Cloud Security Alliance

Logic-Layer Prompt Control Injection (LPCI): A Novel Security Vulnerability Class in Agentic Systems

Explores LPCI, a new security vulnerability in agentic AI, its lifecycle, attack methods, and proposed defenses.
Cloud Security Alliance

Leveling Up Autonomy in Agentic AI

Explores a six-level autonomy taxonomy for agentic AI, governance, and risk-aligned controls to safely deploy autonomous ...
Cloud Security Alliance

The Agentic Trust Framework: Zero Trust Governance for AI Agents

Overview of the Agentic Trust Framework (ATF), an open governance spec applying Zero Trust to autonomous AI agents, with ...
Cloud Security Alliance

AI Governance Framework Adoption in Cloud-Native AI Systems: Phased Approach and Considerations

A phased guide to AI governance in cloud-native systems, aligning ISO 42001:2023 and NIST AI-RMF with lifecycle controls, ...
Cloud Security Alliance

Bridging the Gap Between Cloud Security Controls and Adversary Behaviors: A CSA–MITRE CTID Collaboration

As the cloud threat landscape evolves, so too must the methodologies we use to defend against it. By bridging the gap between ...
Cloud Security Alliance

Resolving The Coordination Gap in Modern Cloud Security

Explores how continuous monitoring and structured check-ins close the coordination gap in cloud security, boosting ...
Cloud Security Alliance

Zero Trust in the Cloud: Designing Security Assurance at the Control Plane

Written by Moses Ashang, Senior Cloud Engineer, Verint. The way cloud systems are designed has quietly changed. What we used to view as a collection of servers and networks is now shaped by decisions ...
Cloud Security Alliance

Why SaaS and AI Security Will Look Very Different in 2026

AI adoption accelerated rapidly in 2025, but not in the way many security teams expected. Most third-party AI tools entered organizations the same way SaaS always has, through browser-based apps, ...