fwd:cloudsec North America 2026

Call for Participation (CFP)

Belly of the beast

Hybrids, phantoms and other cloud legends

What was once a bucolic server farm evolved into a three-headed monstrosity (not you, Oracle) and now a dark forest of patchwork services from the giant hyperscalers, the rebel OSS developers, growing overseas powers and upstart neoclouds. Our 2026 hero’s journey sees us venture into the belly of the beast: mere miles from Microsoft’s and Amazon’s headquarters, surrounded by practitioners wrestling with the latest in cloud infrastructure, AI, and product demands.

Help guide us through the labyrinth. We’re looking for the cartographers; the demon hunters; crafters and wielders of legendary tools like Aegis and Ashbringer.

Let’s sit around the campfire as independent cloud security practitioners who’ve gone into the wilds and - if we can’t say we emerged unscathed or even victorious - at least we emerged with epic tales to tell of the hideous beasts we encountered.

Who should submit

As an independent conference specifically focused on the needs of the cloud practitioner community, we’re particularly interested in hearing things that wouldn’t make the stage at another cloud or security conference.

We especially want to hear from practitioners directly — those responsible for building and maintaining secure cloud services. The definition of “practitioner” here is deliberately broad – and definitely encompasses more than just “engineer”.

We know presenting is intimidating, and while we’re proud that cutting-edge researchers and founders want to speak at fwd:cloudsec, the heart of our community is bringing together speakers of different backgrounds and experience levels. We reserve time during reviews to provide feedback, develop and support emerging work - even if that means helping people go to bat with their own PR teams to make sure interesting lessons see the light of day. If you’re concerned that your employer may not support your submission, reach out to us!

From the beginning, fwd:cloudsec has always prioritized being accessible to as many members of our community as possible, especially those who are presenting at our conference. Continuing our commitment, and thanks to our generous sponsors, this year we’re offering honoraria alongside hotel rooms and/or reimbursements for speakers who don’t have an employer paying for their conference expenses. We have always believed it’s critical that all who contribute to fwd:cloudsec in this way are able to do so regardless of ability to pay, and this is an important way we’re enabling this.

For more information on speaker compensation and early-speaker support, see below.

Conference format

We keep fwd:cloudsec small and approachable to encourage attendees to interact in real-time. All talks will be presented live in Bellevue. We’re looking for talks that inspire others to ask questions and build together. As in previous years, we will be live-streaming the sessions and hosts will be soliciting questions from the in-person audience, Cloud Security Forum Slack and social media in real-time.

Each year we ask participants to reflect on themes we think are most impactful to our work as independent cloud security practitioners. Talks addressing these themes are more likely to be selected.

The Siren’s Song: Emerging Tech & The Human Element

The song of the Siren is alluring, promising new capabilities and unprecedented speed, but hidden rocks & sunken vessels wait for the captain who doesn’t navigate with care. In 2026, the Siren has a new voice: the hum of agentic swarms and the glow of the neocloud. As organizations rush to adopt the latest “shiny objects” in the cloud ecosystem, we are looking for the navigators who ensure the ship doesn’t crash into the rocks of unmanaged complexity and misplaced identity. We want to hear how you’re incorporating security into AI platforms and the infrastructure that powers it. How are you validating the authenticity/identity when actions are more-commonly non-human? When the allure of “agentic coding” pulls your organization in, does it shatter your centralized governance model or force a new kind of model? We are looking for stories of practitioners who have ventured into the Abyssal Control Plane, where reality is easily spoofed and the “Who” behind an action is increasingly synthetic, and returned with maps of this new frontier.

Great topics

navigating the blurring lines between human and machine identities in IaaS/PaaS
securing agent swarm compute clouds
governing Model Context Protocol (MCP) for production teams
the security implications of high-velocity orchestrators
mapping traditional security patterns to emerging Neoclouds and AI infrastructure.

The Griffin’s Guard: Defensive Architecture & Governance

The Griffin is the fierce, vigilant guardian of the crown jewels. This track is for the architects of the secure castle walls and the policies that define the territory. We want to hear a systems perspective: how you are architecting defensible environments and managing the complexity of identity at scale. How do you implement least privilege without crippling development velocity? How do you ensure your defensive architecture is observable enough to alert you before the treasure is gone? What tripwires, deceptions, and cross-team compromises do you have to make to build a system of defenses that your organization can continue to tune and operate?

Great topics

the evolution of CNAPP
achieving least privilege using permission boundaries / zero trust implementations
logging / observability strategies for containers
building high-fidelity detection logic
regulatory compliance at scale

The Chimera’s Chaos: Offensive Security & Red Teaming

The Chimera was a terrifying hybrid: part lion, part goat, part snake, representing a threat that came from all angles. Modern cloud attacks are rarely one-dimensional; they are chained exploits that morph and move laterally. We are looking for the breakers and the researchers to show us the new face of these beasts. How are attackers combining misconfigurations to create new paths of compromise? When the threat is a hybrid of supply chain poison and infrastructure weakness, how do you simulate that in a Red Team exercise?

Great topics

supply chain vulnerability research
container escapes and breakouts
API abuse and gateway circumvention
undocumented API exploration
audit log evasion techniques
lateral movement in serverless architectures
advanced fuzzing techniques for cloud infrastructure

The Centaur’s Stride: DevSecOps, Automation & Culture

The Centaur represents the perfect union of human intellect and raw horsepower. This track is for those trying to bridge the gap between the speed of development and the wisdom of security. How do you help your organization gallop without stumbling? We are looking for stories about merging cultures and building “paved roads.” What tools act as the bridge between your security engineers and your developers, ensuring that speed does not come at the cost of safety? How are you leveraging orchestration to rapidly contain and recover from an active incident, minimizing the time the attacker has and the burden on security operators? The focus is on velocity, scalability, and resilience.

