Summary
CSA STAR provides a clear, structured, and cloud-focused path for organizations to demonstrate their security and compliance posture, fostering trust and transparency in the cloud ecosystem. It offers a tiered approach (Levels 1-3) to demonstrate security posture, built upon the Cloud Controls Matrix (CCM).
Compliance involves self-assessment (Level 1), third-party audit (Level 2, either certification or attestation), and continuous monitoring (Level 3), providing increasing levels of assurance to customers regarding data security and privacy in the cloud.
Red Hat has third party attestations for the following products:
- Red Hat OpenShift Dedicated (OSD) on Amazon Web Services
- Red Hat OpenShift Dedicated (OSD) on Google Cloud Platform
- Red Hat OpenShift Service on Amazon Web Services (ROSA) classic architecture
- Red Hat OpenShift Service on Amazon Web Services (ROSA) with Hosted Control Planes (HCP)
- Red Hat OpenShift API Manager (RHOAM)
- Red Hat OpenShift Data Foundation (RHODF)
Additional Resources
By visiting the official Cloud Security Alliance website and navigating to the STAR Program section, you will find the most accurate and up-to-date information and resources regarding CSA STAR compliance: https://cloudsecurityalliance.org/star and https://cloudsecurityalliance.org/artifacts/star-program-overview
Red Hat achieves major security and compliance milestones with new certifications
Meta Data
Products
