github/oneuptime
1
1
Fork 0
mirror of https://github.com/OneUptime/oneuptime.git synced 2026-04-06 00:32:12 +02:00
Code Issues 193 Packages Projects Releases Wiki Activity
Files
release
oneuptime/Home/Views/csa-star.ejs

68 lines
3.5 KiB
Plaintext
Raw Permalink Blame History

<header id="pagmt">
<h1>CSA STAR</h1>
<p>Cloud Security Alliance Security, Trust, Assurance, and Risk</p>
</header>
<section>
<h3>Introduction</h3>
<p>CSA STAR (Security, Trust, Assurance, and Risk) is the cloud industry's most powerful programme for security
assurance. Published by the Cloud Security Alliance (CSA), it encompasses key principles of transparency,
rigorous auditing, and harmonisation of standards. CSA STAR certification provides a framework for cloud
service providers to demonstrate their security posture to customers and stakeholders.
<br /><br />
<a href="https://cloudsecurityalliance.org/star">Learn more about CSA STAR.</a>
</p>
<h3>OneUptime's CSA STAR Certification</h3>
<p>OneUptime is CSA STAR certified, providing independent third-party validation of our cloud security controls.
This certification demonstrates that OneUptime has undergone rigorous assessment against the Cloud Controls
Matrix (CCM) and meets the highest standards for cloud security.</p>
<h3>Cloud Controls Matrix (CCM)</h3>
<p>OneUptime's CSA STAR certification covers the following CCM domains:</p>
<ul>
<li><strong>Application and Interface Security:</strong> Secure application design, development, and
deployment practices.</li>
<li><strong>Audit Assurance and Compliance:</strong> Regular audits and compliance monitoring across
all applicable frameworks.</li>
<li><strong>Business Continuity and Operational Resilience:</strong> Comprehensive disaster recovery
and business continuity planning.</li>
<li><strong>Change Control and Configuration Management:</strong> Controlled change processes with
documented approval workflows.</li>
<li><strong>Data Security and Privacy:</strong> Protection of customer data throughout its lifecycle,
including classification, handling, and disposal.</li>
<li><strong>Encryption and Key Management:</strong> Industry-standard encryption with secure key
management practices.</li>
<li><strong>Identity and Access Management:</strong> Robust authentication and authorisation controls
with least-privilege principles.</li>
<li><strong>Infrastructure and Virtualisation Security:</strong> Hardened infrastructure with network
segmentation and monitoring.</li>
<li><strong>Logging and Monitoring:</strong> Comprehensive logging with real-time monitoring and
alerting capabilities.</li>
<li><strong>Supply Chain Management:</strong> Vendor assessment and management procedures ensuring
security throughout the supply chain.</li>
<li><strong>Threat and Vulnerability Management:</strong> Proactive vulnerability scanning, penetration
testing, and threat intelligence integration.</li>
</ul>
<h3>Transparency</h3>
<p>As part of our CSA STAR certification, OneUptime publishes our Consensus Assessments Initiative Questionnaire
(CAIQ) responses, providing transparent insight into our security controls and practices. This enables
customers to evaluate our security posture efficiently as part of their vendor assessment processes.</p>
<h3>Request Certification Documentation</h3>
<p>For CSA STAR certification documentation or to request our CAIQ responses, please contact us at
<a href="mailto:compliance@oneuptime.com">compliance@oneuptime.com</a>.</p>
</section>
Reference in New Issue View Git Blame Copy Permalink