The Cloud Security Alliance, a non-profit organization, named CloudAudit an official project of the CSA, with the joint mission of promoting best practices for providing security assurance within cloud computing.
CloudAudit is a volunteer, cross-industry effort from top professionals with cloud, networking, security, audit, assurance and architecture backgrounds. And the joint effort will enable automation and integration of CSA research into technology solutions.
The goal is to provide a common interface that allows cloud providers to automate the Audit, Assertion, Assessment, and Assurance (A6) of their environments and allow authorized consumers to do likewise via an open, extensible and secure set of interfaces.
“We are excited to welcome CloudAudit to the Cloud Security Alliance, and believe that through our joint collaboration, cloud providers will be able to deliver greater transparency and security in their offerings,” said Jim Reavis, founder of the Cloud Security Alliance. “Beyond our mutual goal of helping providers better secure the cloud, we have several projects that are very well aligned with CloudAudit. These include the recently announced CSA Controls Matrix, which provides fundamental security principles to guide cloud vendors and potential customers in assessing overall security risk of cloud providers, and the Consensus Assessment Initiative, which was launched to provide research and tools to enable cloud computing assessments.”
“CloudAudit and the CSA have been well aligned since our conception,” said Christofer Hoff, founder of CloudAudit. “Much of CloudAudit’s work is derived from CSA guidance. For example, CloudAudit’s namespaces and Compliance Packs are all derived from the CSA’s Cloud Control Matrix. By becoming a part of the CSA, we look forward to greater exposure and resources to further drive our mission of enabling an automated risk assessment and audit of cloud-based environments.”