Call For Participation (CFP)

The CFP is now closed
This page is left as an archive.

  • Please read the below and submit your talk proposals here. You will have to register separately on the Conference Management site.
  • The CFP closes on May 31, 2020.

Who should submit

We're looking for talks from any practitioner who is responsible for securing a cloud service.

The definition of "practitioner" here is deliberately vague. We're particularly interested in points of view that don't fit obviously into a larger conference.

Practitioner talks might include:

In particular, this year the following topics are expected to be particularly interesting:

What not to submit

All experience levels are welcome, but fwd:cloudsec attendees will typically have some hands-on experience with cloud engineering. Introductory-level talks on broadly-deployed technologies, vendor presentations, or purely theoretical architecture talks are not likely to be accepted.

As a smaller conference, we're particularly looking for talks that spark discussion, challenges and hallways exchanges — not just lectures expected to be taken as gospel.

How to submit

Most talks are expected to be 20-minute lightning talks on a single topic. There are a limited number of 40-minute slots available, so when proposing a 40-minute talk, please be sure to include an agenda that explains how you will use the additional time.

Submissions must include:

Submit proposals here You will have to register separately on the Conference Management site.


We especially encourage first-time speakers, women and members of other groups less represented at security conferences to present at fwd:cloudsec.

Vulnerability disclosure

If the submission describes, or otherwise takes advantage of, newly identified vulnerabilities, the authors should disclose these vulnerabilities to the vendors/maintainers of affected software or hardware systems prior to the CFP deadline.

When disclosure is necessary, authors should include a statement within their submission and/or final paper about steps taken to fulfill the goal of disclosure. All major cloud providers have published disclosure addresses, including AWS (link, email), Azure (link, email), Google GCP (link), and Oracle OCI (link, email).