SAFECode and the Cloud Security Alliance (CSA) Release Guidance for the Secure Development of Cloud Applications
SAFECode and CSA partnered to determine whether additional software security guidance was needed to address unique threats to the cloud computing, and if so, to identify specific security practices in the context of identified threats. This report represents the product of that collaboration and is intended to help readers better understand and implement best practices for secure cloud software development.


http://safecode.org/wp-content/uploads/2018/01/SAFECode_CSA_Cloud_Final1213.pdf