Checkmarx announced a new generation in software supply chain security with its Secrets Detection and Repository Health solutions to minimize application risk.
MacStadium announced that it has obtained Cloud Security Alliance (CSA) Security, Trust & Assurance Registry (STAR) Level 1, meaning that MacStadium has publicly documented its compliance with CSA’s Cloud Controls Matrix (CCM), and that it joined the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.
CSA STAR Level 1 (self-assessment) documents the security controls provided by various cloud computing offerings, helping users assess the security of the cloud providers they currently use or are considering using. In order to achieve CSA STAR Level 1, cloud providers must submit the Consensus Assessments Initiative Questionnaire (CAIQ) to document compliance with the CCM.
“Securing the STAR Level 1 Certification from the Cloud Security Alliance is a testament to our unwavering dedication to trust as we navigate the evolving landscape of digital security,” said Ken Tacelli, MacStadium CEO. “As Mac cloud usage continues to grow among businesses, mitigating security challenges are at the forefront of our solutions. We look forward to contributing to the CSA community in helping to ensure a secure cloud computing environment.”
CSA STAR is a free, publicly accessible registry that documents the security and privacy controls provided by popular cloud computing offerings. It encompasses the key principles of transparency, rigorous auditing, and harmonization of standards outlined in CCM and allows organizations to show current and potential customers their security and compliance posture, including the regulations, standards, and frameworks to which they adhere. Developed to ensure cloud service providers are better able to maintain data confidentiality, integrity, and availability, CSA STAR is the industry’s most powerful program for security assurance in the cloud.
Participation in the STAR program provides multiple benefits, including indications of best practices and validation of security posture of cloud offerings. It consists of two levels of assurance (self-assessment and third-party certification), based upon:
■ The CSA Cloud Controls Matrix (CCM) v4, a cybersecurity control framework for cloud computing. It is composed of 197 control objectives that are structured in 17 domains covering all key aspects of cloud technology. It can be used as a tool for the systematic assessment of a cloud implementation, and provides guidance on which security controls should be implemented by which actor within the cloud supply chain. The controls framework is aligned to the CSA Security Guidance for Cloud Computing, and is considered a de-facto standard for cloud security assurance and compliance.
■ General Data Protection Regulation (GDPR) Compliance with the EU Cloud Code of Conduct (CoC).
MacStadium is an industry leading private Mac cloud provider tailored exclusively for macOS environments. With a focus on innovation, scalability and security, MacStadium offers a range of solutions designed to empower organizations and developers leveraging Apple hardware and software. It provides a unique perspective to the Cloud Security Alliance particularly as it relates to cloud infrastructure within the Apple ecosystem. By joining the CSA, MacStadium contributes to the collective effort of enhancing cloud security standards and best practices.
“MacStadium’s commitment to cloud security underscores their pivotal role in safeguarding digital assets,” said CSA CEO Jim Reavis. “As they join the Cloud Security Alliance, their expertise aligns with our mission to advance secure cloud computing.”
Industry News
SmartBear has appointed Dan Faulkner, the company’s Chief Product Officer, as Chief Executive Officer.
Horizon3.ai announced the release of NodeZero™ Kubernetes Pentesting, a new capability available to all NodeZero users.
Veracode acquired certain assets of Phylum, including its malicious package analysis, detection, and mitigation technology.
AppViewX announced the completion of its acquisition by Haveli Investments.
Check Point® Software Technologies Ltd. has been recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for Email Security Platforms (ESP).
Progress announced its partnership with the American Institute of CPAs (AICPA), the world’s largest member association representing the CPA profession.
Kurrent announced $12 million in funding, its rebrand from Event Store and the official launch of Kurrent Enterprise Edition, now commercially available.
Blitzy announced the launch of the Blitzy Platform, a category-defining agentic platform that accelerates software development for enterprises by autonomously batch building up to 80% of software applications.
Sonata Software launched IntellQA, a Harmoni.AI powered testing automation and acceleration platform designed to transform software delivery for global enterprises.
Sonar signed a definitive agreement to acquire Tidelift, a provider of software supply chain security solutions that help organizations manage the risk of open source software.
Kindo formally launched its channel partner program.
Red Hat announced the latest release of Red Hat Enterprise Linux AI (RHEL AI), Red Hat’s foundation model platform for more seamlessly developing, testing and running generative artificial intelligence (gen AI) models for enterprise applications.
Fastly announced the general availability of Fastly AI Accelerator.