Great topics

“Paving the road” / Golden Path architecture
policy-as-code
developer experience (DevEx) and friction reduction
building security champions programs
Incident Response Game Day exercises
automated remediation workflows

What not to submit

All experience levels are welcome, but fwd:cloudsec attendees will typically have a fair amount of hands-on experience with cloud engineering and security. Introductory-level talks on broadly-deployed technologies, vendor presentations, or purely theoretical architecture talks will not be accepted and may not even be referred to the whole team for review.

fwd:cloudsec is specifically targeted at independent cloud security practitioners. There are great generalist Kubernetes and application security conferences out there, and while we welcome talks that touch on these areas, we’re less interested when they’re the sole focus of the talk — can you connect the talk to the type of practitioner, often in a central infrastructure or security team, who is concerned specifically with cloud configuration and defense?

As a smaller conference, the value is in bringing people together. Your talk will get audience questions, so bring something with white space to be filled in, challenges to be responded to and discussions to be started.

Speakers and reviewers are expected to disclose conflicts of interest — if research was paid for by a particular vendor, that’s not disqualifying but the chairs would like to know to ensure we stay neutral.

We want you to be selective in what you submit, so please follow the below restrictions — if you violate them, all your submissions may be denied:

Talks must be submitted by the author / speaker who performed the work, and not by PR agencies or marketing teams on the speaker’s behalf.
While cloud security is a team effort, talks may have at most two presenters. We’re happy to credit others in your abstract or posted slides.
Any speaker may only submit up to two talks. Where multiple presenters are speaking together, this counts any talk on which they are named as a speaker.

Disclosure policy

We support responsible disclosure. As an independent conference, that does not mean giving vendors or sponsors a veto over possible presentation topics. Submitters should inform vendors of any discovered vulnerability as early as possible to give them a chance to patch the issue, and we won’t accept any talks that have not made good-faith efforts to work through their vulnerability disclosure processes. But beyond that, we admire the work Project Zero has done here: 90 days from notification is generally a reasonable time to patch an issue, plus 30 days to coordinate disclosure. After that time has elapsed, it may be more important to let the public know than to continue to keep the issue under wraps. If you still have disagreements as to whether a vulnerability should be presented, let’s talk through options.

Support for diverse and first-time speakers

We especially encourage first-time speakers, women, and members of other groups less represented at security conferences to present at fwd:cloudsec — first pass reviews by our committee members are performed “blind” (without author information attached), though as we approach final selections we strive to build a balanced program and are proud to have a review committee comprised of many different backgrounds.

And if you’re interested in feedback or partnership on ideas before you submit, join us on the Cloud Security Forum slack — many of the review panelists and past speakers are active in #fwdcloudsec and will gladly talk through an idea. Some of our best past talks were developed through side channels and DMs.

And finally, if you’ve never spoken at a national conference before (something where most attendees do not live within a day’s drive), we’re especially interested in hearing from you and want to provide formal support to help you find the best fit talks. If you submit by Friday, February 28, we’ll share review committee feedback in depth and provide you a point of contact on the review committee who can offer suggestions to hone your talk for the fwd:cloudsec audience.

How to submit

Most talks are expected to be 20-minute lightning talks on a single topic. There are a limited number of 40-minute slots available, so when proposing a 40-minute talk, please be sure to include an agenda that explains how you will use the additional time. We may (and probably will) ask you to shorten your talk before it can be accepted.

Submissions must include:

Speaker name(s) and contact information
Presentation title
Preferred talk length — 20-minute or 40-minute
Abstract (will be shown on the schedule); please do not include identifying information in your abstract. Your abstract should focus on your content, not your bio, to support blind reviews
Speaker bio(s), limited to 100 words; this will be shown on the schedule but not used during selection.
A detailed description of the talk: explain what you are presenting, and how you intend to cover the topic. Do you intend to include a demo or release code? Here is a good place to include that information. In particular your detailed description should answer:
- What is already known about this topic?
- What is added by this talk?
- What are the implications for Cloudsec practitioners?
How can the audience benefit from watching your talk live? Will there be Q&A, live demos, or cans of Milo for great questions?
Other venues this talk has been presented or submitted. If the talk was given previously, what new information will be presented?
Any special presentation facilities that may be required (aside from power, projector, sound and Internet connectivity)
Any concerns with having your talk recorded for future open access
If your topic relates to a tool or code you’ve written, is that tool or code open-source, or will it be made open-source by the end of the conference?

Remember: The detailed description is for the review committee only. The more detail you include, the better the committee can judge your submission. An abstract is fine to tease the audience, but the detailed description needs to include the punchline.

Schedule

January 20 - Call for participation opens
Friday, February 13 - ROUND ONE SUBMISSIONS CLOSE at 11:59 pm Pacific Standard Time (GMT-8)
Monday, March 2 - Participants who submit by the Round One deadline will hear back from the program committee. First time speakers who requested feedback and met the submission criteria will receive feedback on how to improve during the second round. (We hope to provide feedback sooner — but reviews always take longer than we’d hope.)
Friday, March 20 - FINAL ROUND SUBMISSIONS CLOSE at 11:59 pm Pacific Daylight Time (GMT-7)
April 9 - Final acceptance, alternate and rejections are sent out
April 16 - Speakers must confirm attendance and hotel benefits (if applicable) by this date
April 23 - Schedule published to https://fwdcloudsec.org
Monday-Tuesday, June 1-2, 2026 - fwd:cloudsec North America held in Bellevue, WA and virtually

Submit your proposal

Proposals can be submitted via PreTalx.