown-cybersecurity-threats/

Why CNAPP/CSPM is not enough: https://skyhawk.security/5-reasons-why-cspm-tools-are-not-enough/

Machine learning: https://skyhawk.security/machine-learning-ml-cybersecurity-at-skyhawk-the-science-behind-our-security/

Models: https://skyhawk.security/pt2-science-behind-our-security-the-models/

References in the press:

Forbes: https://www.forbes.com/sites/waynerash/2023/12/01/skyhawk-launches-proactive-ai-based-cloud-security/?sh=2d3f0da34327

SiliconANGLE: Skyhawk’s new Continuous Proactive Protection uses AI as an autonomous purple team

MSSP Alert: Skyhawk Security Offers AI-Based Purple Teaming

SilverLinings: Skyhawk Security announces a paradigm shift in cloud security

VMblog: Skyhawk Security Announces a Paradigm Shift in Cloud Security, Introduces AI-based Autonomous Purple Team for Continuous Proactive Protection

The Cyberwire: Daily Brief - Products, Services, Solutions - Skyhawk Security Announces a Paradigm Shift in Cloud Security, Introduces AI-based Autonomous Purple Team for Continuous Proactive Protection
Skyhawk AI-Driven Cloud Hyperscalar Security Presentation Recording
[Now Available] CSA's Certificate of Competence in Zero Trust (CCZT)

By: Anna Schorr Anna Schorr , 8 months ago

📣 The wait is over – CSA's Certificate of Competence in Zero Trust (CCZT) is now available! 📣

As the industry's first authoritative and vendor-neutral Zero Trust training and certificate, the CCZT is vital for professionals seeking to advance in the ever-evolving world of cybersecurity. Developed by CSA, the trusted industry leader for cloud security certificates, the CCZT builds knowledge to drive the definition, implementation, and management of Zero Trust over time.

https://cloudsecurityalliance.org/education/cczt/

Upcoming Events

CSA Zero Trust Research - Full Working Group Monthly Meeting

Aug 20, 03:00:00 PM - 04:00:00 PM (ET)
CSA Zero Trust Research - Full Working Group Monthly Meeting

Sep 17, 03:00:00 PM - 04:00:00 PM (ET)
CSA Zero Trust Research - Full Working Group Monthly Meeting

Oct 15, 03:00:00 PM - 04:00:00 PM (ET)

Current Members

1335 Members

community Admin

community Leadership

community Leadership

Christopher Steffen

community Leadership

Nandkishor 10/08/1990

Shaheen Abdul Jabbar

Eric Abdullateef

Mohamed Abubakkar Siddiqu

Samuel Addington

Abdulhamid Adebayo

Ajayi Adesola Grace

Gaurav Aggarwal

Gaurav AGGARWAL

«
1
2
3
4
5
...
»

Powered by Higher Logic