Cloud Security Alliance

Beyond Workday: Why Socially Engineered SaaS Breaches Are Spreading

Explores how attackers use social engineering to breach SaaS platforms, the rise of identity-based ITDR, and lessons for cloud security.
Cloud Security Alliance

Micro-Segment the Metal: A Zero Trust Field Guide for Physical Hosts

A field guide for applying Zero Trust to bare metal: identity, attestation, and evidence-driven controls at the host edge.
Cloud Security AllianceOpinion

The Ghost in the Machine is a Compulsive Liar

Explores why AI hallucinations occur like dreams and how to tame them with policy, data integrity, and retrieval-augmented ...
Cloud Security Alliance

How to Build AI Prompt Guardrails: An In-Depth Guide for Securing Enterprise GenAI

A practical guide to building AI prompt guardrails, with DLP, data labeling, online tokenization, and governance for secure ...
Cloud Security Alliance

Why Your Copilot Needs a Security Co-Pilot: Enhancing GenAI with Deterministic Fixes

How teams blend generative AI with deterministic security for infrastructure to reduce misconfigurations and improve ...
Cloud Security Alliance

RansomHub Is Gone—But Their ESXi Ransomware Tactics Still Threaten Virtual Infrastructure

Examines RansomHub's ESXi ransomware pivot, its disappearance, DragonForce's rise, and what virtualization security means for defenders.
Cloud Security Alliance

Microsoft Entra ID Vulnerability: The Discovery That Shook Identity Security

In July 2025, the cybersecurity world was rocked by security researcher Dirk-jan Mollema’s unveiling of a catastrophic vulnerability within Microsoft Entra ID. This was no ordinary flaw; it was a ...