CSA — Cloud Security Alliance

CSA (Cloud Security Alliance) is an industry-led, nonprofit organization producing best practices for cloud and AI security. In AI, CSA publishes the Agentic Trust Framework (ATF) and previously published MAESTRO, an AI threat modeling framework for agentic systems.

Q1 2026 Activity

CSA Agentic Trust Framework (February 2, 2026) — five progressive autonomy promotion gates for Zero Trust governance of AI agents
CSAI Foundation (March 23, 2026) — new 501(c)(3) spun from CSA with six strategic programs:
- AI Risk Observatory
- “Valid-AI-ted” AI-driven audit engine
- AI Controls Matrix expansion (adding ISO 42001, ISO 27001, and SOC 2 mappings)
- Three additional programs

AI Controls Matrix

CSA’s AI Controls Matrix expansion is significant: by adding ISO 42001, ISO 27001, and SOC 2 mappings to AI-specific controls, it could provide the first unified compliance mapping across multiple standards — a gap identified in every prior analysis. This remains a roadmap item (not yet delivered as of April 2026).

Enterprise Security in the Agentic AI Era

Explorer

CSA — Cloud Security Alliance

CSA — Cloud Security Alliance

Q1 2026 Activity

AI Controls Matrix

See Also

Graph View

Table of Contents

Backlinks