fwd:cloudsec 2020

Videos from fwd:cloudsec 2020 are on YouTube: playlist here

Speaker info from 2020 is here.

Intro

fwd:cloudsec is a new, non-profit, conference on cloud security. At this conference you can expect discussions about all the major cloud platforms, both attack and defense research, limitations of security features, the pros and cons of different security strategies, and generally the types of things cloud practitioners want to know, but that don't fit neatly into a vendor conference schedule.

When: Monday, June 29, 2020
Where: Virtual, and free (no registration needed).

Schedule

The conference will be held remotely on June 29, 2020. All times are in EDT (New York time).

MORNING SESSION / BUILDER

10:00-10:15 EDT (New York time) Kickoff / Welcome
10:15-11:00 What I wished someone told me before going multi-account by Brandon Sherman
11:00-11:30 Limiting Blast Radius by Automating IAM Policies using Policy Sentry by Kinnaird McQuade
11:30-12:00 Janus: A Multi-Party Authorization Framework for Accessing Critical Cloud Resources by Abhinav Srivastava
12:00-12:30 Security Onion Approach Towards IAM Roles by Narayan Gowraj
12:30-1:00 Building Cloud Security Automation at Scale by Rich Mogull

POST-LUNCH SESSION / ATTACK & DEFEND

1:30-2:00 The Usual Suspects: A Look at Threat Actors Targeting the Cloud and their Battle for Superiority by James Condon
2:00-2:30 All Your Trust Are Belong to Us by Kesten Broughton
2:30-3:00 Automating disk and memory evidence collection in AWS by Ryan Tick and Vaishnav Murthy
3:00-3:30 Automating Attack Simulation in the Cloud by Nick Jones
3:30-4:00 GCP Primitive Roles, An indictment by Kat Traxler

EVENING SESSION / MULTI-CLOUD AND GOVERNANCE

4:30-5:00 It’s Time to Rethink the Shared Security Responsibility Model by Matthew Fuller
5:00-5:30 Centralizing Identity across AWS, Azure and GCP by Paul Schwarzenberger
5:30-6:00 Kubernetes from an Attacker's Perspective by Abhisek Datta
6:00-6:30 Winning in the Dark: Defending Serverless Infrastructure by Eric Johnson
6:30-7:00 Creating the AWS Account Controller — "Your rules don't apply to me" by Ian Mckay

Sponsors

Platinum

Delve Risk

Turbot

Flatiron

Gold

Sonrai

Bridge Crew

Silver

Lacework

DivvyCloud

Contact

Questions? Have a unique skill you think would help in putting on the conference? Email us at fwdcloudsec@gmail.com .

This conference is being organized by:

Scott Piper
Joel Thompson
Aaron Zollman
Anna McAbee
Jerin Saji
Andres Riancho

With additional CFP review help by:

Kat Sweet
Chris Farris

Follow us on twitter at fwdcloudsec