View Only

Publications In Development

The Six Pillars of DevSecOps: Training and Process Integration

The Six Pillars of DevSecOps: Pragmatic Implementation

The Six Pillars of DevSecOps: Measure, Monitor, Report & Action

Peer Review / Design


Working Group Leadership

CSA Support

• Josh Buker - [email protected]


• Chris Kirschke

• Sam Sehgal

• Kapil Bareja

Latest Discussion Posts

  • Dear Colleagues, Reference in the healthcare industry: The HIPAA Privacy Rule Office for Civil Rights, U.S. Department of Health & Human Services Health Privacy Federal Trade Commission ...

    1 person likes this.
  • Hi All, NIST/NCCoE has just published the final project description, Software Supply Chain and DevOps Security Practices: Implementing a Risk-Based Approach to DevSecOps. The publication of this project description continues the process of further identifying ...

  • The Privacy by Design Subgroup meets today at Noon PST! (2 hours from the time of posting) Join us using: This whitepaper initiative is still in the early stages, so please join in even if it's your ...

    2 people like this.
  • Hi folks, The CSA DevSecOps working group meets tomorrow (Nov 3) at 8am PDT ! We have several initiatives in progress, for which we'll share some quick updates. This meeting is also an excellent opportunity to ask DevSecOps-related questions and get ...

    1 person likes this.
  • The Cloud Security Alliance is looking for a new co-chair for the Cloud Key Management working group. The main purpose of the Cloud Key Management Working Group is to educate and guide the use of traditional and cloud key management systems with ...

    1 person likes this.
Current Members