Cloud Security Alliance and Whistic Partner to Advance Secure and Responsible Development of Artificial Intelligence (AI) Technologies

Organizations collaborate on mutual goal of evaluating risks and defining controls related to Generative Artificial Intelligence

The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, and Whistic, the leading AI-first modern platform for comprehensive third-party risk management, today announced a strategic partnership to further the responsible and secure development, use, and management of artificial intelligence (AI) technologies. A key element of the partnership will be Whistic’s participation and support of the CSA AI Safety Initiative, with a specific focus on the development of an AI-extension to STAR certification and the Compliance Automation Revolution (CAR), which will be unveiled later this month.

“The use of artificial intelligence has already become ubiquitous in cloud and SaaS provider offerings. Simultaneously, other business types are leveraging it as a tool to make their daily operations more efficient while looking for ways to incorporate it into their products and services. Given AI’s widespread use, it’s critical that enterprises leveraging this transformative technology are able to provide evidence that their solutions and services can be trusted,” said Jim Reavis, co-founder and CEO, Cloud Security Alliance. “We’re extremely pleased to partner with Whistic in furthering a responsible AI future.”

As part of the agreement, CSA members will be eligible for a 3-month free Whistic trial, which will allow them to leverage Whistic AI to measure vendors’ security documentation against CSA’s Consensus Assessment Initiative Questionnaire (CAIQ) and CAIQ-Lite frameworks. Participating CSA members will also have access to the Whistic Trust Catalog, which will enable them to quickly assess a company’s posture. The Trust Catalog features thousands of profiles containing vendor security and compliance documentation, including over 3,500 profiles with CAIQ and CAIQ-Lite.

Additionally, both CSA members who have completed CAIQ or CAIQ-Lite profiles and non-member enterprises on CSA’s Security, Trust, Assurance, and Risk Registry can add their documentation to a Whistic Trust Center and use Whistic AI to automatically respond to ad-hoc security questionnaires.

“Whistic has prioritized the safety, transparency, and accountability of our own AI-powered, third-party risk management solution, and we're excited to be working with CSA to further these same principles throughout the industry. Together, we can help develop standards and best practices that drive behaviors and ensure a responsible AI future for all of us," said Whistic CEO Nick Sorensen.

Those interested in learning more about how AI-powered tools are revolutionizing third-party risk management (TPRM) are encouraged to register for the January 28 webinar Transform Vendor Assessments and Security Compliance with AI. Over the course of the session, Whistic CEO Nick Sorensen and CSA Chief Technology Officer Daniele Catteddu will explore the game-changing features AI has enabled in TPRM, including automated security documentation analysis, instant compliance checks, and AI-driven questionnaire responses. Attendees will gain meaningful insights into simplifying vendor assessments, securing documentation, and leveraging a Whistic Trust Center to enhance transparency. CSA Corporate and Enterprise members will also gain access to a free 3-month trial of Whistic’s AI-powered assessment tools and lifetime access to the Trust Center.

Register for this webinar today or visit the AI Safety Initiative to learn more and get involved. Be among the first to learn about the Compliance Automation Revolution by registering for CSA’s Virtual AI Summit on January 29.

To take advantage of this offer, CSA members should log into their accounts via the CSA membership portal; STAR registrants will be contacted directly with information on how they can access the free trial.

About Whistic

Whistic, the leading AI-first third-party risk management platform, automates the vendor assessment process and eliminates the slow, manual steps of a legacy approach. Trusted by the world’s largest enterprises, Whistic modernizes TPRM at every step with easy-to-use workflows, on-demand vendor insights, and continuous risk monitoring — in a fraction of the time. Manage risks, not questionnaires with Whistic. Learn more at www.whistic.com

About Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA's activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250120032846/en/