Notes from some of the sessions I like watching:
-
09:00–09:15 Introduction
Karim El-Melhaoui & Chris Farris - 09:20–10:05 How to 10x Your Cloud Security (Without the series D)
Rami McCarthy - 10:10–10:35 Cloud-Conscious Tactics, Techniques and Procedures (TTPs) - An Overview
Sebastian Walla - 10:55–11:20 Hidden in Plain Sight: (Ab)using Entra’s Aus
Katie Knowles - 11:25–11:50 Service Agents and the Search for Transitive Access in GCP
Kat Traxler - 11:55–12:20 Doing Bad Things for the Right Reason: A look at the AWS vulnerability disclosure and remediation process
Ryan Nolette - 13:30–13:55 Staying Sneaky in Microsoft Azure
Christian Philipov - 14:00–14:25 Kubernetes Audit Log Gotchas
Shay Berkovich - 14:45–15:10 Who Watches the Watchman? Stealing Credentials from Policy-as-Code Engines
Shelly Raban - 15:15–15:40 Hidden Among the Clouds: A Look at Undocumented AWS APIs
Nick Frichette - 16:00–16:25 GCP and AWS Identify Federation - Lessons Learned from the Field as well as Cross-Cloud Forensics and Incident Response
Marcus Hallberg & Attila Dulovics - 16:30–16:55 Build Your Own CloudTrail
Chris Norman