Editor's Picks
Best Talks at fwd:cloudsec Europe 2025
Hand-picked from in-depth reviewer verdicts — the top 9 talks from this conference. Skip the noise, find the signal.
-
1
The Cloud is a Spider Web: But with Broken Threads
Nitesh Surana, Nelson William Gamazo Sanchez
Nitesh Surana and Nelson William Gamazo Sanchez, cloud threat researchers at Trend Micro, presented a sweeping investigation into two classes of cloud security vulnerabilities: **overly permissive cloud credentials embedded in URL parameters** (specifically Azure SAS tokens)…
0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★ -
2
Lurking in the (documentation) shadows: Why We Built the AWS Security Changes Project
Liad Eliyahu
Liad Eliyahu, head of research at **Miggo Security**, presented the story behind the **AWS Security Changes** project — an automated system that monitors all AWS documentation for security-relevant modifications, classifies them using a reasoning LLM, and makes them searchable…
0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★ -
3
A Candid Perspective on the Cloud Threat Landscape: What’s Real, What’s Not, and What Should Change
Curtis Hanson
Curtis Hanson, Managing Partner at **Invictus Incident Response** and a threat intelligence professional with over 10 years of experience, presented a first-of-its-kind **cloud-specific threat landscape** for 2025. Compiled exclusively from open-source intelligence across 20+…
0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway MUST SEE ★★★★★ -
4
SyncJacked - Hijacking Identities Through Entra Connect Synchronization
Tomer Nahum
Tomer Nahum, a security researcher at Semperis, presented two identity takeover vulnerabilities in **Microsoft Entra Connect** — the synchronization engine that bridges on-premises Active Directory with Entra ID (formerly Azure AD). The first vulnerability abuses the **soft…
0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway MUST SEE ★★★★★ -
5
Permission Impossible: Hidden Dangers of Azure RBAC and API Vulnerabilities
Ariel Simon
Ariel Simon, a security researcher at Token Security, presented a two-part discovery in Azure's permission model that chains overprivileged built-in roles with an API vulnerability to achieve a novel attack: escalating from a weak cloud user with read-only permissions to full…
0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway MUST SEE ★★★★★ -
6
Pods Without Borders: Lateral Movement in Azure Kubernetes Service
Nishaanth Guna
Nishaanth Guna, a senior security consultant at **MDSec**, presented a series of real-world attack scenarios drawn from assumed-breach assessments against large-scale **Azure Kubernetes Service (AKS)** environments across banking institutions and critical infrastructure. The…
0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway MUST SEE ★★★★★ -
7
Sweet Deception: Mastering AWS Honey Tokens to Detect and Outsmart Attackers
Nick Frichette
Nick Frichette, a security researcher at Datadog, delivered a technically deep examination of **AWS access key honey tokens** — their implementation mechanisms, detection capabilities, known weaknesses, and strategies for building a more resilient deception program. The talk…
0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway STRONG ACCEPT ★★★★☆ -
8
Confidence Predicts Accuracy and Other Lies About Cloud Security
Kat Traxler
Kat Traxler, a Principal Security Researcher at **Vectra AI** with a background in offensive cloud research across Google Cloud and AWS, delivered a provocative keynote arguing that the cloud security industry's fixation on posture management and least-privilege pursuit is…
0 Dr. Zero SOLID ★★★☆☆ H Heather Calloway MUST SEE ★★★★★ -
9
Ransomware protection with immutable AWS Backup - it's complicated ...
Paul Schwarzenberger, Kurtis Mash
Paul Schwarzenberger and Kurtis Mash presented the National Archives UK's journey to implement a centralized, immutable **AWS Backup** solution to protect their digital archives — which include records ranging from the Doomsday Book to the Magna Carta — against ransomware…
0 Dr. Zero SOLID ★★★☆☆ H Heather Calloway MUST SEE ★★★★★