Cloud Security Alliance brings AI-assisted auditing to cloud computing

    June 11, 2025
    Free to CSA members, Valid-AI-ted leverages AI-driven evaluation and automatically grades cloud providers’ STAR Level 1 self-assessments.
    Related To:
    6849d0c7b58d6fe79b2c01d6 Cloudsecuirtyalliance

    The Cloud Security Alliance (CSA) today introduced an innovative addition to its suite of Security, Trust, Assurance, and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology.

    "Our focus on security-conscious innovation led to the creation of Valid-AI-ted and will continue to see us deliver forward-looking initiatives that will push the boundaries of secure, AI-driven technology," said Jim Reavis, CEO and co-founder, Cloud Security Alliance.

    Free to CSA members, Valid-AI-ted leverages AI-driven evaluation and automatically grades cloud providers’ STAR Level 1 self-assessments, generating a detailed report with graded scores per question and domain, shared privately with the submitter. CSA members will be able to submit an unlimited number of times, while non-member providers can remediate and resubmit up to 10 times. Upon passing, they earn a distinctive STAR Level 1 Valid-AI-ted badge that can be displayed on both the CSA STAR Registry and their own platforms.

    Valid-AI-ted provides:

    • Qualitative, best practices analysis. Valid-AI-ted enforces a standardized scoring model based upon proven implementation guidance from the Cloud Controls Matrix (CCM).

    • More actionable insights. Regardless of whether they pass or fail, organizations receive granular feedback per control, highlighting areas for improvement.

    • Heightened recognition in the STAR Registry. Organizations with the STAR Level 1 Valid-AI-ted badge stand out to customers, partners, and regulators as having gone beyond checkbox compliance.

    • Easier access to continuous improvement. The ability to revise and resubmit is ideal for maturing organizations and provides an improved path towards STAR Level 2 third-party assessment solutions.

    The CSA STAR Registry is a publicly accessible registry that documents the security and privacy controls provided by popular cloud computing offerings. STAR encompasses the key principles of transparency, rigorous auditing, and harmonization of standards outlined in the CCM. Publishing to the registry allows organizations to show current and potential customers their security and compliance posture, including the regulations, standards, and frameworks they adhere to.

    Normally $595 for non-members, attendees of CSA’s Cloud Trust Summit will receive a code following the event that will allow them to take advantage of a $200 discount through the end of June. Learn more about earning a Valid-AI-ted badge.

    Solution providers interested in integrating Valid-AI-ted scoring into their own GRC products and services can obtain access to the Valid-AI-ted scoring rubric and prompts by obtaining a CCM license.

    The Cloud Security Alliance's new Compliance Automation Revolution (CAR) aims to help organizations keep pace with evolving regulations by shifting toward scalable, automated compliance strategies.
    Cloud Security Alliance releases latest State of Saas Security Report