Notes from some of the sessions I like watching:

  • 09:00–09:15 Introduction
    Karim El-Melhaoui & Chris Farris

  • 09:20–10:05 How to 10x Your Cloud Security (Without the series D)
    Rami McCarthy
  • 10:10–10:35 Cloud-Conscious Tactics, Techniques and Procedures (TTPs) - An Overview
    Sebastian Walla
  • 10:55–11:20 Hidden in Plain Sight: (Ab)using Entra’s Aus
    Katie Knowles
  • 11:25–11:50 Service Agents and the Search for Transitive Access in GCP
    Kat Traxler
  • 11:55–12:20 Doing Bad Things for the Right Reason: A look at the AWS vulnerability disclosure and remediation process
    Ryan Nolette
  • 13:30–13:55 Staying Sneaky in Microsoft Azure
    Christian Philipov
  • 14:00–14:25 Kubernetes Audit Log Gotchas
    Shay Berkovich
  • 14:45–15:10 Who Watches the Watchman? Stealing Credentials from Policy-as-Code Engines
    Shelly Raban
  • 15:15–15:40 Hidden Among the Clouds: A Look at Undocumented AWS APIs
    Nick Frichette
  • 16:00–16:25 GCP and AWS Identify Federation - Lessons Learned from the Field as well as Cross-Cloud Forensics and Incident Response
    Marcus Hallberg & Attila Dulovics
  • 16:30–16:55 Build Your Own CloudTrail
    Chris Norman