Summary
CSA STAR provides a clear, structured, and cloud-focused path for organizations to demonstrate their security and compliance posture, fostering trust and transparency in the cloud ecosystem. It offers a tiered approach (Levels 1-3) to demonstrate security posture, built upon the Cloud Controls Matrix (CCM).
Compliance involves self-assessment (Level 1), third-party audit (Level 2, either certification or attestation), and continuous monitoring (Level 3), providing increasing levels of assurance to customers regarding data security and privacy in the cloud.
Achieving CSA STAR compliance can help cloud service providers build trust with their customers and demonstrate their commitment to security best practices in the cloud.
Products in Scope
- Red Hat OpenShift Dedicated
- Red Hat OpenShift Service on AWS
- Red Hat OpenShift API Management
- Red Hat Ansible Automation Platform Service on AWS
Additional Resources
By visiting the official Cloud Security Alliance website and navigating to the STAR Program section, you will find the most accurate and up-to-date information and resources regarding CSA STAR compliance: https://cloudsecurityalliance.org/star and https://cloudsecurityalliance.org/artifacts/star-program-overview
Red Hat achieves major security and compliance milestones with new certifications
Meta Data
Products
