Sep 17, 2021
PhishingBox is proud to be one of the first companies to adopt version 4 of the Cloud Controls Matrix (CCM) from the Cloud Security Alliance (CSA). The Cloud Controls Matrix is a cybersecurity framework for documenting security controls in cloud computing environments.
The CCM framework comprises 197 control objectives across 17 domains that cover all critical aspects of cloud technology. "Using the framework established by the Cloud Security Alliance to document our control environment simplifies our client's vendor due diligence," says PhishingBox founder Brad Fenster. The CSA Cloud Control Matrix is a widely recognized standard for establishing controls.
The PhishingBox control matrix for our Security Awareness Training platform is available here.
In addition, to the CSA control matrix, PhishingBox provides additional information to document our control environment. We provide this information in our 'Trust Center' of our website, which also covers PhishingBox's Security Awareness Training platform and related software solutions.
Explore the latest phishing threats, including MFA bypass kits, fake CAPTCHA malware, and AI-driven scams, and how organizations can reduce social engineering risk.
Social engineering is accelerating in 2026, with attackers shifting from malware to manipulating people through voice calls, phishing emails, and AI-powered deception. From enterprise vishing campaigns stealing SSO and MFA credentials to global cyberespionage operations and large-scale breaches triggered by a single employee interaction, trust exploitation remains the primary entry point. As emerging economies and cloud-driven organizations expand their digital footprint, identity deception, impersonation, and voice-based attacks are becoming dominant threats—proving that the human element is still the most targeted vulnerability in cybersecurity.
Deep dive into password manager phishing campaigns targeting LastPass, 1Password, and Bitwarden, including MFA bypass tactics and modern mitigation strategies.
